I am using
Simulatenously I am sniffing the traffic on a seperate monitor interface with
When I open the trace in Wireshark, it is recognized as an udp packet. However, tshark doesn't even recognize these packets as ip packets. Filters such as
Does anyone know why this is, and is there a way to change this behaviour of tshark?
asked 30 Jan '15, 04:13
Since Wireshark and tshark use the same dissection engine, they should show the same results. Assuming you're using tshark and wireshark on the same machine.
One other thing to take into account is to check whether you're using the same configuration profile in tshark and wireshark.
Can you share the output of
answered 30 Jan '15, 05:45