Dear wireskarks experts, Hope this topis find you well. I am doing a project for my course network forensics. I build a website that allow users to upload the pcap file and I send it to the terminal with tshark command and then store it as csv file and then parse that file and store it in database phpmyadmine. My question I want the command that can specify or extract the tcp and udp instead of getting numbers(I want the explicit name of the protocol tcp or udp instead of getting numbers(6, 17) i want to get tcp or udp). : Here is my Command system('tshark -r '.$final.' -T fields -e frame.number -e frame.time -e eth.src -e eth.dst -e ip.src -e ip.dst -e ip.proto -e tcp.analysis.spurious_retransmission -E header=y -E separator=, -E quote=d -E occurrence=f > file.csv'); Also, I want to do a piechart, and graph. Do you have any suggestions for that ? maybe commands, or any other ideas? I am using php for front and backend(shell_exec()); Best-wishes Small and humble wire shark Samia M
asked 07 Apr '16, 13:41  Samia Muhammad |
One Answer:
Well, if you are using PHP anyway, why not simply replace 6 with TCP and 17 with UDP, before you store/process the data !?!
There are tons of PHP chart libraries out there. Simply pick one of them. Regards answered 19 Apr '16, 13:53  Kurt Knochner ♦ edited 19 Apr '16, 13:53 |
