Hi, I'm writing a Lua program to process data that captured by tshark, and I'm in need for a filter to separate inbound traffic from outbound traffic in our network to process each group alone. Can some one help me in this, because I'm new in both: Lua and Wireshark. Thanks
asked 25 Jan '12, 22:39
edited 26 Jan '12, 00:46
I'm assuming you're interested in IP traffic only.
You would create two taps (aka "Listeners") -- one filtered for incoming packets to your host and another for outgoing:
You can also load this from Wireshark (as shown in a recent post).
answered 02 Feb ‘12, 18:53