when wireshark exports to a file, there is a line that says if the packet is a reassembled one, and which other packet it consists of: like this: 10 Reassembled TCP Segments (13611 bytes): #4411(1420), #4412(1420), #4414(1420), #4415(1420), #4416(1420), #4417(1420), #4418(1420), #4419(1420), #4420(1420), #4421(831) I'm trying to get the same information exported using the command line. currently I'm trying tshark. which fields should be included? asked 26 Mar '12, 04:00  gamba |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
