标签: wireshark tshark
我希望在特定条件之后转储流中的所有TCP流量的单行。换句话说,我想做类似的事情:
tshark -i wlan0 -s 0 -z follow,tcp,raw,x x=`tshark -i wlan0 -s 0 -Y 'http.request.full_uri contains "blah-blah" and http.request.method == GET' -n -Tfields -e tcp.stream`
我该怎么做?
答案 0 :(得分:-1)
具有更多信息的解决方案见:https://ask.wireshark.org/questions/49283/tshark-follow-tcp-stream-upon-condition