当我们使用命令跟踪tcp stream时:
tshark -q -r test.pcap -z follow,tcp,ascii,0
将在流输出的中间以TCP长度获得以下输出。
如何消除tcp.len?我们是否有任何tshark命令只打印TCP流输出而不是tcp.len
Follow: tcp,ascii
Filter: tcp.stream eq 0
Node 0: 10.10.30.50:57887
Node 1: 10.10.30.95:4902
**1448** ---> this is tcp length
POST /pushnotification/v1.0/message HTTP/1.1
Accept: */*
Host: 10.10.30.95:4902
Connection: Close
Content-Type: application/json
Authorization: Basic QWxhZGRpbjpraHVsamFzaW1zaW0=
Content-Length: 1277
{"push-message":{"serviceName":"Sync App","TTL":"600","recipients":[{"uri":"sip:919880018501@lab.t-mobile.com"}],"channel":"","pns-type":"RCSPage","pns-subtype":"Chat","nmsEventList":{"nmsEvent":[{"changedObject":{"parentFolder":"https:///oemclient/nms/v1/ums/tel%3a%2b1234567890/folders/97d38f52-bed0-4046-8784-bb110e3b0ea3","flags":{"flag":["\\RECENT"]},"resourceURL":"https://resourceurl","correlationId":"75114622-099d-4503-8166-e84bd1b620dc","message":{"id":"1","store":"RCSMessageStore/Chat","objectURL":"https://data1","direction":"In","message-time":"2016-05-19T08:46:49-08:00","status":"RECENT","sender":"sip:1234","recipients":[{"uri":"sip:2345"}],"imdn-message-id":"75114622-099d-4503-8166-e84bd1b620dc","content":[{"rcs-data":{"sip-call-id":"005056884776-4d72-eb161700-1e2-571fa736-a0e46","feature-tag":"urn:urn-7:3gpp-service.ims.icsi.oma.cpm.msg.group","p-asserted-service":"urn:urn-7:3gpp-service.ims.icsi.oma.cpm.msg.group","contribution-id":"e0a1029e-a48b-4ca6-b185-299dada439be","conversation-id":"2dbc584e-
**38** ---> this is tcp length
fc46-4a37-9a56-c2b93246d788"}}]}}}]}}}
**17**
HTTP/1.0 200 OK
**35**
Server: BaseHTTP/0.3 Python/2.6.6
**37**
Date: Mon, 12 Feb 2018 19:14:17 GMT
**2**
**9**
Thread-1