2022-10-09 16:44:25 +00:00
|
|
|
Rawshark (Wireshark) 4.1.0 (v4.1.0rc0-428-g517d2be1494f)
|
2017-09-25 21:06:37 +00:00
|
|
|
Dump and analyze network traffic.
|
|
|
|
See https://www.wireshark.org for more information.
|
|
|
|
|
|
|
|
Usage: rawshark [options] ...
|
|
|
|
|
|
|
|
Input file:
|
|
|
|
-r <infile> set the pipe or file name to read from
|
|
|
|
|
|
|
|
Processing:
|
|
|
|
-d <encap:linktype>|<proto:protoname>
|
|
|
|
packet encapsulation or protocol
|
|
|
|
-F <field> field to display
|
|
|
|
-m virtual memory limit, in bytes
|
|
|
|
-n disable all name resolution (def: all enabled)
|
2018-10-05 06:54:55 +00:00
|
|
|
-N <name resolve flags> enable specific name resolution(s): "mnNtdv"
|
2017-09-25 21:06:37 +00:00
|
|
|
-p use the system's packet header format
|
|
|
|
(which may have 64-bit timestamps)
|
|
|
|
-R <read filter> packet filter in Wireshark display filter syntax
|
|
|
|
-s skip PCAP header on input
|
|
|
|
|
|
|
|
Output:
|
|
|
|
-l flush output after each packet
|
|
|
|
-S format string for fields
|
|
|
|
(%D - name, %S - stringval, %N numval)
|
|
|
|
-t ad|a|r|d|dd|e output format of time stamps (def: r: rel. to first)
|
2022-01-02 16:39:07 +00:00
|
|
|
|
2021-06-20 09:29:35 +00:00
|
|
|
Diagnostic output:
|
2021-06-27 09:29:00 +00:00
|
|
|
--log-level <level> sets the active log level ("critical", "warning", etc.)
|
|
|
|
--log-fatal <level> sets level to abort the program ("critical" or "warning")
|
2022-10-09 16:44:25 +00:00
|
|
|
--log-domains <[!]list> comma-separated list of the active log domains
|
|
|
|
--log-fatal-domains <list>
|
|
|
|
list of domains that cause the program to abort
|
|
|
|
--log-debug <[!]list> list of domains with "debug" level
|
|
|
|
--log-noisy <[!]list> list of domains with "noisy" level
|
2021-06-27 09:29:00 +00:00
|
|
|
--log-file <path> file to output messages to (in addition to stderr)
|
2017-09-25 21:06:37 +00:00
|
|
|
|
2022-01-02 16:39:07 +00:00
|
|
|
|
2017-09-25 21:06:37 +00:00
|
|
|
Miscellaneous:
|
|
|
|
-h display this help and exit
|
|
|
|
-o <name>:<value> ... override preference setting
|
|
|
|
-v display version info and exit
|