tshark -w data.pcap
#!/bin/bash TSHARK=tshark PCAP=./data.pcap # write the streams to individual files
while read stream
do
echo "writing stream $stream --> $stream.txt"
$TSHARK -qz follow,tcp,ascii,$stream -r $PCAP > $stream.txt
done < <($TSHARK -T fields -e tcp.stream -r $PCAP | sort | uniq)
沒有留言:
張貼留言