Solved

tshark capture filter

Posted on 2009-04-08
4
1,308 Views
Last Modified: 2012-05-06
Hello:

I would like a capture filter that allows me to capture everything *except* the data payload. I want all the header, frame and protocol stuff, just not the data.

Kind of like 'tshark -i eth0 -V -EXCLUDE_DATA_PAYLOAD > capture.txt

Does anyone know how to do this?
0
Comment
Question by:DesertShark2
  • 2
  • 2
4 Comments
 
LVL 16

Accepted Solution

by:
SteveJ earned 500 total points
ID: 24109073
The easiest way would just be to capture 40-60 bytes unless you have a very small number of protocols.

Good luck,
Steve
0
 

Author Comment

by:DesertShark2
ID: 24110443
OK, I will try that at 60 bytes and report.
0
 
LVL 16

Expert Comment

by:SteveJ
ID: 24111223
Hey  DesertShark2 . . . I am lazy and that seemed easier to me than having to define IP vs TCP vs UDP vs SMB vs SIP vs STP vs IGMP vs etc, etc, etc headers and the precision it would require.

Good luck,
Steve "Mr Lazy"
0
 

Author Closing Comment

by:DesertShark2
ID: 31568095
Wow, it was so easy all along...thanks!
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Is your computer hacked? learn how to detect and delete malware in your PC
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

838 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question