Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

tshark capture filter

Posted on 2009-04-08
4
Medium Priority
?
1,336 Views
Last Modified: 2012-05-06
Hello:

I would like a capture filter that allows me to capture everything *except* the data payload. I want all the header, frame and protocol stuff, just not the data.

Kind of like 'tshark -i eth0 -V -EXCLUDE_DATA_PAYLOAD > capture.txt

Does anyone know how to do this?
0
Comment
Question by:DesertShark2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 16

Accepted Solution

by:
SteveJ earned 2000 total points
ID: 24109073
The easiest way would just be to capture 40-60 bytes unless you have a very small number of protocols.

Good luck,
Steve
0
 

Author Comment

by:DesertShark2
ID: 24110443
OK, I will try that at 60 bytes and report.
0
 
LVL 16

Expert Comment

by:SteveJ
ID: 24111223
Hey  DesertShark2 . . . I am lazy and that seemed easier to me than having to define IP vs TCP vs UDP vs SMB vs SIP vs STP vs IGMP vs etc, etc, etc headers and the precision it would require.

Good luck,
Steve "Mr Lazy"
0
 

Author Closing Comment

by:DesertShark2
ID: 31568095
Wow, it was so easy all along...thanks!
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question