tshark command working on windows but not working on Centos

retag add tags

Hi, I am using below command to print data payload froma .pcap file. Command is working fine on windows 10 but not working on centos 7.6

tshark -r my.pcap -T fields -e http.file_data

Windos tshark version: 2.4.4 Centos tshark version 2.4.0

please help.

manurag11

asked 2020-05-01 11:32:32 +0000

edit flag offensive 0 remove flag close merge delete

Comments

And what does "not working" actually mean, no output, unexpected output or an error?

grahamb (2020-05-01 12:00:58 +0000) edit

There is no output though if i use tshark my.pcap -T fields -e http.file_data > my.txt cat my.txt | wc -l shows non zero number yet blank file

manurag11 (2020-05-01 12:10:33 +0000) edit

So null fields.

grahamb (2020-05-01 12:33:42 +0000) edit

Possibly there are different preference settings on the two machines so they dissect the capture differently or there is a bug in 2.4.0 that's been fixed in 2.4.4.

grahamb (2020-05-01 14:17:44 +0000) edit

using 2.4.4 now, still same issue.

manurag11 (2020-05-04 04:56:29 +0000) edit

add a comment see more comments

tshark command working on windows but not working on Centos edit

Comments

Be the first one to answer this question!

tshark command working on windows but not working on Centos