THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

How can I print the ethernet packet I see in Wireshark to a text file?

I have a device that only gives a status response on port 7000 when a request message comes in from port 7000. I am using a software to control this device and when I open the interface of this software, these request messages are automatically sent to the device and a response is received from the device. That is, when the control software is running (sending a request from port 7000 and replying from port 7000), this port is busy. I can view these packets in Wireshark. But since the software is running at that time (7000 port is busy), I cannot listen to this port with any other software. How does Wireshark display these packets? How can I print these packets that I view in Wireshark to a text file?

hatice.celik's avatar
1
hatice.celik
asked 2023-07-11 14:40:32 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

There are two questions here.

First is answered by this article which basically explains how packet capture can be inserted in the network stack. npcap takes care of this. On Unix based systems this paper forms the basis for packet capture.

The second question can be answered by the use of tshark rather than Wireshark. It generates text output using the save dissectors as Wireshark uses.

Jaap's avatar
13.7k
Jaap
answered 2023-07-11 18:22:44 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer