We had a command which used to work with previous version of wireshark (1) but does not working with latest version (1.6.1)
"C:\Program Files开发者_运维技巧\Wireshark\tshark.exe" -i \Device\NPF_{282F8D86-F9CC-4575-8F20-7E9F5B04BB89} -l -q -R "h245" -S -T pdml -w C:\capture_0.cap "(host 172.24.161.49 or host 172.24.161.34 and not port 80 and not port 23) and tcp" 1>C:\capture_0.xml
It is giving the error message: "tshark: Read filters aren't supported when capturing and saving the captured packets."
what is wrong with this command?
FYI - I do have a complete cygwin installed on this machine. Will it make any difference?
Try with version 1.2.5 or earlier - it used to work back then. For some unknown reason this limitation was introduced.
精彩评论