[GTALUG] Wireshark question -- script to extract data in TCP stream?

James Knott james.knott at rogers.com
Tue Sep 26 08:36:14 EDT 2017


On 09/26/2017 07:39 AM, Alvin Starr via talk wrote:
> you could capture only one way traffic by filtering the input  with
> something like "dst host 1.2.3.4".
> I am not sure how that would impact the  tcp stream following though.

I would expect the stream would include both directions.  If you're
trying to resolve a problem, you need to see both sides.


More information about the talk mailing list