[GTALUG] Wireshark question -- script to extract data in TCP stream?
Alvin Starr
alvin at netvel.net
Tue Sep 26 08:52:13 EDT 2017
On 09/26/2017 08:36 AM, James Knott via talk wrote:
> On 09/26/2017 07:39 AM, Alvin Starr via talk wrote:
>> you could capture only one way traffic by filtering the input with
>> something like "dst host 1.2.3.4".
>> I am not sure how that would impact the tcp stream following though.
> I would expect the stream would include both directions. If you're
> trying to resolve a problem, you need to see both sides.
>
I would agree but the original post requested the data in just 1 direction.
--
Alvin Starr || land: (905)513-7688
Netvel Inc. || Cell: (416)806-0133
alvin at netvel.net ||
More information about the talk
mailing list