Tshak¶ 只看解析部分 用法¶ Bash1 2 3tshark [ -i <capture interface>|- ] [ -f <capture filter> ] [ -2 ] [ -r <infile> ] [ -w <outfile>|- ] [ options ] [ <filter> ] tshark -G [ <report type> ] [ --elastic-mapping-filter <protocols> ] 打印报文¶ Bash1tshark -r $1 -T fields -e ip.src -e ip.dst -e ip.proto -e tcp.srcport -e tcp.dstport 过滤报文¶ Bash1 tshark -Y "tcp.port == 58125" -r 1.pcap 参考¶ tshark-man-pages