User Guide

ManualsBrandsWireshark ManualsSoftwareWireshark Wireshark - 0.99.5

171

172

173

174

175

176

177

178

179

180

Network interface names should match one of the names lis-

ted in wireshark -D (described above); a number, as reported

by wireshark -D, can also be used. If you're using UNIX,

netstat -i or ifconfig -a might also work to list interface

names, although not all versions of UNIX support the -a flag

to ifconfig.

If no interface is specified, Wireshark searches the list of in-

terfaces, choosing the first non-loopback interface if there are

any non-loopback interfaces, and choosing the first loopback

interface if there are no non-loopback interfaces; if there are

no interfaces, Wireshark reports an error and doesn't start the

capture.

Pipe names should be either the name of a FIFO (named pipe)

or ``-'' to read data from the standard input. Data read from

pipes must be in standard libpcap format.

-k The -k option specifies that Wireshark should start capturing

packets immediately. This option requires the use of the -i

parameter to specify the interface that packet capture will oc-

cur from.

-l This option turns on automatic scrolling if the packet list pane

is being updated automatically as packets arrive during a cap-

ture ( as specified by the -S flag).

-L List the data link types supported by the interface and exit.

-m <font> This option sets the name of the font used for most text dis-

played by Wireshark. XXX - add an example!

-n Disable network object name resolution (such as hostname,

TCP and UDP port names).

-N <name resolving flags> Turns on name resolving for particular types of addresses and

port numbers; the argument is a string that may contain the

letters m to enable MAC address resolution, n to enable net-

work address resolution, and t to enable transport-layer port

number resolution. This overrides -n if both -N and -n are

present. The letter C enables concurrent (asynchronous) DNS

lookups.

-o <preference/recent settings> Sets a preference or recent value, overriding the default value

and any value read from a preference/recent file. The argu-

ment to the flag is a string of the form prefname:value, where

prefname is the name of the preference (which is the same

name that would appear in the preference/recent file), and

value is the value to which it should be set. Multiple instances

of -o <preference settings> can be given on a single com-

mand line.

An example of setting a single preference would be:

wireshark -o mgcp.display_dissect_tree:TRUE

An example of setting multiple preferences would be:

wireshark -o mgcp.display_dissect_tree:TRUE -o

mgcp.udp.callagent_port:2627

Customizing Wireshark

157