[Wireshark-bugs] [Bug 16649] New: tcp.flags.str doesn't display the string properly in either a powershell or cmd command prompt.

Mon, 22 Jun 2020 18:35:04 -0700 

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16649

            Bug ID: 16649
           Summary: tcp.flags.str doesn't display the string properly in
                    either a powershell or cmd command prompt.
           Product: Wireshark
           Version: Git
          Hardware: x86-64
                OS: Windows 10
            Status: UNCONFIRMED
          Severity: Normal
          Priority: Low
         Component: TShark
          Assignee: bugzilla-ad...@wireshark.org
          Reporter: christopher.mayn...@igt.com
  Target Milestone: ---

Build Information:
TShark (Wireshark) 3.3.0 (v3.3.0rc0-1433-gcac1426dd6b2)

Compiled (64-bit) with WinPcap SDK (WpdPack) 4.1.2, with GLib 2.52.3, with zlib
1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4, with GnuTLS 3.6.3
and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB
resolver, with nghttp2 1.39.2, with brotli, with LZ4, with Zstandard, with
Snappy, with libxml2 2.9.9.

Running on 64-bit Windows 10 (1909), build 18363, with Intel(R) Xeon(R) CPU
E3-1505M v5 @ 2.80GHz (with SSE4.2), with 16225 MB of physical memory, with
locale English_United States.1252, with WinPcap version 4.1.3 (packet.dll
version 4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008),
with GnuTLS 3.6.3, with Gcrypt 1.8.3, with brotli 1.0.2, binary plugins
supported (0 loaded).

Built using Microsoft Visual Studio 2019 (VC++ 14.25, build 28610).
--
tshark.exe -r tcpfile.pcap -c 1 -T fields -e frame.number -e tcp.flags -e
tcp.flags.str
1       0x00000002      A·A·A·A·A·A·A·A·A·A·SA·

As a work-around, using Didier Stevens tcp-flags-postdissector Lua dissector[1]
(tweaked to replace '*' with '.' for unset bits):

tshark.exe -r tcpfile.pcap -c 1 -T fields -e frame.number -e tcp.flags -e
tcpflags.flags
1       0x00000002      ........S.


See also:
https://stackoverflow.com/questions/62516712/tshark-tcp-hex-flags-to-text-labels

[1]: https://blog.didierstevens.com/2014/04/28/tcp-flags-for-wireshark/

-- 
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

Reply via email to