https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16649
Bug ID: 16649
Summary: tcp.flags.str doesn't display the string properly in
either a powershell or cmd command prompt.
Product: Wireshark
Version: Git
Hardware: x86-64
OS: Windows 10
Status: UNCONFIRMED
Severity: Normal
Priority: Low
Component: TShark
Assignee: bugzilla-ad...@wireshark.org
Reporter: christopher.mayn...@igt.com
Target Milestone: ---
Build Information:
TShark (Wireshark) 3.3.0 (v3.3.0rc0-1433-gcac1426dd6b2)
Compiled (64-bit) with WinPcap SDK (WpdPack) 4.1.2, with GLib 2.52.3, with zlib
1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4, with GnuTLS 3.6.3
and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB
resolver, with nghttp2 1.39.2, with brotli, with LZ4, with Zstandard, with
Snappy, with libxml2 2.9.9.
Running on 64-bit Windows 10 (1909), build 18363, with Intel(R) Xeon(R) CPU
E3-1505M v5 @ 2.80GHz (with SSE4.2), with 16225 MB of physical memory, with
locale English_United States.1252, with WinPcap version 4.1.3 (packet.dll
version 4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008),
with GnuTLS 3.6.3, with Gcrypt 1.8.3, with brotli 1.0.2, binary plugins
supported (0 loaded).
Built using Microsoft Visual Studio 2019 (VC++ 14.25, build 28610).
--
tshark.exe -r tcpfile.pcap -c 1 -T fields -e frame.number -e tcp.flags -e
tcp.flags.str
1 0x00000002 A·A·A·A·A·A·A·A·A·A·SA·
As a work-around, using Didier Stevens tcp-flags-postdissector Lua dissector[1]
(tweaked to replace '*' with '.' for unset bits):
tshark.exe -r tcpfile.pcap -c 1 -T fields -e frame.number -e tcp.flags -e
tcpflags.flags
1 0x00000002 ........S.
See also:
https://stackoverflow.com/questions/62516712/tshark-tcp-hex-flags-to-text-labels
[1]: https://blog.didierstevens.com/2014/04/28/tcp-flags-for-wireshark/
--
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe