Wireshark- Follow TCP Stream

StackOverflow https://stackoverflow.com/questions/21373824

Question

How to invoke the GUI option of follow tcp stream using command line on Windows? I've read that there is something like tcpflow but on using it, Wireshark says command not found.

The OS I am using is windows and I want to capture and save an HTTP stream.

Was it helpful?

Solution

You can use dumpcap.exe which should be in the same folder with wireshark.exe

  1. dumpcap.exe -D
    This command used to get your interface index list

  2. dumpcap.exe -f "tcp port 80" -w YOUR_OUT_PUT_FILE -i YOUR_INTERFACE_INDEX

    This command used to dump the packet. And you may got multiple tcp screams with this command. I think this is its limitation.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top