wireshark command line
Does anyone know how to specify a capture filter for wireshark from command line. I looked in the documentation and saw something like "wireshark -f host [ipaddress]" should work but appearently my boss says it brings up a file open dialog box.
Anyone done this before?
P.S. This is being done on Solaris.
My guess is that he is not putting quotes around his capture filter. When I try running it like this
I get "file 80 cannot be opened" and an error about a buffer, however with quotes around 'port 80' it seems fine.
wireshark -f port 80