I tried using the Unix one and I am getting this:
Capturing on 'Wi-Fi'
tshark: Invalid capture filter "–r SIPphone.pcap -T fields -e frame.time -e tcp.stream -e ip.src -e ip.dst -e _ws.col.Protocol -e tcp.srcport -e tcp.dstport -e tcp.len -e tcp.window_size -e tcp.flags.syn -e tcp.flags.ack -e tcp.flags.push -e tcp.flags.fin -e tcp.flags.reset -e ip.ttl -e _ws.col.Info -e tcp.analysis.ack_rtt -e vlan.id" for interface 'Wi-Fi'.
That string isn't a valid capture filter (illegal token).
See the User's Guide for a description of the capture filter syntax.
Figured it out... the pcap2csv.sh has a char that OS X tshark doesn't like.
"do tshark –r "$f" -T fields -e f"
Notice the dash in front of the "r" is longer than the others... once I replaced that with a regular dash, it started working fine.
Maybe the dev will update in the next version.
Figured it out... the pcap2csv.sh has a char that OS X tshark doesn't like.
"do tshark –r "$f" -T fields -e f"
Notice the dash in front of the "r" is longer than the others... once I replaced that with a regular dash, it started working fine.
Maybe the dev will update in the next version.