X-Git-Url: https://git.teslayout.com/public/public/public/?p=anna.git;a=blobdiff_plain;f=example%2Fdiameter%2FpcapDecoder%2FtsharkDecoder.sh;h=6b14320d6e85900407744a82a14b7c0898f17848;hp=64fd44bf1de54ce06f2b517726cb0aefd28103c5;hb=37e9fbf9c427f6cedb6da49959eae8e6c44fd9ec;hpb=8a29a0d920cda3366e3fe84f8cedb0dac14eb8d8

diff --git a/example/diameter/pcapDecoder/tsharkDecoder.sh b/example/diameter/pcapDecoder/tsharkDecoder.sh
index 64fd44b..6b14320 100755
--- a/example/diameter/pcapDecoder/tsharkDecoder.sh
+++ b/example/diameter/pcapDecoder/tsharkDecoder.sh
@@ -107,7 +107,11 @@ RESULTS_DIR=`dirname $PCAP_FILE`
 # Fields needed (we won't need diameter.hopbyhopid & diameter.endtoendid to verify diameter message as hint patterns; length management will be enough):
 FIELDS_DIAMETER="-e diameter.cmd.code -e diameter.flags.request -e diameter.applicationId -e diameter.hopbyhopid -e diameter.endtoendid -e diameter.length"
 FIELDS="-e frame.number -e frame.time_epoch -e ip.src_host -e ip.dst_host $FIELDS_DIAMETER -e tcp.len -e frame.protocols -e tcp.segment"
-tshark -E separator="|" -r $PCAP_FILE -N mntC -Tfields $FIELDS 2>/dev/null | grep -i diameter > $tmpdir/diameter_frames
+# Disect selectors
+#   13868 port for Ericsson Sy
+DISECT_SELECTORS="-d tcp.port=13868,diameter"
+
+tshark -E separator="|" -r $PCAP_FILE -N mntC -Tfields $FIELDS $DISECT_SELECTORS 2>/dev/null | grep -i diameter > $tmpdir/diameter_frames
 # Example output:
 #                                                                               /length\
 # frame     timestamp        src     dst   code R  App-ID   HopByHop   EndToEnd DIAM TCP          protocol                         segments