{{tag>Réseau Sniff Packet}} # Notes analyse de paquets réseau avec Wireshark Voir : * https://www.redhat.com/en/blog/network-packet-captures * https://www.redhat.com/en/blog/introduction-wireshark Voir aussi : * [[Notes tcpdump|tcpdump]] * https://kvz.io/blog/analyze-http-requests-with-tshark.html ## Wireshark - filtres Paquets en erreurs ? ~~~ !_ws.expert.message == "Retransmission (suspected)" && !_ws.expert.message == "Duplicate ACK (#1)" && !_ws.expert.message == "Out-Of-Order segment" ~~~ ~~~bash TZ="Europe/Paris" tshark -n -tad -r tcpdump_client.pcap -Y "smb2.cmd == 5" ~~~ ~~~ $ TZ="Europe/Paris" capinfos -aeuc tcpdump_client.pcap File name: 0050-nonworking_cp_tcpdump_client.pcap Number of packets: 2,720 k Capture duration: 111.092169 seconds First packet time: 2022-08-19 14:43:44.519951 Last packet time: 2022-08-19 14:45:35.612120 ~~~ FIXME