The script (macOS) is called as such:
./Sharksort <all or part of wlan.addr> file-name
example: ./Sharkesort 42:80 Store-1-pass1.pcapng
The output should be all traffic to/from clients containing 42:80 in their hardware address.
for stream in tshark -r $2 -Y "wlan.addr contains $1";
do
tshark -r $2 -w client-$1.pcapng;
done
I am getting the following:
tshark: An error occurred while writing to the file "client-42:80.pcapng": Internal error.
tshark: An error occurred while writing to the file "client-42:80.pcapng": Internal error.
tshark: An error occurred while writing to the file "client-42:80.pcapng": Internal error.
The output file contains only the 1st few packets. Thanks for your help.
Why the for loop? Why not just do this?
tshark -r $2 -Y "wlan.addr contains $1" -w client-$1.pcapng