Default output of tshark has an arrow icon between _ws.col.Source and _ws.col.Destination like this:
13 1.001761 192.168.1.246 → dns.google ICMP 98 Echo (ping) request id=0x1d5b, seq=48154/6844, ttl=63
When I apply my own specified output, referring to this answer, the → icon disappears.
13 1.001761 192.168.1.246 dns.google ICMP 98 Echo (ping) request id=0x1d5b, seq=48154/6844, ttl=63
What should I do to show the the → icon to the output when I need to use my own filter?
You can't achieve this using -T fields, but you can by specifying the column format option.
Compare the output of this:
tshark.exe -T fields -e frame.number -e frame.time_delta -e _ws.col.Source -e _ws.col.Destination -e _ws.col.Protocol -e ip.len -e _ws.col.Info
... with the output of this:
Windows:
tshark.exe -o "gui.column.format:\"No.\",\"%m\",\"DeltaTime\",\"%Gt\",\"Source\",\"%s\",\"Destination\",\"%d\",\"Protocol\",\"%p\",\"IP Length\",\"%Cus:ip.len\",\"Info\",\"%i\""
*nix:
tshark.exe -o 'gui.column.format:"No.","%m","DeltaTime","%Gt","Source","%s","Destination","%d","Protocol","%p","IP Length","%Cus:ip.len","Info","%i"'
Run tshark -G column-formats for more information about the column formats.