![]() ![]() I wanted to combine these 4 properties into 2 protocol independent source and destination port properties. Tshark puts TCP and UDP port numbers in different fields prefixed by the protocol ( tcp_ and udp_). If this object is empty we know we’re not processing packet data and the function essentially ends there as the if statement that contains the rest of our logic evaluates the condition to false. ![]() We can see from the tshark json output this is where all relevant data is. We first convert the layers property to a PowerShell object. I won’t break down the function too much as it’s mostly self explanatory, but there are a few things worth noting. Write-Output $Packet | Select Protocol, SrcIP, SrcPort, DstIP, DstPort PS C:\>
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |