implented Wireshark filter

Stefan Lekov · Stefan Lekov · commit 9d5cfbf6965e · 2025-01-23T16:59:31.000+02:00
diff --git a/remoteShark.py b/remoteShark.py
@@ -58,6 +58,7 @@ class AppConfig:
     dumpFilter = 'not port 22'
     remotePcapFile = None
     compression = None
+    wiresharkFilter = ''
     
     debug = 0
     fragmentedFilter = False
@@ -168,6 +169,15 @@ def __init__(self, argv):
                 i = i + 1
                 continue
 
+            if argv[i] == '--wireshark-filter' or argv[i] == '-w':
+                if argc <= i + 1:
+                    printf("%s requires an argument\n", argv[i])
+                    sys.exit(1)
+                else:
+                    self.wiresharkFilter = argv[i+1]
+                i = i + 2
+                continue
+
             if argv[i] == '--interface' or argv[i] == '-i':
                 if argc <= i + 1:
                     printf("%s requires an argument\n", argv[i])
@@ -531,7 +541,10 @@ def runWireshark(self):
             printf('Running command remote "%s"\n', tcpdumpCMD)
 
         # Wireshark is run with the same arguments for all OS
-        wireCmd = [cfg.wiresharkPath, '-k', '-i', '-']
+        if len(self.cfg.wiresharkFilter) > 0:
+            wireCmd = [cfg.wiresharkPath, '-k', '-i', '-', '-Y', self.cfg.wiresharkFilter]
+        else:
+            wireCmd = [cfg.wiresharkPath, '-k', '-i', '-']
 
         self.setupSignals()
 
