[kwlug-disc] Wireshark question -- script to extract data in TCP stream?

[William Park]

To network experts...

>From Wireshark, I can click "TCP Follow" tab and extract one-way data
flow from a tcp stream.  I can do this manually, one by one.  But, I
have many many streams.

Does anyone know how to extract one-way data stream via script?

Google says
    tshark -q -r capture.pcapng -z follow,tcp,raw,0
where '0' is the tcp stream number 0.  But, it gives me data moving both
ways.  I just want data moving one-way.
-- 
William Park <opengeometry at yahoo.ca>