Update README.md

microsoft · Feb 10, 2021 · 1f0572c · 1f0572c
1 parent 81997ed
commit 1f0572c
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -8,9 +8,11 @@ as an ETW trace provider. Due to performance problems with the other popular pac
 method (WinPcap, which was included with older versions of Wireshark), ndiscap should be
 preferred. A capture can be collected with:
 
+```
 netsh trace start capture=yes report=disabled
-
+<repro>
 netsh trace stop
+```
 
 The file generated by ndiscap is an etl file, which can be opened by ETW-centric tools
 like Microsoft Message Analyzer, but cannot be opened by Wireshark, which is the preferred
@@ -23,7 +25,9 @@ Prebuilt binaries are available in the Releases section: https://github.com/micr
 
 Run the tool with:
 
+```
 etl2pcapng.exe in.etl out.pcapng
+```
 
 After converting the file, the tool prints a table which shows mappings between Windows
 interface indices and pcapng interface IDs.
@@ -39,9 +43,11 @@ this in mind when using the PID information.
 
 Run in the src directory in a Visual Studio Command Prompt:
 
+```
 msbuild -t:rebuild -p:configuration=release -p:platform=win32
 
 msbuild -t:rebuild -p:configuration=release -p:platform=x64
+```
 
 # History