tcpdump mailing list archives
simple pcap-trace manipulation tools
From: Willem de Bruijn <wdebruij () dds nl>
Date: Wed, 5 Apr 2006 10:53:05 +0200
hi everyone, I've had to work with libpcap quite a bit in the last years, during which I found myself having to develop some tracefile-tools that might be of interest to others as well. I don't make a habit of spamming, but figured this was worth a single message to the list. In a nutshell: pcap-enlarger blows up a tracefile by outputting each element in the input stream multiple times (no timestamp adjustments), pcap-endianness-switcher reverts endianness of a stream (obviously) and pcap2rawstream purges pcap headers from traces to generate raw streams. Again, they're pretty simple. If you could make use of these, get them at http://www.few.vu.nl/~wdb/various/code/index.php#pcap . Naturally, this is all open-source. cheers, Willem de Bruijn - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- simple pcap-trace manipulation tools Willem de Bruijn (Apr 05)