Fwd: Regarding Pcapdump

["v rakesh" <rakesh434 () gmail com>]

Dear All,
       I have been working on ns-2.26 for my experimental studies .I have
been generating ns2 trace file to evaluate my experiments.As now I have seen
ethereal which proved to be very good for my experiments I have decided  to
dump in pcap format.But as I open the same file in ethereal ,it was unable
to recognize the file format.I have dumped into the pcap file in the
following format.
Global file header | Pcap pkt hdr | packet data . Global header is the
structure containing magic-number, version-major , version-minor , thiszone
, sigfigs, snaplen &network.I have initialized network to DLT_RAW and i just
dumped the pcap_pkthdr containing two timestamps ,capture length and
original length and then i dumped Ipheader and packet
data.Surprisinglyirrespctive of the size of the file formed the
ethereal is able to show only
three frames out of them two are malformed packets.
I recognized  that there might be a problem in dumping so I have written a
small file in pcap format that contains a Global header ,a single
pcap_pkthdr and  some packet data .Here packet data means ipheader and
packet data . It was said that dumping in pcap format is  very easy but I
wasnt able to be so. I am eager to use to use ethereal for my expereimental
studies and i am sure that it would be of great help to me.
Ethereal has proved to be a powerful tool  to analyze and capture packets
and i wish there would be more growth in the near future.
Hoping for your early reaponse.
Thanks and reagards,
Rakesh.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.