tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fwd: Regarding Pcapdump

From: Guy Harris <guy () alum mit edu>
Date: Thu, 29 Nov 2007 11:22:26 -0800
v rakesh wrote:

It was said that dumping in pcap format is  very easy but I
wasnt able to be so.
Dumping in pcap format is *very* easy if you use libpcap, rather than writing your own code to dump it. Have you tried, for example, doing 

        pcap_t *p;
        pcap_dumper_t *d;

        p = pcap_open_dead(DLT_RAW, 65535);
        d = pcap_dump_open(p, "pcap_file");
and then use pcap_dump() to write to "d" and close it with "pcap_dump_close()"? 
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: