Wireshark mailing list archives
Re: Redirecting Wireshark output through a socket
From: Jeff Morriss <jeff.morriss.ws () gmail com>
Date: Thu, 15 Oct 2009 14:30:54 -0400
Gustavo wrote:
Hello everybody. I was asked to study a way for communicating between Wireshark and a commercial tool in Windows. Wireshark should analyze network traffic, dissect it and pass (part of) it to the commercial tool for further analysis and statistics.
What exactly do you want to feed into the other tool? The ASCII decode like:
Ethernet II, Src: 00:14:4f:94:bb:0d (00:14:4f:94:bb:0d), Dst: 00:0e:0c:b5:22:3b (00:0e:0c:b5:22:3b) Destination: 00:0e:0c:b5:22:3b (00:0e:0c:b5:22:3b) Address: 00:0e:0c:b5:22:3b (00:0e:0c:b5:22:3b) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Source: 00:14:4f:94:bb:0d (00:14:4f:94:bb:0d) Address: 00:14:4f:94:bb:0d (00:14:4f:94:bb:0d) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Type: IP (0x0800)
? In that case you should probably use 'tshark' and you could (I suppose this would work on Windows) do something like: tshark -V -r /some/cap/file | the_other_analyzer though I doubt that the commercial tool will really understand this output... ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Redirecting Wireshark output through a socket Gustavo (Oct 15)
- Re: Redirecting Wireshark output through a socket Jeff Morriss (Oct 15)
- Re: Redirecting Wireshark output through a socket Stephen Fisher (Oct 15)
- Re: Redirecting Wireshark output through a socket Eloy Paris (Oct 15)
- Re: Redirecting Wireshark output through a socket Gustavo (Oct 16)
- Re: Redirecting Wireshark output through a socket Peter Ross (Oct 16)
- Re: Redirecting Wireshark output through a socket Jaap Keuter (Oct 16)
- Re: Redirecting Wireshark output through a socket Jeff Morriss (Oct 16)
- Re: Redirecting Wireshark output through a socket Gustavo (Oct 19)
- Re: Redirecting Wireshark output through a socket Stephen Fisher (Oct 15)
- Re: Redirecting Wireshark output through a socket Jeff Morriss (Oct 15)