tcpdump mailing list archives
How to convert from proprietary format to some generic libpcap format?
From: Ben Greear <greearb () candelatech com>
Date: Tue, 24 Jun 2003 13:48:19 -0700
I have a capture format that has slightly more information than
the standard libpcap format (I keep a flag to tell whether the packet
is coming in the interface or going out, and have a different header
as well.)
I plan to write a small utility that converts my format to
the standard libpcap format...
I see the pcap header in /usr/include/pcap.h, but I am curious
what the 'normal' values are for things like:
bpf_u_int32 magic;
u_short version_major;
u_short version_minor;
Thanks,
Ben
--
Ben Greear <greearb () candelatech com> <Ben_Greear AT excite.com>
President of Candela Technologies Inc http://www.candelatech.com
ScryMUD: http://scry.wanfear.com http://scry.wanfear.com/~greear
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- How to convert from proprietary format to some generic libpcap format? Ben Greear (Jun 24)
- Re: How to convert from proprietary format to some generic libpcap format? Richard Sharpe (Jun 24)
- Re: How to convert from proprietary format to some generic libpcap format? Ben Greear (Jun 24)
- Re: How to convert from proprietary format to some generic libpcap format? Richard Sharpe (Jun 24)