Re: Merging many files

[Christian Kreibich <christian () whoop org>]

Hi,

On Mon, 2004-08-30 at 01:05, César Cárdenas wrote:
> Hi:
>
> I've captured many files (more than 200) with Ethereal for Windows and now
> I would like to merge them...I already reviewed the mergecap.exe documentation
> but still a much time-consuming activity.

may I ask why?

> http://www.ethereal.com/docs/man-pages/mergecap.1.html
>
> Do you know any other way for merging many files?

I'm not sure if this'll help you, but you could use Bro:

  http://www.icir.org/vern/bro-info.html
  
like this:

  bro -r 1.trace -r 2.trace ... -r n.trace -w out.trace

I'm not sure what happens if you pass more files than you can have open
file descriptors, though that could be helped by a few merging passes
(bit of shellscripting with xargs etc).

Cheers,
Christian.
-- 
________________________________________________________________________
                                          http://www.cl.cam.ac.uk/~cpk25
                                                    http://www.whoop.org


-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.