Re: Trace conversion.

[Michael Richardson <mcr () sandelman ottawa on ca>]

-----BEGIN PGP SIGNED MESSAGE-----


> > > > > "Paul" == Paul Berube <berube () cs ualberta ca> writes:
    Paul> Ok.  I have a couple traces in tcpdump format.  What I
    Paul> actually need is just a list of destination addresses for the
    Paul> trace.  I might be able to use a timestamp if I got really
    Paul> fancy, but it's not required. So, precisely, for each packet
    Paul> in the trace, in chronological order, I want a <ts,dest_ip>
    Paul> pair.  That's it.

  "tcpdump -n -r file"

  You can probably very quickly write a sed or perl script to pull out
the data you want.

    Paul> I suspect this wouldn't be too hard if the tcpdump format was
    Paul> specified, but if it is, I can't find such a document.

  get libpcap source, and read pcap.h and pcap.3

- --
]     "Elmo went to the wrong fundraiser" - The Simpson         |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr () xelerance com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQUvDAIqHRg3pndX9AQGTxwP/R+vkTaRP3AAyaH6nb/4qzeTUyAMCTLkO
0WlBlvDHFZNqoBjB6vlr6eg+ICF3JIImeHg9rtl77CW36m1vFfQQN5CXtcgdwKJw
j/5FW7ifEociYjMwrurP9lS4n/fl8SFRlHroxtP8VBRVsWZiBLrGjrhMMZDxhJ6b
287NchFLy+A=
=Lr/w
-----END PGP SIGNATURE-----
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.