simple pcap-trace manipulation tools

[Willem de Bruijn <wdebruij () dds nl>]

hi everyone,

I've had to work with libpcap quite a bit in the last years, during which I 
found myself having to develop some tracefile-tools that might be of interest 
to others as well. I don't make a habit of spamming, but figured this was 
worth a single message to the list.

In a nutshell: pcap-enlarger blows up a tracefile by outputting each element 
in the input stream multiple times (no timestamp adjustments), 
pcap-endianness-switcher reverts endianness of a stream (obviously) and 
pcap2rawstream purges pcap headers from traces to generate raw streams. 
Again, they're pretty simple. If you could make use of these, get them at 
http://www.few.vu.nl/~wdb/various/code/index.php#pcap . Naturally, this is 
all open-source.

cheers,

Willem de Bruijn

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.