Wireshark mailing list archives
Re: wiretap - using as a library rather than coupled with Wireshark?
From: Richard Kinder <rkinder () quantenna com>
Date: Tue, 1 Dec 2015 00:27:33 +0000
Hi Guy, Tim, Thanks for this input. I think modification of editpcap is the best path forward for this problem. The files I'm looking at converting are indeed Airopeek, so I'll need to add support for translation of the peek* metadata to radiotap. Any pointers as to where to start, architectural overviews of libwiretap or documentation are greatly appreciated. Regards, Richard -----Original Message----- From: Guy Harris [mailto:guy () alum mit edu] Sent: Saturday, 28 November 2015 4:54 AM To: Developer support list for Wireshark <wireshark-dev () wireshark org> Cc: Richard Kinder <rkinder () quantenna com> Subject: Re: [Wireshark-dev] wiretap - using as a library rather than coupled with Wireshark? On Nov 27, 2015, at 7:09 AM, Tim Furlong <dev.null.2007 () gmail com> wrote:
Sorry if I'm just missing something, but would editcap itself do the job? editcap <in.pkt> <out.pcapng> should read your Wildpackets file and produce a pcapng file; add a "-F pcap" for pcap format instead.
...as long as it's not an AiroPeek capture or an OmniPeek Wi-Fi capture, as *that* would require translating the radio metadata headers from either of the *Peek formats to a format supported in pcap/pcapng files, such as radiotap. editcap doesn't look at the packet contents, and can't do that translation. This email, including its contents and any attachment(s), may contain confidential information of Quantenna Communications, Inc. and is solely for the intended recipient(s). If you may have received this in error, please contact the sender and permanently delete this email, its contents and any attachment(s). ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- wiretap - using as a library rather than coupled with Wireshark? Richard Kinder (Nov 25)
- Re: wiretap - using as a library rather than coupled with Wireshark? Guy Harris (Nov 26)
- Re: wiretap - using as a library rather than coupled with Wireshark? Dario Lombardo (Nov 26)
- Re: wiretap - using as a library rather than coupled with Wireshark? Guy Harris (Nov 26)
- Re: wiretap - using as a library rather than coupled with Wireshark? Dario Lombardo (Nov 27)
- Re: wiretap - using as a library rather than coupled with Wireshark? Bálint Réczey (Nov 27)
- Re: wiretap - using as a library rather than coupled with Wireshark? Bálint Réczey (Nov 27)
- Re: wiretap - using as a library rather than coupled with Wireshark? Dario Lombardo (Nov 26)
- Re: wiretap - using as a library rather than coupled with Wireshark? Guy Harris (Nov 26)
- Re: wiretap - using as a library rather than coupled with Wireshark? Guy Harris (Nov 27)
- Re: wiretap - using as a library rather than coupled with Wireshark? Richard Kinder (Nov 30)