[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tcpdump-workers
Subject:    [tcpdump-workers] simple pcap-trace manipulation tools
From:       Willem de Bruijn <wdebruij () dds ! nl>
Date:       2006-04-05 8:53:05
Message-ID: 200604051053.05202.wdebruij () dds ! nl
[Download RAW message or body]

hi everyone,

I've had to work with libpcap quite a bit in the last years, during which I 
found myself having to develop some tracefile-tools that might be of interest 
to others as well. I don't make a habit of spamming, but figured this was 
worth a single message to the list.

In a nutshell: pcap-enlarger blows up a tracefile by outputting each element 
in the input stream multiple times (no timestamp adjustments), 
pcap-endianness-switcher reverts endianness of a stream (obviously) and 
pcap2rawstream purges pcap headers from traces to generate raw streams. 
Again, they're pretty simple. If you could make use of these, get them at 
http://www.few.vu.nl/~wdb/various/code/index.php#pcap . Naturally, this is 
all open-source.

cheers,

Willem de Bruijn

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
[prev in list] [next in list] [prev in thread] [next in thread]