Wireshark · Ethereal-dev: Re: [Ethereal-dev] Proposed change to tethereal hex dump format

Ethereal-dev: Re: [Ethereal-dev] Proposed change to tethereal hex dump format

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Ashok Narayanan <ashokn@xxxxxxxxx>

Date: Wed, 2 May 2001 15:28:42 -0400

On Wed, 2 May 2001 12:16:50 -0700 (PDT), Guy Harris <guy@xxxxxxxxxx> wrote:

> > It's a very small change to the code; I've tried it out. If this proposed
> > change is made, then text2pcap will be able to read in a trace dumped by
> > tethereal using -V -x, and be able to build a capture file out of the
packets
> > (minus the timestamps),
> 
> Minus the timestamps?
> 
> 	machine$ tethereal -n -V -x -r capture_file.pcap
> 	Frame 1 (60 on wire, 60 captured)
> 	    Arrival Time: May 19, 1999 17:48:39.7085

Well, text2pcap right now ignores all non-hexdump text. It will extract the
hexdumps from the file and build those into packets. It could be extended to
handle those lines as well. I haven't spent time on this because I view this
as a cool side effect, not the primary goal.

-Ashok




--- Asok the Intern ----------------------------------------
Ashok Narayanan
IOS Network Protocols, Cisco Systems
250 Apollo Drive, Chelmsford, MA 01824
Ph: 978-244-8387.  Fax: 978-244-8126 (Attn: Ashok Narayanan)

References:
- [Ethereal-dev] Proposed change to tethereal hex dump format
  - From: Ashok Narayanan
- Re: [Ethereal-dev] Proposed change to tethereal hex dump format
  - From: Guy Harris

Prev by Date: Re: [Ethereal-dev] Proposed change to tethereal hex dump format
Next by Date: Re: [Ethereal-dev] patch to fix time display in sniffer pro capture files
Previous by thread: Re: [Ethereal-dev] Proposed change to tethereal hex dump format
Next by thread: RE: [Ethereal-dev] Proposed change to tethereal hex dump format
Index(es):
- Date
- Thread