On 5/19/08,
Stephen Fisher <
stephentfisher@xxxxxxxxx> wrote:
On Mon, May 19, 2008 at 09:15:08AM -0700, Tracy Dennis wrote:
> I'm new to the application, so I apologize if this is a stupid
> question. I performed a capture that generated a 90 MB file, but I can
> only FTP a 20 MB file maximum to Cisco. Is there a way to cut out or
> copy only a part of the capture to generate another PCAP file?
Check out the editcap command-line program that comes with Wiresdhark.
It lets you split your 90MB file into multiple files with 'x' number of
packets each. ot the easiest solution, but if you play with it a bit
you should be able to trim down your files.
or split,
or gzip -9 may be enough,
or an appropriate display filter and then save -> displayed packets only.
--
-jp
Laurie got offended that I used the word "puke." But to me, that's what her dinner tasted like.
deepthoughtsbyjackhandy.com
