I'm adding the ability to [t]ethereal to print a capture file as XML. I
need this so I can write a Python program to reconstruct data from a
capture file and produce a nice report. Someday we'll embed Python in
Ethereal, but until then, this feature should help me and others wishing
to do similar things.
I'm not an XML expert. I see two styles of printing as XML. Either by
making the field names and values attributes of "node" elements:
<ethereal-capture-file>
<ethereal-packet>
<node name="frame">
<node name="frame.marked" value="0"/>
<node name="frame.time" value="Sep 17, 2003 10:12:06.088528000"/>
<node name="frame.time_delta" value="0.000000000"/>
<node name="frame.time_relative" value="0.000000000"/>
<node name="frame.number" value="1"/>
<node name="frame.pkt_len" value="62"/>
<node name="frame.cap_len" value="62"/>
<node name="frame.file_off" value="40"/>
</node>
...
</ethereal-packet>
</ethereal-capture-file>
or by making field-names elements, and the values are text between
element markers:
<ethereal-packet>
<frame>
<frame.marked>0</frame.marked>
<frame.time>Sep 17, 2003 10:12:45.069203000</frame.time>
<frame.time_delta>0.035904000</frame.time_delta>
<frame.time_relative>38.980675000</frame.time_relative>
<frame.number>253</frame.number>
<frame.pkt_len>1514</frame.pkt_len>
<frame.cap_len>1514</frame.cap_len>
<frame.file_off>70170</frame.file_off>
</frame>
...
</ethereal-packet>
</ethereal-capture-file>
Does anyone have any experience with XML which tells them which style
would be better? I'm leaning toward the first example, because it's so
systematic, but I have no experience here.
thanks,
--gilbert
