On Wed, May 24, 2000 at 12:01:11PM -0300, Administrador da Rede wrote:
> Question: Is there some way to make ethereal read tcpdump files from
> STDIN?
*If* the standard input is something that supports seeking - i.e., *not*
a pipe and, I fear, *not* a DAT device - and *if* your OS supports
"/dev/fd", and "/dev/stdin" in particular, you could use "/dev/stdin" as
the input "file".
However, that's not necessarily very useful, as that'd be
ethereal -r /dev/stdin </my/file
which could be more conveniently done as
ethereal -r /my/file
Unfortunately, given the way the Wiretap library Ethereal uses to read
capture files works, it *has* to be able to do seeks on the input
file...
...and even if we were to avoid having to do seeks in most instances (I
don't think it's possible to do so in all instances), Ethereal (but not
Tethereal or editcap) would *still* have to be able to do seeks on the
file, as you can click on arbitrary packets in the display, meaning
Ethereal has to be able to read arbitrary packets from arbitrary places
in the capture file at arbitrary times.
I.e., it's not possible to do what you want to do; you'd have to read
the capture from the tape into a file in order to make Ethereal work at
all.
