Wireshark · Ethereal-users: Re: [Ethereal-users] comparing two files

Ethereal-users: Re: [Ethereal-users] comparing two files

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <gharris@xxxxxxxxx>

Date: Wed, 29 Dec 2004 11:58:07 -0800

LEGO wrote:

perl's Net::Pcap  and NetPacket can turn out much more useful for that purpose,

I.e., to answer the original question, "Ethereal's file structure" isjust libpcap format, as used and generated by tcpdump and a number ofother programs as well; libpcap obviously can read and write that fileformat.

That means that there's no structure to the packet data itself - there'sjust a raw blob of bytes.

References:
- [Ethereal-users] comparing two files
  - From: Earl Eiland
- Re: [Ethereal-users] comparing two files
  - From: LEGO

Prev by Date: [Ethereal-users] ESP packet analysis
Next by Date: [Ethereal-users] Question-patching orinoco
Previous by thread: Re: [Ethereal-users] comparing two files
Next by thread: [Ethereal-users] ESP packet analysis
Index(es):
- Date
- Thread