Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Ethereal-users: [Ethereal-users] Re: help please

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>
Date: Sat, 19 Mar 2005 05:51:03 -0400
if you are not unix savvy, this is the simple command line to do the job:


tethereal -o "column.format:
time,%t,source,%s,destination,%d,sport,%S,dport,%D,protocol,%p,info,%i"
-z "proto,colinfo,frame.pkt_len,frame.pkt_len" -r capture.cap | while
read TI SR FOO DS SRP DSP PRO REMAINDER;do echo -n "$TI $SR $DS $SRP
$DSP"; echo $REMAINDER | sed -e "s/.*== / /";done


if you have not already,   install www.cygwin.com.
it is a great package and it makes even a windows box useable.




On Sat, 19 Mar 2005 05:36:06 -0400, ronnie sahlberg
<ronniesahlberg@xxxxxxxxx> wrote:
> Use
> tethereal -z "proto,colinfo,frame.pkt_len,frame.pkt_len"
> and feed the output through a simple shellscript.
> 
> 
> 
> 
> 
> 
> 
> 
> On Sat, 19 Mar 2005 09:54:05 +0100, Alessandro <ale75@xxxxxxxxx> wrote:
> > Hi,
> > I have a problem: i have a 1GBytes ethereal dump file. I had to create a
> txt
> > file with only this field:
> > timestamp (possibly relative), ip_source, ip_destination, port_source,
> > port_destination,protocol, packet_size.
> > Who can help me???
> > i try with ethreal gui but dump file is too big!
> > 
> > HELP!!
> > thanks 
> >
>