On Mon, 2009-03-09 at 20:14 +0000, Ulisses Araújo Costa wrote:
> Hello,
>
> I'm doing a project where I need to parse some packets (HTTP and some
> protocols for databases).
> I start doing this using the tcpdump library, and after that start to
> parse all the nested packets like that:
>
> Ethernet -> TCP/UDP -> IPv4/IPv6 -> Application packet
>
> I've done part of this job using the Haskell programming language, the
> problem is to start obtain information about the relation of the
> packets (like temporal relation, or others). I see that wireshark
> already does that job. And in fact parse all the data from one packet,
> and have a great pretty printer.
>
> I start to read manuals for developers, and unfortunately did not find
> anything that really help me.
>
> My question is: Could you show to me a simple program that take a
> input tcpdump file (Coud also be in Online mode), and just return the
> structure of the parsed packets?
>
> Thank you,
The PSML or PDML XML export formats might be useful?
Stephen
--
-----------------------------------------------------------------------
Stephen Donnelly BCMS PhD email: sfd@xxxxxxxxxx
Endace Technology Ltd phone: +64 7 839 0540
Hamilton, New Zealand cell: +64 21 530 770
-----------------------------------------------------------------------
