Hi,
Well, from my days working on the File|Import function I can remember that this
is the (proposed) option format. But if you want to define a per-packet
parameter then an in-line tag should be fine. Think of a variant of the
timestamp, now parametrized by -t <fmt>. So you could use something like -D (for
direction) to allow 'ingress'/'inbound' and 'egress'/'outbound' to indicate
direction (P2P_DIR_*).
Thanks,
Jaap
On 12/22/2012 10:04 PM, Michael Tuexen wrote:
Dear all,
after adding support for pcapng to textpcap and fixing the support of the
epb flags word for pcapng, I would like to add to text2pcap the capability
to indicate in the input file per packet, if the packet was sent or received.
text2pcap will than save this in the epb flags word when using pcapng.
My question is how to realize this. One possibility would be to use a directive
#TEXT2PCAP inbound
0000 01 02 03 ....
#TEXT2PCAP outbound
0000 01 03 03 ....
However, I would prefer a solution where the indication of inbound/outbound can
be on the same line as the packet.
(for some reason the producer of the file to be read by text2pcap normally provides
each packet on a single (long) line).
Any idea how to achieve this? Maybe using the directive at the beginning of the
line?
Any hints welcome!
Best regards
Michael
