I probably did not explain well what I wanted to do.
I need to capture real traffic of openflow protocol (actually only the specific msg-type “of-flow-add” ) and to filter in e.g. the fields surrounded in the
It can be tshark or wireshark.
Then on the 2nd stage I want to generate a file which its rows are flows and its columns are these filtered fields
From: Wireshark-dev [mailto:[email protected]]
On Behalf Of Graham Bloice Sent: Wednesday, 15 August, 2018 6:15 PM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Parsing openflow
Try to right-click on the field you want to extract and choose "prepare a filter -> selected". In the upper part of wireshark a filter with the field you want will appear. That's the name of the field. However, if you used an invalid name
before, tshark would tell you (tshark: Some fields aren't valid:). Remember that if a packet doesn't have that field, nothing will be printed. Make some practice with easier fields (I suggest ip.src) if you're not used to those tshark options.
No need to create a filter, select the field in the packet tree and look for the field name in the status bar in parenthesis.
I need to capture open-flow msgs (e.g FLOW_MOD to add new flows) from controller to vSwitch ,
And to generate e.g. a *file* which its rows are the captured flows and its columns are the flow header fields e.g. column 1 source-mac , column 2 dest-mac , column 3 source-IP etc.. - whenever a field is not relevant I can set the fields as FFFF (don't
Also the action (actions) should be put in a column
I need this file as an input to an algorithm that should manipulate these flows ?
My question can I use the wireshark pkg for this purpose ? if yes what is the recommended way ?