Wireshark · Wireshark-users: [Wireshark-users] Using Editcap to extract UNISTIM VoIP Call

Wireshark-users: [Wireshark-users] Using Editcap to extract UNISTIM VoIP Call

Date: Wed, 30 Jan 2008 10:19:26 -0600

Hi,

Is it be possible to do the following using EDITCAP:

Select packets based on:
-Select IP Address and Source Port
-Select IP Address and Destination Port
-As well as Start and End time of packets

Across Multiple Input Capture Files.

The capture files are 250 Mb in size and is very time consuming to load and analyze.

What I need to do is to be able to extract out a specific VoIP call using UNISTIM that spans multiple capture files based on IP Address and Source and/or Destination Port and possible a within a specific time frame.

This extracted call would then be copied off for further analysis.

If you have any questions or require further information please let me know.

Thanx,

John

Follow-Ups:
- Re: [Wireshark-users] Using Editcap to extract UNISTIM VoIP Call
  - From: Luis EG Ontanon
- Re: [Wireshark-users] Using Editcap to extract UNISTIM VoIP Call
  - From: J P

Prev by Date: Re: [Wireshark-users] Multiple ports in tshark decode as
Next by Date: [Wireshark-users] Hiding interfaces
Previous by thread: Re: [Wireshark-users] Multiple ports in tshark decode as
Next by thread: Re: [Wireshark-users] Using Editcap to extract UNISTIM VoIP Call
Index(es):
- Date
- Thread