Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-users: Re: [Wireshark-users] text2pcap

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Behdad Forghani <behdad.forghani@xxxxxxxxxxxxxx>
Date: Sat, 09 May 2009 10:04:10 -0400
A correction, I Perl the easiest way is:

open $input, "<$ARGV[0]" or die "Cannot open $ARGV[0]";
while(<$input>) 
{
	print "0000 $_";
}
close $input;

On Sat, 2009-05-09 at 09:42 -0400, Behdad Forghani wrote:
> The fastest way is to open the file with vi or vim and type:
> :g/^/s//0000 /
> I.e., globally(everyline) substitute the beginning of line with "0000 "
> This will do the trick.
> 
> In Perl you can write x.pl with the code:
> open $input, "<$ARGV[0]" or die "Cannot open $ARGV[0]";
> while(<$input>) 
> {
> 	$_ =~ s/^/0000 /
> 	print $_
> }
> close $input;
> 
> then run it as perl x.pl > out.txt
> 
> Cheers
> 
> On Sat, 2009-05-09 at 16:13 +0530, SuNeEl wrote:
> > thanx bro,
> > 
> > but it seems very daunting task since I could not add 4*0 to a long
> > file pls. suggest some script or any way to achive the same. or any
> > RS232 logger that take care of that 0000
> > 
> > pls suggest
> > 
> > --
> > 
> > 
> > Happiness is like a Butterfly...
> > 
> > 
> > 
> > --- On Thu, 7/5/09, Faten SOLTANI <faten.soltani@xxxxxxxxxxxxxxxxxx>
> > wrote:
> >         
> >         From: Faten SOLTANI <faten.soltani@xxxxxxxxxxxxxxxxxx>
> >         Subject: Re: [Wireshark-users] text2pcap
> >         To: wireshark-users@xxxxxxxxxxxxx
> >         Date: Thursday, 7 May, 2009, 12:45 PM
> >         
> >         > Hi
> >         the input file to Text2pcap must respect this structure
> >         bellow:
> >         
> >         0000    85 06 40 01 00 00 02 01 00 00 01 0A 00 02 09 07 83 90
> >         32 54 06 00 01
> >         0000    85 06 40 01 00 00 02 01 00 00 01 0A 00 02 09 07 83 90
> >         32 54 06 00 01
> >         0000    85 05 80 01 00 00 02 0C 02 00 02 80 81
> >         0000    85 06 40 01 00 00 02 10 00
> >         0000    85 06 40 01 00 00 02 10 00
> >         the 4* "0" in the begening is an offset, it must be equal a 0
> >         in the
> >         begening of  each paket.
> >         regards
> >         Faten
> >         
> >         
> >         
> >         
> >         >
> >         > Message: 4
> >         > Date: Wed, 6 May 2009 16:55:10 +0530 (IST)
> >         > From: SuNeEl <seacore14@xxxxxxxxx>
> >         > Subject: [Wireshark-users] text2pcap
> >         > To: wireshark-users@xxxxxxxxxxxxx
> >         > Message-ID: <944238.47837.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
> >         > Content-Type: text/plain; charset="utf-8"
> >         >
> >         > Hi all,
> >         >
> >         > why i am not able to convert my hexa dump file of rs232 data
> >         to pcap file
> >         > using text2pcap utility ?
> >         >
> >         >
> >         > --
> >         >
> >         > Happiness is like a Butterfly...
> >         >
> >         >
> >         >
> >         >       Now surf faster and smarter ! Check out the new
> >         Firefox 3 - Yahoo!
> >         > Edition
> >         http://downloads.yahoo.com/in/firefox/?fr=om_email_firefox
> >         > -------------- next part --------------
> >         > An HTML attachment was scrubbed...
> >         > URL:
> >         >
> >         http://www.wireshark.org/lists/wireshark-users/attachments/20090506/e2dc3373/attachment.htm
> >         >
> >         > ------------------------------
> >         >
> >         > Message: 5
> >         > Date: Wed, 6 May 2009 13:47:17 +0200
> >         > From: "Anders Broman" <anders.broman@xxxxxxxxxxxx>
> >         > Subject: Re: [Wireshark-users] [Suspected Spam]   text2pcap
> >         > To: "Community support list for Wireshark"
> >         >     <wireshark-users@xxxxxxxxxxxxx>
> >         > Message-ID:
> >         >
> >         <E48F3A0F80C4B642BF6A5FF3257DFBB906A18D7E@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
> >         >
> >         > Content-Type: text/plain; charset="us-ascii"
> >         >
> >         > Hi,
> >         > Because you ar not doing it right :-)) possibly?
> >         > Jokes aside text2pcap expects the data to be in the same
> >         format as the
> >         > hex pane of Wireshark i think, something like:
> >         > 0000 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00
> >         00 .....
> >         > 0010 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00
> >         00 .....
> >         > :
> >         > Regards
> >         > Anders
> >         >
> >         > ________________________________
> >         >
> >         > From: wireshark-users-bounces@xxxxxxxxxxxxx
> >         > [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of
> >         SuNeEl
> >         > Sent: den 6 maj 2009 13:25
> >         > To: wireshark-users@xxxxxxxxxxxxx
> >         > Subject: [Suspected Spam] [Wireshark-users] text2pcap
> >         >
> >         >
> >         > Hi all,
> >         >
> >         > why i am not able to convert my hexa dump file of rs232 data
> >         to pcap
> >         > file using text2pcap utility ?
> >         >
> >         >
> >         > --
> >         >  <http://www.mylivesignature.com>
> >         >
> >         >
> >         > Happiness is like a Butterfly...
> >         >
> >         >  <http://topmasala.com/images/geek2.gif>
> >         >
> >         >
> >         > ________________________________
> >         >
> >         > Own a website.Get an unlimited package.Pay next to nothing.*
> >         Click
> >         > here!.
> >         >
> >         <http://in.rd.yahoo.com/tagline_ysb_website/*http://in.business.yahoo..c
> >         > om/>
> >         > -------------- next part --------------
> >         > An HTML attachment was scrubbed...
> >         > URL:
> >         >
> >         http://www.wireshark.org/lists/wireshark-users/attachments/20090506/84260057/attachment.htm
> >         >
> >         > ------------------------------
> >         >
> >         > _______________________________________________
> >         > Wireshark-users mailing list
> >         > Wireshark-users@xxxxxxxxxxxxx
> >         > https://wireshark.org/mailman/listinfo/wireshark-users
> >         >
> >         >
> >         > End of Wireshark-users Digest, Vol 36, Issue 10
> >         > ***********************************************
> >         >
> >         
> >         
> >         ___________________________________________________________________________
> >         Sent via:    Wireshark-users mailing list
> >         <wireshark-users@xxxxxxxxxxxxx>
> >         Archives:    http://www.wireshark.org/lists/wireshark-users
> >         Unsubscribe:
> >         https://wireshark.org/mailman/options/wireshark-users
> >         
> >            mailto:wireshark-users-request@xxxxxxxxxxxxxx?subject=unsubscribe
> >         
> > 
> > 
> > ______________________________________________________________________
> > Own a website.Get an unlimited package.Pay next to nothing.* Click
> > here!.
> > ___________________________________________________________________________
> > Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> > Archives:    http://www.wireshark.org/lists/wireshark-users
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> >              mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube