As Guy Harris said:
>
> Some context, for Gilbert Ramirez' benefit (if this hasn't been
> forwarded - I sent mail to Gerald mentioning that I had a version of
> "libpcap" modified to have plug-in "foreign" capture file readers, as
> well as readers for Sniffer (uncompressed, alas - I've spent *some* time
great. I have done work on reading Sniffer token-ring captures. I don't
have the ethernet version, so they're either the same format or just
slightly different. I also have the file format of LANAlyzer trace files.
The format is downloadable from Novell's site. (Search for lanalyzer in
their knowledge base).
> I'm not sure what you mean - "libpcap" capture files' magic number
> indicates the byte-order, so it can read files captured on a machine of
> a different byte order, but "ethereal" already knows that so either you
> mean something else or you're listing this as something not to be *lost*
> with the new library.
Yes, that's what I mean. At the time I wasn't sure if libpcap files were
portable, but after running 'file' on libpcap files I noticed that 'file'
was able to tell the byte order of the file, so they _can_ be made
portable.
thanks for the information,
--gilbert
--
Gilbert Ramirez Voice: +1 210 358 4032
Technical Services Fax: +1 210 358 1122
University Health System San Antonio, Texas, USA
