You could just use tethereal and head and tail to chop off the head and tail
of each trace. That should give you what you need, without having to do any
custom coding. But, if you like to code, the source for ethereal is
available and I'm sure you can pick out the decode of the Net X-Ray .cap
files there.
Fred Reimer
Eclipsys Corporation
-----Original Message-----
From: ethereal-dev-admin@xxxxxxxxxxxx
[mailto:ethereal-dev-admin@xxxxxxxxxxxx]On Behalf Of Piccola,Richard M.
Sent: Wednesday, October 18, 2000 10:13 AM
To: ethereal-dev@xxxxxxxx
Subject: [Ethereal-dev] Ethereal decode of Net X-Ray
I have used your Ethereal product to do some summary print dumps of Net
X-Ray files, from Net X-Ray version 3.0.3, with some success.
For what I'm doing, I have tons of files to examine, and to determine
which ones to process, I need to open each one to see the time stamps.
I'd like to automate that process, by writing a short program to open a
list of Net X-Ray .CAP files, grab the time stamps of the first and last
packets, and dump the results to a text file.
To do that, I'd clearly need an understanding of the proprietary (?) Net
X-Ray file format. I thought I'd ask you if you could give me some
direction so I can decipher the files and get what I need. I'm not sure
how else to get the information, or even where to start looking.
Obviously you know how to do it. Any help you could offer would be
greatly appreciated.
Respectfully,
Richard Piccola
