Joao Rosa wrote:
Could you please send me the layout of the inputs binary files of tethereal
or the layout of the file of the sniffed with windump.
Both are standard libpcap/WinPcap format.
This means, not surprisingly, that libpcap/WinPcap can read them. The
easiest way to read them is not to write your own code to read that file
format; it's easier to use libpcap/WinPcap to read them, by using
pcap_open_offline() to open the file, and pcap_loop() or a loop with
pcap_next() or, in newer versions of libpcap/WinPcap, pcap_next_ex() to
read the packets.
I have a scenario with about 26 media gateways, and I need to sort the
date by time and by media gateway and afterwards translate the call with
tethereal
"Sort" in the sense of "put in a particular sequence", or "sort" in the
sense of "extract"?
I.e., do you want to split the data into different files for different
calls by selecting packets that arrived at particular times and that
used particular gateways?
If so, then, regardless of whether you write your own code to read the
files or use libpcap/WinPcap, you still have a lot more work to do,
because you'll have to parse the packet data to determine what media
gateway is used. libpcap/WinPcap will *NOT* do that for you.
You might, however, be able to use tethereal with a "read filter" to
extract the packets you're interested in. It can read a file in
libpcap/WinPcap format and write out another file in the same format
with a subset of the packets, so the output file is guaranteed to be no
larger than the input file.
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
