Ethereal-users: Re: [Ethereal-users] How to get the data from ethereal file format?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "Ronnie Sahlberg" <sahlberg@xxxxxxxxxxxxxxxx>
Date: Wed, 15 May 2002 19:35:58 +1000
The default format is standard pcap format.
look at www.tcpdump.org for a description on that format. it is quite
simple.

If the kind of analysis you need would be of general interest
for others you might consider adding it as a preferences controllable option
to standard ethereal.


----- Original Message -----
From: "Huang Qian"
Sent: Wednesday, May 15, 2002 6:56 PM
Subject: [Ethereal-users] How to get the data from ethereal file format?


> Hi,Dear All,
>
> I saved the packets I captured by Ethereal in a file, my purpose is to
extract and analyse the data from the captured packets, but I don't know the
format of the saved ethereal file. Does anyone know how to get the data(eg.
the udp header, the timestamp etc.) from every packet captured, or tell me
the details about ethereal file format?
>
> Your kind assistance is highly appreciated.
> Thanks a lot!
>