Adam Ripka wrote:
I am trying to capture using tethereal and get a nice text file as
output. I tried
tethereal -a duration:30 -f icmp -i (name of device) -n -T text -w
"test.txt"
This worked out great except for the text part. I've tried this using
ethereal i.e. I've captured and then exported to a text file and this
worked out fine but using tethereal I get unreadable output.
Can anyone please help me? How can I get a nice little text file from
the command line?
By not using "-w". "-w" writes a *BINARY* file in libpcap format, as
that's what it's intended to do. If you don't specify "-w", Ethereal
writes the results of packet decoding, in a format specified by the "-T"
flag, with the default being "-T text"; to quote the man page:
-T Set the format of the output when viewing packet data. The options
are:
pdml
Packet Details Markup Language, an XML-based format for the
details of a decoded packet. This information is equivalent to
the packet details printed with the -V flag.
psml
Packet Summary Markup Language, an XML-based format for the
summary information of a decoded packet. This information is
equivalent to the information shown in the one-line summary
printed by default.
ps PostScript for a human-readable one-line summary of each of the
packets, or a multi-line view of the details of each of the
packets, depending on whether the -V flag was specified.
text
Text of a human-readable one-line summary of each of the pack-
ets, or a multi-line view of the details of each of the pack-
ets, depending on whether the -V flag was specified. This is
the default.
This is written to the standard output. To write to a file, make a file
the standard output:
tethereal -a duration:30 -f icmp -i (name of device) -n > test.txt
