Wireshark-users: Re: [Wireshark-users] Dump file format?
From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Mon, 14 Apr 2008 23:13:12 -0700
Sake Blok wrote:

The file format Wireshark uses is the "libpcap" format, see:

http://wiki.wireshark.org/Development/LibpcapFileFormat

...which means that there are a number of tools that support it, including tcpsplit:

	http://www.icir.org/mallman/software/tcpsplit/

and tcpslice:

	http://sourceforge.net/projects/tcpslice/