Re: [fw-wiz] [OT] tcpdump parsing
From: Devdas Bhagat (devdas_at_dvb.homelinux.org)
Date: 10/08/03
- Previous message: Sloane, David: "RE: [fw-wiz] [OT] tcpdump parsing --> editcap"
- In reply to: Damian Gerow: "[fw-wiz] [OT] tcpdump parsing"
- Next in thread: Damian Gerow: "Re: [fw-wiz] [OT] tcpdump parsing"
- Reply: Damian Gerow: "Re: [fw-wiz] [OT] tcpdump parsing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: firewall-wizards@honor.icsalabs.com Date: Thu, 9 Oct 2003 00:18:05 +0530
On 08/10/03 14:20 -0400, Damian Gerow wrote:
<snip>
> Is there a way to take a tcpdump binary file, and pull a date range from it?
> The tcpdump man page leads me to believe no, and a fair bit of Google
> searching has provided no leads.
tcpslice(8).
From the manual:
Tcpslice is a program for extracting portions of packet-
trace files generated using tcpdump(1)'s -w flag. It can
also be used to glue together several such files, as dis-
cussed below.
The basic operation of tcpslice is to copy to stdout all
packets from its input file(s) whose timestamps fall
within a given range. The starting and ending times of
the range may be specified on the command line. All
ranges are inclusive.
<snip>
Devdas Bhagat
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Sloane, David: "RE: [fw-wiz] [OT] tcpdump parsing --> editcap"
- In reply to: Damian Gerow: "[fw-wiz] [OT] tcpdump parsing"
- Next in thread: Damian Gerow: "Re: [fw-wiz] [OT] tcpdump parsing"
- Reply: Damian Gerow: "Re: [fw-wiz] [OT] tcpdump parsing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
