Firewall Wizards mailing list archives

Re: [OT] tcpdump parsing

From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Thu, 9 Oct 2003 00:18:05 +0530

On 08/10/03 14:20 -0400, Damian Gerow wrote:
<snip>

Is there a way to take a tcpdump binary file, and pull a date range from it?
The tcpdump man page leads me to believe no, and a fair bit of Google
searching has provided no leads.

tcpslice(8).

From the manual:

       Tcpslice is a program for extracting portions  of  packet-
       trace  files generated using tcpdump(1)'s -w flag.  It can
       also be used to glue together several such files, as  dis-
       cussed below.

       The  basic  operation of tcpslice is to copy to stdout all
       packets from  its  input  file(s)  whose  timestamps  fall
       within  a  given  range.  The starting and ending times of
       the range may be  specified  on  the  command  line.   All
       ranges  are  inclusive.
<snip>

Devdas Bhagat
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

[OT] tcpdump parsing Damian Gerow (Oct 08)
- Re: [OT] tcpdump parsing Devdas Bhagat (Oct 08)
  - Re: [OT] tcpdump parsing Damian Gerow (Oct 08)
    - Re: [OT] tcpdump parsing Paul Robertson (Oct 11)
    - Spamming, 'hidden' mail server Damian Gerow (Oct 08)
    - Re: Spamming, 'hidden' mail server Jeff Bollinger (Oct 15)
    - Re: Spamming, 'hidden' mail server Damian Gerow (Oct 17)
    - Re: [OT] tcpdump parsing Damian Gerow (Oct 11)
    - Re: [OT] tcpdump parsing hermit921 (Oct 13)
- Re: [OT] tcpdump parsing R. DuFresne (Oct 08)
  - Re: [OT] tcpdump parsing Damian Gerow (Oct 08)
- <Possible follow-ups>
- RE: [OT] tcpdump parsing Austin, Greg (Oct 08)

(Thread continues...)