Wireshark mailing list archives

Re: Need help regarding interpreting a pcap file.

From: "Maynard, Chris" <Christopher.Maynard () GTECH COM>
Date: Mon, 22 Feb 2010 22:24:16 -0500

If you're looking for information on the libpcap file format, you might find what you need here: 
http://wiki.wireshark.org/Development/LibpcapFileFormat.
 
But if you're looking for "a utility which should take the pcap as input and produce output on the screen in user 
freindly [sic] way.", well then look no further:  http://www.wireshark.org/download.html.  Well, OK there are plenty of 
other packet sniffers out there, so feel free to keeping looking.  Here's a start: 
http://en.wikipedia.org/wiki/Packet_analyzer#Notable_packet_analyzers.
 
Or maybe what you're really looking for is a way to add your own proprietary protocol dissector to Wireshark?  These 
should help you:
http://www.wireshark.org/docs/wsdg_html_chunked/
http://anonsvn.wireshark.org/viewvc/trunk/doc/README.developer?revision=31933&view=markup 
<http://anonsvn.wireshark.org/viewvc/trunk/doc/README.developer?revision=31933&view=markup> 
 
Good luck.
- Chris

________________________________

From: wireshark-dev-bounces () wireshark org on behalf of prashanth joshi
Sent: Mon 2/22/2010 9:49 PM
To: wireshark-dev () wireshark org
Subject: [Wireshark-dev] Need help regarding interpreting a pcap file.


Hi all,
 
what is the format fo the data stored in the pcaps?
I have got a requirement where in I need to read a pcap and then the contents of the packets need to be displayed on 
the screen. The packets have proprietary information. How do I go about this? Any suggestions would be heartily 
welcome. The requirement is that of a utility which should take the pcap as input and produce out put on the screen in 
user freindly way.
 
Regards,
Prashanth

CONFIDENTIALITY NOTICE: The contents of this email are confidential
and for the exclusive use of the intended recipient. If you receive this
email in error, please delete it from your system immediately and 
notify us either by email, telephone or fax. You should not copy,
forward, or otherwise disclose the content of the email.

<<winmail.dat>>

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Need help regarding interpreting a pcap file. prashanth joshi (Feb 22)
- Re: Need help regarding interpreting a pcap file. Maynard, Chris (Feb 22)