Wireshark · Ethereal-users: Re: [Ethereal-users] Utilities for analyzing Ethereal capture fil es

Ethereal-users: Re: [Ethereal-users] Utilities for analyzing Ethereal capture fil es

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxx>

Date: Thu, 18 Oct 2001 13:40:43 -0700 (PDT)

> Perl calls tethereal, parses output from tethereal,

Or just swallows Ethereal's/Tethereal's capture files directly; they're
just libpcap-format files, just like tcpdump uses, so anything that can
read a tcpdump capture file can read an Ethereal capture file.

See, for example:

	http://search.cpan.org/doc/TIMPOTTER/Net-Pcap-0.04/Pcap.pm

which is Perl's package to use libpcap to do both live capturing and
reading of existing capture files.

Of course, if you do that, you have to parse the contents of the packet
yourself; parsing the output from Tethereal saves you that trouble.

However, there may well already be some utility out there that reads
tcpdump files and produces graphs of bandwidth utilization vs. time; as
per the above, such a utility could read an Ethereal capture, too.

References:
- RE: [Ethereal-users] Utilities for analyzing Ethereal capture fil es
  - From: McNutt, Justin M.

Prev by Date: [Ethereal-users] simple question
Next by Date: Re: [Ethereal-users] Install issues with WinNT4 and Win2K - RESOLVED - VGA driver
Previous by thread: RE: [Ethereal-users] Utilities for analyzing Ethereal capture fil es
Next by thread: [Ethereal-users] simple question
Index(es):
- Date
- Thread