Earl,
> From: earl eiland [mailto:eee@xxxxxxxx]
> I need to analyze and process certain fields from packets in a data
> stream. Is it possible for Ethereal to extract desired
> fields and save them in another file?
It depends on which "fields" you are interested in. I am always interested
in the size of packets so I've added in the frame size into the display
columns (Edit->Preferences->Columns etc).
Most fields only make sense when you have a frame of a particular type so
you can't just add them in to the columns. In these instances you can
generally use a display filter to select the packets that are interesting,
then save only these packets to a new file to analyse separately.
If all else fails, I end up writing a perl script to analyse the output of
tethereal -V. If you go this route its far easier to set $/="\n\nFrame"
rather than mung the output line by line.
Cheers,
Alistair
-----------------------------------------------------------------------
Registered Office:
Marks & Spencer p.l.c
Michael House, Baker Street,
London, W1U 8EP
Registered No. 214436 in England and Wales.
Telephone (020) 7935 4422
Facsimile (020) 7487 2670
www.marksandspencer.com
Please note that electronic mail may be monitored.
This e-mail is confidential. If you received it by mistake, please let us know and then delete it from your system; you should not copy, disclose, or distribute its contents to anyone nor act in reliance on this e-mail, as this is prohibited and may be unlawful.
The registered office of Marks and Spencer Financial Services PLC, Marks and Spencer Unit Trust Management Limited, Marks and Spencer Life Assurance Limited and Marks and Spencer Savings and Investments Limited is Kings Meadow, Chester, CH99 9FB.