Ethereal-users: Re: [Ethereal-users] Problems Importing TCPDUMP Output into Ethereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Richard Ginski" <rginski@xxxxxxxxxxxxxxxxx>
Date: Fri, 11 Apr 2003 11:30:53 -0400
Thanks everyone for the quick response. I figured it was something silly I was doing wrong. I will user "tcpdump -w" in the future. 

>>> Gerald Combs <gerald@xxxxxxxxxxxx> 04/11/03 11:25AM >>>
On Fri, 11 Apr 2003, Richard Ginski wrote:

> On a Windows 2000 machine, we have been redirecting output from TCPDUMP to a text file. Unfortunately, when trying to open the files with Ethereal , we receive the error message:
> 
> "The file "filename" is not a capture file in a format Ethereal understand"
> 
> What could we be doing wrong?
> 
> We have tried Ethereal 0.9.7 and 0.9.11
> 
> Running TCPDUMP command:
> 
> tcpdump host "IP address" > text file
> 
> Thanks in advance for your help.

Ethereal isn't able to parse the text output of tcpdump.  Try 

    tcpdump -w "output_file" host "IP address"

instead.  This will generate a binary dump file that Ethereal can read.