Hi there,
I have traces from site where they use the IP-IP tunneling. Ethereal itself
doesn't have problem with analysis and shows statistics for both all IP
addresses found (e.g. tunel point IP address and tunneled one also). But I
need to use this trace in other tools (f.e. NTop and some proprietary ones)
which aren't capable (or at least seem so) of managing this correctly (shows
only IP addresses of tunel points - they don't use the second ip header).
For complete analysis I'd like to strip off those IPIP headers. So I need to
strip off 20 bytes starting at offset 14 in each packet and save such
modified trace. I looked into FAQ, manuals, etc. and I have found, that I
can filter on per-bytes-value basis, but haven't found any possibility to
delete some bytes. Does someone of you know, how to settle this? Any utility
for this?
Any suggestions are welcome,
have a nice day,
Petr Vacha
P.S.: In case I overlooked something in docs, I apologize
P.P.S.: For developers: Ethereal is superb!