if you are not unix savvy, this is the simple command line to do the job:
tethereal -o "column.format:
time,%t,source,%s,destination,%d,sport,%S,dport,%D,protocol,%p,info,%i"
-z "proto,colinfo,frame.pkt_len,frame.pkt_len" -r capture.cap | while
read TI SR FOO DS SRP DSP PRO REMAINDER;do echo -n "$TI $SR $DS $SRP
$DSP"; echo $REMAINDER | sed -e "s/.*== / /";done
if you have not already, install www.cygwin.com.
it is a great package and it makes even a windows box useable.
On Sat, 19 Mar 2005 05:36:06 -0400, ronnie sahlberg
<ronniesahlberg@xxxxxxxxx> wrote:
> Use
> tethereal -z "proto,colinfo,frame.pkt_len,frame.pkt_len"
> and feed the output through a simple shellscript.
>
>
>
>
>
>
>
>
> On Sat, 19 Mar 2005 09:54:05 +0100, Alessandro <ale75@xxxxxxxxx> wrote:
> > Hi,
> > I have a problem: i have a 1GBytes ethereal dump file. I had to create a
> txt
> > file with only this field:
> > timestamp (possibly relative), ip_source, ip_destination, port_source,
> > port_destination,protocol, packet_size.
> > Who can help me???
> > i try with ethreal gui but dump file is too big!
> >
> > HELP!!
> > thanks
> >
>