Wireshark-dev: Re: [Wireshark-dev] Query on loading packets usingcommand line options
From: wireshark-dev-bounces@xxxxxxxxxxxxx on behalf of j.snelders@xxxxxxxxxx
Sent: Tue 12/23/2008 12:36 AM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Query on loading packets usingcommand line options
Hi Atdev,
You can replay the packets using Colasoft Packet Player en capture the traffic
with TShark | Wireshark.
http://www.colasoft.com/download/products/packet_player.php
HTH
Joan
On Mon, 22 Dec 2008 18:56:01 +0530 atdev wrote:
>Hi All,
>
>Thanks for all your support.
>
>My new query: is it possible to create the traffic using the existing packets
>i have and capture them using wireshark.
>What i mean exactly is with the packets available with me is it possible
>to create a traffic with in the system.
>And is it possible to run wireshark in capture mode to capture the generated
>traffic.
>
>If yes, could any one please explain me how it can be done?
>
>regards,
>Atdev.
>
>________________________________
>
>From: wireshark-dev-bounces@xxxxxxxxxxxxx on behalf of j.snelders@xxxxxxxxxx
>Sent: Sat 12/20/2008 3:11 AM
>To: Developer support list for Wireshark
>Subject: Re: [Wireshark-dev] Query on loading packetsusing command line
options
>
>
>
>
>On Fri, 19 Dec 2008 10:52:10 -0800 Gerald Combs wrote:
>>atdev.queries@xxxxxxxxx wrote:
>>> Hi All,
>>>
>>> Thanks Joan and Gerald.
>>>
>>> Both of your approaches worked.
>>> But my New query is
>>> mergecap -w - file1.cap file2.cap |wiresahrk -k -i -
>>> shall give me the output unsaved, i need to explicitly save it .
>>> But what i need is save it to the XXX location as specified and into
multiple
>files of say 200KB.
>>>
>>> I don't know the no.of files i am merging. There may be chance of "out
>>> of memory" when i load the merged output file. So it would be better
if
>
>>> I could save them into smaller files.
>
>I don't know if I understand you correctly.
>Do you first want to merge 2 or more files and next split the outputfile
>into multiple files?
>If so:
>mergecap -w <outputfile> <inputfile> <inputfile>
>$ mergecap -w mergefile1_2.cap file1.cap file2.cap
>
>editcap -c <packets per file> <inputfile> <outputfile>
>$ editcap -c 200 mergefile1_2.cap split.cap
>
>Do you want to capture and write the output to multiple files?
>If so, you can use TShark, Dumpcap or Wireshark.
>TShark/Dumpcap -i <interface> -b <filesize:NUM - switch to next file after
>NUM KB> -a <files:NUM - stop after NUM files> -w <outputfile>
>$ dumpcap -i 2 -b filesize:200 -a files:2 -w F:\capturefiles\multiplefiles.cap
>
>Wireshark: Capture -> Options -> Use Multiple Files
>
>https://www.wireshark.org/docs/man-pages/mergecap.html
>https://www.wireshark.org/docs/man-pages/editcap.html
>https://www.wireshark.org/docs/man-pages/tshark.html
>
>>
>>Try feeding the output into dumpcap instead of Wireshark:
>>
>>mergecap -w - infile1.pcap infile2.pcap | dumpcap -i -w outfile -b filesize:200
>
>Doesn't work for me:(
>
>>
>>http://www.wireshark.org/docs/man-pages/dumpcap.html
>>
>>--
>>Join us for Sharkfest?09 | Stanford University, June 15 ? 18
>>http://www.cacetech.com/sharkfest.09/
>
>Of course
>>
>>EARLY REGISTRATION DISCOUNTS through JANUARY 31, 2009
>>___________________________________________________________________________
>>Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
>>Archives: http://www.wireshark.org/lists/wireshark-dev
>>Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
>
>
>
>___________________________________________________________________________
>Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
>Archives: http://www.wireshark.org/lists/wireshark-dev
>Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
>
>Please do not print this email unless it is absolutely necessary.
>
>The information contained in this electronic message and any attachments
>to this message are intended for the exclusive use of the addressee(s) and
>may contain proprietary, confidential or privileged information. If you
are
>not the intended recipient, you should not disseminate, distribute or copy
>this e-mail. Please notify the sender immediately and destroy all copies
>of this message and any attachments.
>
>WARNING: Computer viruses can be transmitted via email. The recipient should
>check this email and any attachments for the presence of viruses. The company
>accepts no liability for any damage caused by any virus transmitted by this
>email.
>
>www.wipro.com
>
>Bijlage: winmail.dat
>
>___________________________________________________________________________
>Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
>Archives: http://www.wireshark.org/lists/wireshark-dev
>Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
Please do not print this email unless it is absolutely necessary.
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
www.wipro.com
- Follow-Ups:
- Re: [Wireshark-dev] Query on loading packets usingcommand line options
- From: j . snelders
- Re: [Wireshark-dev] Query on loading packets usingcommand line options
- References:
- Re: [Wireshark-dev] Query on loading packets using command line options
- From: j . snelders
- Re: [Wireshark-dev] Query on loading packets using command line options
- Prev by Date: Re: [Wireshark-dev] packet-vnc.c - DEST_PORT_VNC macro - is it even needed?
- Next by Date: Re: [Wireshark-dev] Query on loading packets usingcommand line options
- Previous by thread: Re: [Wireshark-dev] Query on loading packets using command line options
- Next by thread: Re: [Wireshark-dev] Query on loading packets usingcommand line options
- Index(es):