antonionestola_@xxxxxxxxx wrote:
Good morning,I am a student of ingegnery of tlc, e for my work of thesis I have to open e read same trace of traffic,as for example the attachment,but this trace is in dag format e I don't know to read whit wireshark.Please,help me.thanks......
Questo messaggio contiene i seguenti allegati:
* 20000125-143640-1.gz (197997389 byte)
Wireshark supports reading Endace 'ERF' format files created using DAG
cards.
A file that old is probably not in ERF format, it may be DAG 'legacy'
format, which is not supported by Wireshark.
I think you are looking at this file:
http://wand.cs.waikato.ac.nz/wits/auck/2/20000125-143640-1.php
The information on the Auckland-II trace set says:
"The recommended method for processing these traces is to use Libtrace,
which we have developed. There are a number of tools included with
libtrace such as a packet dumping utility, a trace format converter (for
example, to convert to pcap), a trace splitting/filtering tool and a few
statistic generators. We suggest you examine the Libtrace Wiki for more
details on the Libtrace tools and the library itself."
http://wand.cs.waikato.ac.nz/wits/auck/2/auckland_ii.php
Using Libtrace you could perhaps convert the file into pcap format in
order to read it with Wireshark.
Stephen.
--
-----------------------------------------------------------------------
Stephen Donnelly BCMS PhD email: sfd@xxxxxxxxxx
Endace Technology Ltd phone: +64 7 839 0540
Hamilton, New Zealand cell: +64 21 1104378
-----------------------------------------------------------------------