Hi,
not completely sure, but I think "tcpdump -r file" will read from your
file and dump some basic information.
You could rewrite it (I think) with -w new_file dumping only what you need.
Anyway, you should definitely check the man page of tcpdump (or online
help if not in linux)
Hope this helps.
Cheers,
Estani
On 09/27/2010 04:49 PM, Simon Greifswald wrote:
Hello,
I have several gigabytes of dumped network traffic in files, and I need to
extract the payload from each packet. So, I want to discard all link layer,
internet layer, transport layer headers and only extract the udp packet's
payload in a new file.
If it were not so much data, I used the wireshark gui's "Follow stream"
function, but sadly this is not an option since there are too many files to
parse. I would rather have a script do it for me. So what I need is a way
using tshark, tcpdump or so to strip the headers from the packets.
Does anyone know a tool which can be used to do this?
Thanks in advance,
Simon
___________________________________________________________________________
Sent via: Wireshark-users mailing list<wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
--
Estanislao Gonzalez
Max-Planck-Institut für Meteorologie (MPI-M)
Deutsches Klimarechenzentrum (DKRZ) - German Climate Computing Centre
Room 108 - Bundesstrasse 45a, D-20146 Hamburg, Germany
Phone: +49 (40) 46 00 94-126
E-Mail: estanislao.gonzalez@xxxxxxx