[Click] FromDump format
María Gómez
maria_gn1 at hotmail.com
Tue Sep 15 06:03:16 EDT 2009
Thanks,
you were right.
Besides, I needed to use the '-n' option in my capture tcpdump
Regards,
María
> Date: Wed, 9 Sep 2009 14:46:57 +0200
> From: harald at net.t-labs.tu-berlin.de
> To: maria_gn1 at hotmail.com
> CC: click at pdos.csail.mit.edu
> Subject: Re: [Click] FromDump format
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> María Gómez wrote:
> > Hello clickers!!
> >
> > I have a couple of questions about the FromDump element:
> >
> > 1- I
> > have captured the traffic with tcpdump and wireshark and with 'FromDevice(ath0)-> ToDump(capture.dump)' (i use .dump and .cap),
> > but I don't know if the file
> > format is correct. That is, the format must be in some specific way?
>
> FromDump uses pcap format[1], which is a binary format containing some
> meta-data and the literal packets , use tcpdump -w to write pcap files
>
> > For example:
> > 'time' IP 1.0.0.1.1234 2.0.0.2.1234 : UDP, length 80
>
> this is an ascii pretty print, but no dump format
>
> > 2- Why not print IPPrint element? My configuration:
>
> because it again gives you some pretty print, but no pcap file
>
> harald
>
> 1) e.g. http://wiki.wireshark.org/Development/LibpcapFileFormat
>
>
> - --
> Harald Schiöberg
> Technische Universität Berlin | T-Laboratories | FG INET
> www: http://www.net.t-labs.tu-berlin.de
> Phone: +49-(0)30-8353-58476 | Fax: +49-(0)391 534 783 47
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFKp6PBy8wrZ9OvkU0RAvbPAKCvIViZrZhjATDkb+05ctd+dy7OPQCfQI0Y
> ctXJUhI2YmHuLI5f3BxI+u8=
> =7M/y
> -----END PGP SIGNATURE-----
_________________________________________________________________
Messenger cumple 10 años ¡Descárgate ya los nuevos emoticonos!
http://www.vivelive.com/felicidades
More information about the click
mailing list