parsing pcap-ng files


No such thing as a small change
	PerlMonks

parsing pcap-ng files

by kathys39 (Acolyte)

on Apr 10, 2012 at 15:51 UTC ( #964350=perlquestion: print w/ replies, xml )

Need Help??

kathys39 has asked for the wisdom of the Perl Monks concerning the following question:

Has anyone had any luck parsing the new pcap-ng files from wireshark? Or netmon files? My client uses netmon to collect data, which I am trying to convert to normal libpcap file. I opened them in wireshark, but wireshark now only exports to pcap-ng. The net::Pcap modules seem to handle only pcap file, not the newer pcap-ng files. TIA for any help

Comment on parsing pcap-ng files
Re: parsing pcap-ng files by Anonymous Monk on Apr 26, 2012 at 20:20 UTC
You need to upgrade libpcap libpcap-1.2.1 works for me on CentOS 6 Andrew Daviel	[reply]
Re^2: parsing pcap-ng files by erikh (Initiate) on Nov 28, 2012 at 16:11 UTC
You can also try to convert the pcap-ng file to libpcap format at http://pcapng.com/	[reply]
Re^3: parsing pcap-ng files by harryd100 (Initiate) on Feb 15, 2013 at 18:53 UTC
Just convert it: editcap -F libpcap <file.pcapng> <file.pcap>	[reply]

Back to Seekers of Perl Wisdom

Node Status^?

node history
Node Type: perlquestion [id://964350]
Approved by marto
Front-paged by Old_Gray_Bear
help

Chatterbox^?

How do I use this? | Other CB clients

Other Users^?

Others studying the Monastery: (6)

As of 2013-05-26 00:42 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?

The best material for plates (tableware) is:

Results (521 votes), past polls