Thanks, you were right. Besides, I needed to use the '-n' option in my capture tcpdump Regards, María
> Date: Wed, 9 Sep 2009 14:46:57 +0200 > From: [email protected] > To: [email protected] > CC: [email protected] > Subject: Re: [Click] FromDump format > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > María Gómez wrote: > > Hello clickers!! > > > > I have a couple of questions about the FromDump element: > > > > 1- I > > have captured the traffic with tcpdump and wireshark and with > > 'FromDevice(ath0)-> ToDump(capture.dump)' (i use .dump and .cap), > > but I don't know if the file > > format is correct. That is, the format must be in some specific way? > > FromDump uses pcap format[1], which is a binary format containing some > meta-data and the literal packets , use tcpdump -w to write pcap files > > > For example: > > 'time' IP 1.0.0.1.1234 2.0.0.2.1234 : UDP, length 80 > > this is an ascii pretty print, but no dump format > > > 2- Why not print IPPrint element? My configuration: > > because it again gives you some pretty print, but no pcap file > > harald > > 1) e.g. http://wiki.wireshark.org/Development/LibpcapFileFormat > > > - -- > Harald Schiöberg > Technische Universität Berlin | T-Laboratories | FG INET > www: http://www.net.t-labs.tu-berlin.de > Phone: +49-(0)30-8353-58476 | Fax: +49-(0)391 534 783 47 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFKp6PBy8wrZ9OvkU0RAvbPAKCvIViZrZhjATDkb+05ctd+dy7OPQCfQI0Y > ctXJUhI2YmHuLI5f3BxI+u8= > =7M/y > -----END PGP SIGNATURE----- _________________________________________________________________ Messenger cumple 10 años ¡Descárgate ya los nuevos emoticonos! http://www.vivelive.com/felicidades _______________________________________________ click mailing list [email protected] https://amsterdam.lcs.mit.edu/mailman/listinfo/click
