On Tue, 14 Oct 2003, Guy Harris wrote:
>
> On Oct 14, 2003, at 4:12 PM, Joe Patterson wrote:
>
> > There are two filetypes (sort of...) that I was wondering how
> > difficult it
> > might be to get ethereal to handle (and what good it might do...)
> >
> > One, which is perhaps the most novel, is handling packet dumps from
> > cisco
> > routers. On a Cisco router, if you issue the command "debug ip packet
> > {access-list #} dump", it will start dumping the hex representation of
> > the
> > full packets which match the access-list #. If you have your syslog
> > set to
> > debug level, it will actually log these to a syslog server. It seems
> > that
> > it shouldn't be *terribly* difficult to write a parser that reads in a
> > syslog file, gets the time/date stamps from each syslog message, and
> > the
> > data from the hexdump, and parses it into something that can be easily
> > displayed in ethereal. Anyone have any thoughts?
>
> If one wanted to implement that, one might want to look at some of the
> other text-file dump readers in the wiretap directory.
Someone already posted a Perl script to convert these to the correct
format.
Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
