Hello Yefim,

For the Ethereal native file format (libpcap/WindPcap), this is a starting
point: http://wiki.wireshark.org/Development/LibpcapFileFormat

Alternately, you could convert the captures to PDML format (an XML based
format) which would make the packets easier to process (as in simpler code),
but generate tons of data.

Hope this helps.

Good luck!
Abhik.

On 7/3/07, Yefim Rozenkrants <[EMAIL PROTECTED]> wrote:



I need to extract from capture file ( saved with ethereal) packet streams
to different computers in the local network. Therefore I need to parse the
capture file. I would like to get an advice how to start this project. What
is the capture file structure and where I can find it. The development will
be in windows environment (visual studio 2005).

Any advice will be kindly appreciated



Thanks Yefim



_______________________________________________
Wireshark-dev mailing list
[email protected]
http://www.wireshark.org/mailman/listinfo/wireshark-dev


_______________________________________________
Wireshark-dev mailing list
[email protected]
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Reply via email to