Hello Yefim, For the Ethereal native file format (libpcap/WindPcap), this is a starting point: http://wiki.wireshark.org/Development/LibpcapFileFormat
Alternately, you could convert the captures to PDML format (an XML based format) which would make the packets easier to process (as in simpler code), but generate tons of data. Hope this helps. Good luck! Abhik. On 7/3/07, Yefim Rozenkrants <[EMAIL PROTECTED]> wrote:
I need to extract from capture file ( saved with ethereal) packet streams to different computers in the local network. Therefore I need to parse the capture file. I would like to get an advice how to start this project. What is the capture file structure and where I can find it. The development will be in windows environment (visual studio 2005). Any advice will be kindly appreciated Thanks Yefim _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
_______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
