Gustavo wrote: > Hello everybody. > > I was asked to study a way for communicating between Wireshark and a > commercial tool in Windows. Wireshark should analyze network traffic, > dissect it and pass (part of) it to the commercial tool for further > analysis and statistics.
What exactly do you want to feed into the other tool? The ASCII decode like: > Ethernet II, Src: 00:14:4f:94:bb:0d (00:14:4f:94:bb:0d), Dst: > 00:0e:0c:b5:22:3b (00:0e:0c:b5:22:3b) > Destination: 00:0e:0c:b5:22:3b (00:0e:0c:b5:22:3b) > Address: 00:0e:0c:b5:22:3b (00:0e:0c:b5:22:3b) > .... ...0 .... .... .... .... = IG bit: Individual address (unicast) > .... ..0. .... .... .... .... = LG bit: Globally unique address > (factory default) > Source: 00:14:4f:94:bb:0d (00:14:4f:94:bb:0d) > Address: 00:14:4f:94:bb:0d (00:14:4f:94:bb:0d) > .... ...0 .... .... .... .... = IG bit: Individual address (unicast) > .... ..0. .... .... .... .... = LG bit: Globally unique address > (factory default) > Type: IP (0x0800) ? In that case you should probably use 'tshark' and you could (I suppose this would work on Windows) do something like: tshark -V -r /some/cap/file | the_other_analyzer though I doubt that the commercial tool will really understand this output... ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
