diff options
author | Gilbert Ramirez <gram@alumni.rice.edu> | 2000-06-08 03:09:32 +0000 |
---|---|---|
committer | Gilbert Ramirez <gram@alumni.rice.edu> | 2000-06-08 03:09:32 +0000 |
commit | 4984788880d99bceffaf1630ea1ff0190c6bd55c (patch) | |
tree | d1a002bf249b68039e5e73b3917fd944ee353bbf /wiretap/README | |
parent | 8130072d19a4aea938056136256ef737322266d9 (diff) | |
download | wireshark-4984788880d99bceffaf1630ea1ff0190c6bd55c.tar.gz |
Document the fact that we can now read compressed Sniffer files.
svn path=/trunk/; revision=2047
Diffstat (limited to 'wiretap/README')
-rw-r--r-- | wiretap/README | 30 |
1 files changed, 16 insertions, 14 deletions
diff --git a/wiretap/README b/wiretap/README index 7d1d621fd0..b68bebf9b2 100644 --- a/wiretap/README +++ b/wiretap/README @@ -1,4 +1,4 @@ -$Id: README,v 1.21 2000/02/19 08:49:16 guy Exp $ +$Id: README,v 1.22 2000/06/08 03:09:32 gram Exp $ Wiretap is a library that is being developed as a future replacement for libpcap, the current standard Unix library for packet capturing. Libpcap @@ -49,14 +49,14 @@ The "libpcap" file format was determined by reading the "libpcap" code; wiretap reads the "libpcap" file format with its own code, rather than using the "libpcap" library's code to read it. -Sniffer (uncompressed) +Sniffer (compressed and uncompressed) ------- -The Sniffer format is documented in the Sniffer manual. Unfortunately, -Sniffer manuals tend to document only the format for the Sniffer model -they document. Token-Ring and ethernet seems to work well, though. -If you have an ATM Sniffer file, both Guy and Gilbert would be *very* -interested in receiving a sample. (see 'AUTHORS' file for our e-mail -addresses). +The uncompressed Sniffer format is documented in the Sniffer manual. +Unfortunately, Sniffer manuals tend to document only the format for +the Sniffer model they document. Token-Ring and ethernet seems to work +well, though. If you have an ATM Sniffer file, both Guy and Gilbert +would be *very* interested in receiving a sample. (see 'AUTHORS' file +for our e-mail addresses). LANalyzer --------- @@ -118,12 +118,14 @@ should work. Toshiba ISDN Router ------------------- An under-documented command that the router supports in a telnet session -is "snoop" (not related to the Solaris "snoop" command). If you give it -the "dump" option, you'll get a hex dump of all packets across the router -(except of your own telnet session -- good thinking Toshiba!). You can -select a certain channel to sniff (LAN, B1, B2, D), but the default is all -channels. You save this hex dump to disk with 'script' or by 'telnet | -tee'. Wiretap will read the ASCII hex dump and convert it to binary data. +is "snoop" (not related to the Solaris "snoop" command). If you give +it the "dump" option (either by letting "snoop" query you for its next +argument, or typing "snoop dump" on the command line), you'll get a hex +dump of all packets across the router (except of your own telnet session +-- good thinking Toshiba!). You can select a certain channel to sniff +(LAN, B1, B2, D), but the default is all channels. You save this hex +dump to disk with 'script' or by 'telnet | tee'. Wiretap will read the +ASCII hex dump and convert it to binary data. Gilbert Ramirez <gram@xiexie.org> Guy Harris <guy@alum.mit.edu> |