my server has very old perl 5.005 (and upgrade is not an option).
and I wish to go through number of pcap file.
I tried to manually install Net::Pcap w/ no success.
Next thing I am wondering about is, is there way for me to peek into the individual *.cap file and
see what it contains?
Here are my main problem
1)I have looked at cap file with wireshark but do not understand where each packet starts and end.
Trying to see if I can just byte count(if i can tell where each packet starts and stops) till specifics
of each payload(UDP for example).
2)Can you just read first 100k of cap file and save it to another name? meaning will it retain valid
cap format and just less of it(say if original file was 1Mb).
3)can someone give me a good pointer or link where binary file is well explained?
thank you so much
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.