brad's life

I have a 76 MB tcpdump capture file.

Any way I can easily dump the first 100-200k of each TCP connection as a text file into a directory? And showing both directions as ethereal's "Follow TCP stream" does, though I don't need color coding.

I just want to run a (large) regexp against all the flows and pick out certain ones.

Surely this has been done before, so what should I use?

Via patrick:

http://komotv.com/news/story.asp?ID=33602

School District Bans Halloween
....
The district says Halloween celebrations and children dressed in Halloween costumes might be offensive to real witches.

I know people say Perl looks ugly, but man...

From OpenIPMI's bmclanconf:

hex_to_ip ()
{
    test $# -ge 1 || return;
    local HEX B1 B2 B3 B4;
    HEX=`echo $1 | tr '[:lower:]' '[:upper:]'`;
    H1=`echo $HEX | cut -c1-2`
    H2=`echo $HEX | cut -c3-4`
    H3=`echo $HEX | cut -c5-6`
    H4=`echo $HEX | cut -c7-8`
    B1=`echo 10 o 16 i $H1 p | dc`
    B2=`echo 10 o 16 i $H2 p | dc`
    B3=`echo 10 o 16 i $H3 p | dc`
    B4=`echo 10 o 16 i $H4 p | dc`
    echo "$B1.$B2.$B3.$B4"
}

Not sure if I should be impressed or disgusted. Kinda my reaction when I see anything done in a shell.

I used to complain about TCL, but shell scripts piping things into new programs left and right... is that anywhere near efficient? Or does it come down to just not mattering? I suspect.

IPMI is frickin' awesome, though.