Brad Fitzpatrick (brad) wrote,
Brad Fitzpatrick
brad

pcap question

I have a 76 MB tcpdump capture file.

Any way I can easily dump the first 100-200k of each TCP connection as a text file into a directory? And showing both directions as ethereal's "Follow TCP stream" does, though I don't need color coding.

I just want to run a (large) regexp against all the flows and pick out certain ones.

Surely this has been done before, so what should I use?
Subscribe
  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 5 comments