[EMAIL PROTECTED] wrote:
Command line would be preferred. But I'm also wondering if maybe what I
wanted to do here was misunderstood. I don't want to simply pick all the
GRE packets and save those in pcap format. I want to pick the GRE packets
and save them *without* the outer IP + GRE header, in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
>
> Command line would be preferred. But I'm also wondering if maybe what I
> wanted to do here was misunderstood. I don't want to simply pick all the
> GRE packets and save those in pcap format. I want to pick the GRE packets
> and save them *without
> Well, you can open your pcap file with Wireshark (ethereal), select
> the packets you want using the filter and saving them using the
> standard "save as" option.
>
> Is it enough or you need something more "scriptable" that can be done
> from the command-line?
Command line would be preferred.
Luis Martin Garcia wrote:
Well, you can open your pcap file with Wireshark (ethereal), select
the packets you want using the filter and saving them using the
standard "save as" option.
He doesn't want packets saved as is, he wants *transformed* versions of
the packets written to the new file:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Well, you can open your pcap file with Wireshark (ethereal), select
the packets you want using the filter and saving them using the
standard "save as" option.
Is it enough or you need something more "scriptable" that can be done
from the command-line?
Does anybody know of a good tool for stripping parts of the packets in
a pcap file? Say I have a pcap file containing GRE encapsulated info,
and I want to strip the outer IP + GRE headers and leave the rest,
writing out the result to another (valid) pcap file - which should of
course be readable b
