On 07/10/11 00:53, Guy Harris wrote:
> On Jul 9, 2011, at 7:50 PM, Alokat wrote:
>
>> Just for sure:
>>
>> *Ethernet packet*
>>
>> means a layer 2 (OSI / ISO model) packet right?
> Yes.
> -
> This is the tcpdump-workers list.
> Visit https://cod.san
On 07/10/11 00:25, Guy Harris wrote:
> On Jul 9, 2011, at 7:01 PM, Alokat wrote:
>
>> I'm wondering whats the difference between the pcap_packet and the payload?
> What do you mean by "the payload"?
>
>> I have seen that you can extract the payload like
Hi,
I'm wondering whats the difference between the pcap_packet and the payload?
I have seen that you can extract the payload like this:
payload = (u_char *)(packet + SIZE_ETHERNET + size_ip + size_tcp);
Contains the packet_data some more information?
Regards,
alokat
-
This is the tc
On 07/09/11 21:56, Guy Harris wrote:
> On Jul 9, 2011, at 4:41 PM, Alokat wrote:
>
>> I'm wondering what is in the pcap_data (pcap file format) and what is not?
>> Especially the timestamp ... is it just in the packet_header or in the
>> packet_data too?
>
Hi,
I'm wondering what is in the pcap_data (pcap file format) and what is not?
Especially the timestamp ... is it just in the packet_header or in the
packet_data too?
Regards,
alokat
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
On 06/22/2011 08:05 PM, Guy Harris wrote:
On Jun 22, 2011, at 10:48 AM, Alokat wrote:
I have to save some pcap packets into a file for later analyzing.
But I have some problems with creating the pcap file for it.
Do I have to call first functions like fopen() to create a dump file
Hi guys,
I have to save some pcap packets into a file for later analyzing.
But I have some problems with creating the pcap file for it.
Do I have to call first functions like fopen() to create a dump file?
Cause pcap_open_offline crashes if there is no file available under:
const char* fname
Reg
