subject:"\[tcpdump\-workers\] NTAR \- PCAP next generation dump file format"

Re: [tcpdump-workers] NTAR - PCAP next generation dump file format

2005-06-26 Thread Gianluca Varenni

ect: Re: [tcpdump-workers] NTAR - PCAP next generation dump file format Hi Ronnie, On Sat, 2005-06-25 at 20:48 -0400, ronnie sahlberg wrote: I often work with very very large capture files and often want to only extract a very small subset (packets captured between time X and time Y). This is

Re: [tcpdump-workers] NTAR - PCAP next generation dump file format

2005-06-26 Thread Christian Kreibich

Hi Ronnie, On Sat, 2005-06-25 at 20:48 -0400, ronnie sahlberg wrote: > > I often work with very very large capture files and often want to only > extract a very small subset (packets captured between time X and time > Y). > This is very very slow with the current fileformats doe to the massive > a

Re: [tcpdump-workers] NTAR - PCAP next generation dump file format implementation

2005-06-25 Thread ronnie sahlberg

The draft describes two different blocks for holding a captured packet: Packet Block: it contains a single captured packet, or a portion of it. Simple Packet Block: it contains a single captured packet, or a portion of it, with only a minimal set of information about it. I often work with very

Re: [tcpdump-workers] NTAR - PCAP next generation dump file format

Re: [tcpdump-workers] NTAR - PCAP next generation dump file format

Re: [tcpdump-workers] NTAR - PCAP next generation dump file format implementation

3 matches

Site Navigation

Mail list logo

Footer information