[Bro] Bro on other Packet Trace Dumps.
Jonathan Paisley
jp-www at dcs.gla.ac.uk
Mon Mar 28 01:40:48 PST 2005
On 28 Mar 2005, at 9:59, Dana Zhang wrote:
> my packets were captured using a DAG2 system. traces are in DAG
> format, which is a fixed 64 bytes record format with 40 bytes of IP
> header. I extracted from my binary to make it look like a tcpdump
> file.
You can probably use Endace's 'dagconvert' utility to convert from the
DAG format to pcap format.
pcap format /is/ the tcpdump binary format. You get this if you use the
'-w file' option to tcpdump. Otherwise, it just outputs a textual
description of the packets.
More information about the Bro
mailing list