Archived from groups: comp.dcom.lans.ethernet (More info?)
If anyone out there has used SoftPerfect's Network Analyzer, I need to
find a way to convert the capture files I have from their format to
something more in line with a generla .CAP format used by programs such
as Ethereal. I'm not a programmer, but I do have the Capture file
format as follows:
CAP - is a capture file in which captured packets (sessions) are
stored.
Offset Size Name Description
0x0 - 0x2 3 Bytes CAPSIGN Signature line. This string value
always equal to "CAP".
0x3 1 Byte CAPVER In this version of the software the
value is always 1.
0x4 - 0x7 4 Bytes VTOTAL A long integer number (DWord). It is
equal to the total number of data packets in a file.
VTOTAL packet records then follow the above header data. Here is the
format of each variable length packet record:
- 8 Bytes TIMESTAMP A Double type number holding the date and time the
packet was received.
- 2 Bytes PKTLEN A Word type number, which gives the packet's length.
- PKTLEN PKTDATA A block of PKTLEN length. This is the packet's data.
If anyone could offer a utility (Ethereal's will not work..already
tried) or an easy solution, I'd be most appreciative. Thanks.
AL
If anyone out there has used SoftPerfect's Network Analyzer, I need to
find a way to convert the capture files I have from their format to
something more in line with a generla .CAP format used by programs such
as Ethereal. I'm not a programmer, but I do have the Capture file
format as follows:
CAP - is a capture file in which captured packets (sessions) are
stored.
Offset Size Name Description
0x0 - 0x2 3 Bytes CAPSIGN Signature line. This string value
always equal to "CAP".
0x3 1 Byte CAPVER In this version of the software the
value is always 1.
0x4 - 0x7 4 Bytes VTOTAL A long integer number (DWord). It is
equal to the total number of data packets in a file.
VTOTAL packet records then follow the above header data. Here is the
format of each variable length packet record:
- 8 Bytes TIMESTAMP A Double type number holding the date and time the
packet was received.
- 2 Bytes PKTLEN A Word type number, which gives the packet's length.
- PKTLEN PKTDATA A block of PKTLEN length. This is the packet's data.
If anyone could offer a utility (Ethereal's will not work..already
tried) or an easy solution, I'd be most appreciative. Thanks.
AL
Facebook
Twitter
Instagram