If the Tethereal program can dump or export in some fashion to acsii then I
can parse it. As for restarting the process - A capture file can capture in
most cases only so much data. I want to reinitiate the capture if it has a
buffer limit.
Paul Tretter
----- Original Message -----
From: "Guy Harris" <guy@xxxxxxxxxx>
To: "Paul Tretter" <ptretter@xxxxxxxxxxx>
Cc: "Guy Harris" <guy@xxxxxxxxxx>; <ethereal-dev@xxxxxxxxxxxx>
Sent: Thursday, July 19, 2001 6:17 PM
Subject: Re: [Ethereal-dev] Running from Command line and suppress the GUI
> > Yes. I want to capture mostly the data portion of the delivery. I have
been
> > able to do this with Ethereal from the window however its to evident for
my
> > purposes.
>
> "Evident" in what sense?
>
> > I want to create a utility that will capture for example the
> > total communications between MSN clients or AIM clients for example. I
know
> > I can do it as I have a very powerful parsing language. My next
questions
> > is - does Tethereal capture to standard ascii based file formats?
>
> What "standard ascii based file formats" are you thinking of?
>
> Tethereal can be thought of as a command-line version of Ethereal, in
> that it uses the same *binary* format for saving captures (libpcap
> format) that Ethereal does.
>
> Ethereal can print a textual dissection of a capture to a file, using
> the "File->Print" menu item. If you run Tethereal without the "-w"
> flag, it prints, to its standard output, the same sort of stuff that
> Ethereal would print to a file using "File->Print" (because the
> dissectors in Ethereal and Tethereal are the same).
>
> > Also, is
> > there a mechanism for restarting the capture process from the command
line
> > or does that mean to restart the whole application again.
>
> What do you mean by "restarting the capture process"? If you're
> capturing traffic to a file, the application *is* the capture process,
> so the way you restart the capture process *is* by restarting the
> application.
