Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
|
Here is another way to do it...
I do a lot of VoIP (SIP and MGCP) analysis where I have to do the same type of thing. I get a capture buffer of the data I want, then to a File -> Print and save the output to a flat file. You can save either the entire decoded packets or just the display header of each message (which is what I use mostly). I then write Perl scripts that then crunch the flat file for the data I want. An example of what that output looks like is below. I have added through Preferences -> Columns the source and destination ports as that is something I have to look at.
hope this helps.
Mike
18 0.000765 69.1.1.39 69.1.1.11 SIP/SDP 20569 5060 Status: 200 OK, with session description 19 0.000805 69.1.1.39 69.1.1.11 SIP/SDP 19580 5060 Status: 200 OK, with session description 20 0.000862 69.1.1.39 69.1.1.11 SIP/SDP 17410 5060 Status: 200 OK, with session description 21 0.000901 69.1.1.11 69.1.1.39 SIP 5060 19582 Request: OPTIONS sip:9403432583@69.1.1.39:19582 22 0.000941 69.1.1.11 69.1.1.39 SIP 5060 18056 Request: OPTIONS sip:9403431057@69.1.1.39:18056 23 0.000981 69.1.1.39 69.1.1.11 SIP/SDP 19583 5060 Status: 200 OK, with session description 24 0.001021 69.1.1.39 69.1.1.11 SIP/SDP 20414 5060 Status: 200 OK, with session description 25 0.001060 69.1.1.39 69.1.1.11 SIP/SDP 19582 5060 Status: 200 OK, with session description 26 0.001117 69.1.1.39 69.1.1.11 SIP 18051 5060 Request: REGISTER sip:69.1.1.39 27 0.001157 69.1.1.70 69.1.1.11 SIP 20076 5060 Request: REGISTER sip:69.1.1.70 28 0.001198 69.1.1.11 69.1.1.39 SIP 5060 18051 Status: 200 OK (1 bindings) 29 0.001237 69.1.1.11 69.1.1.39 SIP 5060 18051 Request: OPTIONS sip:9403431052@69.1.1.39:18051 30 0.001277 69.1.1.11 69.1.1.70 SIP 5060 20076 Status: 200 OK (1 bindings) 31 0.001316 69.1.1.11 69.1.1.70 SIP 5060 20076 Request: OPTIONS sip:9403423077@69.1.1.70:20076 32 0.001356 69.1.1.11 69.1.1.39 SIP 5060 19581 Request: OPTIONS sip:9403432582@69.1.1.39:19581
From:
ethereal-users-bounces@xxxxxxxxxxxx [mailto:ethereal-users-bounces@xxxxxxxxxxxx]
On Behalf Of Adam Green
Apologies, I see the latest version has more than adequate export functionality.
Kind Regards, Adam
From: Adam Green
[mailto:adam@xxxxxxxxxxxxxxxxxxx]
Dear All,
I would imagine this question comes up all the time. I have looked through the archives, but with the time I have available to me, I have been unable to find anything relevant.
I would like to use Ethereal to analyse the performance of various wireless network scenarios. Typically this will focus upon transportation of MPEG streams.
Within this use case, the frequency at which packets are dispatched and received is of importance. I would like to be able to extract this data from Ethereal. The data field is “Time Delta from Previous Packet” and is one of many aspects I would like to investigate.
I have looked for some form of export function, so that the number crunching can be automated. Even exporting it to a text file would allow regular expressions to be used against it. Yet I can find no method of doing this.
I would be most grateful if someone could give me a nudge in the right direction.
Sincere Thanks, Adam |
- Prev by Date: [Ethereal-users] FW: Analysing output data
- Next by Date: Re: [Ethereal-users] Is it possible to supress ICQ: Unknownversionmessage?
- Previous by thread: [Ethereal-users] FW: Analysing output data
- Next by thread: [Ethereal-users] Intermittent Network Fault - Newbie Protocol Analyser Help
- Index(es):
