Wireshark-users: Re: [Wireshark-users] SIP text to PCAP Possible?
From: Anders Broman <a.broman@xxxxxxxxxxxx>
Date: Tue, 04 Feb 2014 23:02:24 +0100
If you figure out how to write pcap(ng) files from perl using the "exported PDU" format might be an idea
see epan/exported_pdu.h

Regards
Anders


Evan Huus skrev 2014-02-04 15:19:
Hi Jamie, if you can perl it into a hexdump format, Wireshark comes
with a tool "text2pcap" which will turn that into a pcap file. I'm not
aware of anything else that does what you're looking for though.

Cheers,
Evan

On Tue, Feb 4, 2014 at 8:37 AM, Jamie O. Montgomery
<Jamie.Montgomery@xxxxxxxxxxxxx> wrote:
Tip of the hat to the WireShark community.



I'm looking for a way to take SIP messages from a text log and create a PCAP
file to view in WireShark. I've got some rudimentary PERL skills that could
take the text log file and parse the text to create some dummy information
for all the headers, but I haven't found a way to create a PCAP file from
scratch. I wanted to ask if such an effort had been made in the community.



We provide VoIP to our customers, and reading through large log files is
very time consuming. We're much better at parsing PCAP files in WireShark.
We can't capture the VoIP traffic due to the magnitude of data we deal with.



Thanks in advance.



Jamie M



The information contained in this e-mail message and any attachments thereto
are confidential, privileged, or otherwise protected from disclosure, and
are intended for the use of the individual or entity named above.
Dissemination, distribution or copying of this message and any attachments
by anyone other than the intended recipient, or an employee or agent
responsible for delivering the message to the intended recipient, is
prohibited. If you have received this communication in error, please
immediately notify the sender by telephone or e-mail and destroy the
original message, attachments, and all copies.




___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users

mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
              mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe