Printable View
hy guys
is there a way for capture traffic in my eth0 and savi it in a file?
the traffic must with header and payload
thank a lot
scuse me for my bad english
--
Riccardo ([url]http://termitano.myminicity.com[/url], visitate e se volete partecipate
sul [url]http://www.iltermitano.it/[/url])
A computer is like an air conditioner,
it stops working when you open Windows.
Registered Linux user #457776
On Sep 5, 9:34*am, RicK_Murphy
<rmarfisiDA_QUI_NO_SPAM_LEVA_TOGLI_TUTTO_QUELLO@IN_MAIUSCOLO_A_QUIinwind.it>
wrote:[color=blue]
> hy guys
>
> is there a way for capture traffic in my eth0 and savi it in a file?
>
> the traffic must with header and payload
>
> thank a lot
>
> scuse me for my bad english[/color]
Use 'tcpdump'.
DS
David Schwartz alle Friday 05 September 2008 18:49 ha scritto:
[color=blue]
>
> Use 'tcpdump'.[/color]
I have tryed it with command:
tcpdumd -i eth0 -n -w ./file
but file contains character not readable :(
can i read it with java and extract the payload with ip sender and ip
receiver?
thanks
--
Riccardo ([url]http://termitano.myminicity.com[/url], visitate e se volete partecipate
sul [url]http://www.iltermitano.it/[/url])
A computer is like an air conditioner,
it stops working when you open Windows.
Registered Linux user #457776
RicK_Murphy
<rmarfisiDA_QUI_NO_SPAM_LEVA_TOGLI_TUTTO_QUELLO@IN_MAIUSCOLO_A_QUIinwind.it>
writes:
[color=blue]
> David Schwartz alle Friday 05 September 2008 18:49 ha scritto:
>[color=green]
>>
>> Use 'tcpdump'.[/color]
>
> I have tryed it with command:
>
> tcpdumd -i eth0 -n -w ./file
>
> but file contains character not readable :(
>
> can i read it with java and extract the payload with ip sender and ip
> receiver?
>
> thanks[/color]
You can read it with tcpdump -r ./file.
Daniel
--
Daniel Horecki
[url]http://morr.pl[/url] [url]http://linux.pl[/url] [url]http://netbsd.pl[/url]
HAIL ERIS!
On Sep 5, 9:56*am, RicK_Murphy[color=blue]
> I have tryed it with command:
>
> tcpdumd -i eth0 -n -w ./file
>
> but file contains character not readable :([/color]
How did you try to read it?
[color=blue]
> can i read it with java and extract the payload with ip sender and ip
> receiver?[/color]
Certainly. The libpcap file format is well-documented. See the link
below:
[url]http://wiki.wireshark.org/Development/LibpcapFileFormat[/url]
DS
RicK_Murphy wrote:[color=blue]
> David Schwartz alle Friday 05 September 2008 18:49 ha scritto:
>[color=green]
>> Use 'tcpdump'.[/color]
>
> I have tryed it with command:
>
> tcpdumd -i eth0 -n -w ./file
>
> but file contains character not readable :(
>
> can i read it with java and extract the payload with ip sender and ip
> receiver?[/color]
You should increase the packet capture size with -s if you want more
than the headers.
You can read the resultant file with tcpdump or wireshark.
There might be something in Java that can read pcap file formats, or you
can probably write one, or you can just use tcpdump or wireshark.
Allen Kistler alle Friday 05 September 2008 21:23 ha scritto:
[color=blue]
> There might be something in Java that can read pcap file formats, or you
> can probably write one, or you can just use tcpdump or wireshark.[/color]
thanks
I find it: jpcap
for java
thanks a lot
--
Riccardo ([url]http://termitano.myminicity.com[/url], visitate e se volete partecipate
sul [url]http://www.iltermitano.it/[/url])
A computer is like an air conditioner,
it stops working when you open Windows.
Registered Linux user #457776
Allen Kistler <ackistler@oohay.moc> writes:
[color=blue]
> You should increase the packet capture size with -s if you want more
> than the headers.[/color]
if you want everything, use -s0
(zero defaults to the max)