User Guide

ManualsBrandsWireshark ManualsSoftwareWireshark Wireshark - 1.5

231

232

233

234

235

236

237

238

239

240

Related command line tools

225

Example D.10. Help information available for text2pcap

$ text2pcap -h

Text2pcap 1.1.4

Generate a capture file from an ASCII hexdump of packets.

See http://www.wireshark.org for more information.

Usage: text2pcap [options] <infile> <outfile>

where <infile> specifies input filename (use - for standard input)

<outfile> specifies output filename (use - for standard output)

Input:

-o hex|oct|dec parse offsets as (h)ex, (o)ctal or (d)ecimal; default is hex.

-t <timefmt> treats the text before the packet as a date/time code;

the specified argument is a format string of the sort

supported by strptime.

Example: The time "10:15:14.5476" has the format code

"%H:%M:%S."

NOTE: The subsecond component delimiter must be given

(.) but no pattern is required; the remaining number

is assumed to be fractions of a second.

NOTE: Date/time fields from the current date/time are

used as the default for unspecified fields.

Output:

-l <typenum> link-layer type number; default is 1 (Ethernet).

See the file net/bpf.h for list of numbers.

Use this option if your dump is a complete hex dump

of an encapsulated packet and you wish to specify

the exact type of encapsulation.

Example: -l 7 for ARCNet packets.

-m <max-packet> max packet length in output; default is 64000

Prepend dummy header:

-e <l3pid> prepend dummy Ethernet II header with specified L3PID

(in HEX).

Example: -e 0x806 to specify an ARP packet.

-i <proto> prepend dummy IP header with specified IP protocol

(in DECIMAL).

Automatically prepends Ethernet header as well.

Example: -i 46

-u <srcp>,<destp> prepend dummy UDP header with specified

dest and source ports (in DECIMAL).

Automatically prepends Ethernet & IP headers as well.

Example: -u 1000 69 to make the packets look like TFTP/UDP packets.

-T <srcp>,<destp> prepend dummy TCP header with specified

dest and source ports (in DECIMAL).

Automatically prepends Ethernet & IP headers as well.

Example: -T 50,60

-s <srcp>,<dstp>,<tag> prepend dummy SCTP header with specified

dest/source ports and verification tag (in DECIMAL).

Automatically prepends Ethernet & IP headers as well.

Example: -s 30,40,34

-S <srcp>,<dstp>,<ppi> prepend dummy SCTP header with specified

dest/source ports and verification tag 0.

Automatically prepends a dummy SCTP DATA

chunk header with payload protocol identifier ppi.

Example: -S 30,40,34

Miscellaneous:

-h display this help and exit.

-d detailed debug of parser states.

-q generate no output at all (automatically turns off -d).