User Guide

ManualsBrandsWireshark ManualsSoftwareWireshark Wireshark - 1.9

241

242

243

244

245

246

247

248

249

250

Related command line tools

236

Example D.10. Help information available for text2pcap

Text2pcap 1.7.0 (SVN Rev 39165 from /trunk)

Generate a capture file from an ASCII hexdump of packets.

See http://www.wireshark.org for more information.

Usage: text2pcap [options] <infile> <outfile>

where <infile> specifies input filename (use - for standard input)

<outfile> specifies output filename (use - for standard output)

Input:

-o hex|oct|dec parse offsets as (h)ex, (o)ctal or (d)ecimal;

default is hex.

-t <timefmt> treat the text before the packet as a date/time code;

the specified argument is a format string of the sort

supported by strptime.

Example: The time "10:15:14.5476" has the format code

"%H:%M:%S."

NOTE: The subsecond component delimiter, '.', must be

given, but no pattern is required; the remaining

number is assumed to be fractions of a second.

NOTE: Date/time fields from the current date/time are

used as the default for unspecified fields.

-a enable ASCII text dump identification.

It allows to identify the start of the ASCII text

dump and not include it in the packet even if it

looks like HEX dump.

NOTE: Do not enable it if the input file does not

contain the ASCII text dump.

Output:

-l <typenum> link-layer type number; default is 1 (Ethernet).

See the file net/bpf.h for list of numbers.

Use this option if your dump is a complete hex dump

of an encapsulated packet and you wish to specify

the exact type of encapsulation.

Example: -l 7 for ARCNet packets.

-m <max-packet> max packet length in output; default is 64000

Prepend dummy header:

-e <l3pid> prepend dummy Ethernet II header with specified L3PID

(in HEX).

Example: -e 0x806 to specify an ARP packet.

-i <proto> prepend dummy IP header with specified IP protocol

(in DECIMAL).

Automatically prepends Ethernet header as well.

Example: -i 46

-u <srcp>,<destp> prepend dummy UDP header with specified

dest and source ports (in DECIMAL).

Automatically prepends Ethernet & IP headers as well.

Example: -u 1000,69 to make the packets look like

TFTP/UDP packets.

-T <srcp>,<destp> prepend dummy TCP header with specified

dest and source ports (in DECIMAL).

Automatically prepends Ethernet & IP headers as well.

Example: -T 50,60

-s <srcp>,<dstp>,<tag> prepend dummy SCTP header with specified

dest/source ports and verification tag (in DECIMAL).

Automatically prepends Ethernet & IP headers as well.

Example: -s 30,40,34

-S <srcp>,<dstp>,<ppi> prepend dummy SCTP header with specified

dest/source ports and verification tag 0.

Automatically prepends a dummy SCTP DATA

chunk header with payload protocol identifier ppi.

Example: -S 30,40,34

Miscellaneous:

-h display this help and exit.

-d show detailed debug of parser states.

-q generate no output at all (automatically turns off -d).