• Michael Matthews


    I am trying to figure out how to write packet data to a file.  I know I can do this with the dispatch method, passing 'None' as the second argument, but I want to write data that's been modified.

    Looking at the C source code, I see there is in fact a dump function, which looks to take filehandle, header, and packet data as arguments.  But the dump_open call does not return any result (such as a filehandle), and the dump_file function just kind of bombs.

    This can't be that hard.. what am I missing?


    Michael Matthews

    • Wim Lewis

      Wim Lewis - 2008-06-25

      I don't think there's a way to do that. (You want to capture packets, modify them in some way, and then write the modified packets to the dump file, right?)

      You could write to a dump file 'by hand'. The pcap file format is very simple:  http://wiki.wireshark.org/Development/LibpcapFileFormat

      • Michael Matthews


        Yeah, that's what I want to do.  Thanks for the confirmation that I'm not missing something simple.



Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks