[Tcpick-project] pipe mode incorrectly inserting newlines
Status: Beta
Brought to you by:
duskdruid
Menu
▾
▴
[Tcpick-project] pipe mode incorrectly inserting newlines
|
From: T S <yen...@gm...> - 2013-09-03 03:23:25
|
when using --pipe <client or server>, a newline is inserted into the data stream at the end of every packet. The same behavior occurs when using the expanded flags, -S -Tf1 -Ef1 -bR<client or server>. The behavior does not occur when using -wR. to reproduce: 1. get a pcap capture file 2. tshark -r capture_file.pcap -Tf1 -Ef1 -wRS, creating a tshark_source_dest.dat file 3. tshark -r capture_file.pcap -S -v0 -Tf1 -Ef1 -wRS > file2. 4. observe that the md5 sum of file2 is different than the first file. 5. in a hexediting view, observe that 0x0A is inserted on packet boundaries. As it is, the -bR flag doesn't seem to be useful for its intended purpose - one can't just pipe it to other programs, since you don't know if the 0x0A is from the original packet or tcpick. this is on Debian, using tcpick 0.2.1 from the repositories. |
