LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 04-01-2016, 11:24 PM   #1
kikilinux
Member
 
Registered: Sep 2012
Posts: 125

Rep: Reputation: Disabled
Question pcap file analyzing tools to extract protocol of different sessions


I have some pcap files that each one include one session only.
I mean I had another pcap file with all traffics which is captured and I extract all the sessions of that pcap file into some separated pcap files.

Now I am working on these individual pcap files which contains just on session.

I want some tools that analyses these pcap file and extract the protocol which is used in that pcap files (by considering that we do not trust source or destination ports for analysing protocols that are used)

Something like nDPI tool

Last edited by kikilinux; 04-02-2016 at 12:15 AM.
 
Old 04-02-2016, 08:18 AM   #2
tshikose
Member
 
Registered: Apr 2010
Location: Kinshasa, Democratic Republic of Congo
Distribution: RHEL, Fedora, CentOS
Posts: 525

Rep: Reputation: 95
Hi,

It seems to me that Wireshark with its merge and save (splitted or displayed packets) commands is able to do what you need.
Then Wireshark having a CLI, tshark, you might even be able to just work with the files as parameters and get in output what you need (the used protocol).
 
  


Reply

Tags
command line, pcap file, session


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
reassembling fragmented ip packets from a pcap file and save the results into another pcap file kikilinux Programming 3 02-12-2016 08:04 AM
[SOLVED] How to export just source/destination field of pcap file into a plain text file kikilinux Linux - Networking 5 11-27-2014 07:13 AM
protocol analysis tools aeby Linux - Networking 2 10-01-2009 03:13 AM
Using python for analyzing network protocol mohtasham1983 Programming 1 09-20-2006 11:23 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:35 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration