473,386 Members | 1,715 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > networking - hardware / configuration > questions > i used tshark to create a pcap from a large pcap. the created file loses packets?

Join Bytes to post your question to a community of 473,386 software developers and data experts.

I used tshark to create a PCAP from a large PCAP. The created file loses packets?

Hi,

I have a 1 GB file with data from multiple IP's. I use tshark and the found IP to create another PCAP from the large PCAP of packets of only that particular IP. However, when I run my Python script to decode the created PCAP file, it does not give any results. While the same script on the original PCAP gives results. I have tried multiple options but nothing seems to give me the right results. Can anybody help me with this problem? Would be really grateful

Best regards,
Tarun
Mar 24 '11 #1
2 2972
sicarie
4,677 Expert Mod 4TB
That is going to be difficult without getting into your entire capture and exact syntax of the program.

When you create the smaller pcap file - have you verified the packets inside? Have you opened it up with Wireshark or something to see the files you expected to be moved actually went in there?
Mar 26 '11 #2
Hi Sicarie,

Thanks for the reply. I did exactly as you mentioned and have been able to identify the problem. I was using grep to find keywords in a large pcap, and then ngrep to find the packet header of that keyword and the IP address. This IP was the one which was sent to tshark to create PCAP. When I manually gave the IP tshark works perfectly. The problem area I have identified is that ngrep does not search for a keyword inside the packet or apart from the URL. As a result, it is not giving the right IP to tshark.

The problem area is ngrep. Now looking for an alternative to find the IP of the packet which has the relevant keyword. The PCAP may be as big as 5 GB. I tried Snort but it does not work well on 64 Bit and is a little heavy. Any suggestions would be welcome.

Thanks a lot,
Tarun
Mar 26 '11 #3

Sign in to post your reply or Sign up for a free account.

Similar topics

1
Large script source file
by: Christopher Benson-Manica | last post by:
We have a fairly large (1500 line) .js file that contains script that most of our pages use. My personal opinion is that this is not easy to maintain, but others are concerned that with the script...
Javascript
8
tif file loses integrity when uploaded
by: Al Knowles | last post by:
I have researched and tried every method I can find for passing a two-page tif file from a VB6 application to a web service via XML. These include XMLTextReader.ReadBase64, Convert.FromBase64,...
.NET Framework
11
can't write to newly created file - file being used by another process
by: Dica | last post by:
i'm getting an error about 'the process cannot access the file becaise it is being used by another process.' write after i've created a new file and try to open it for writing with xmlTextWriter....
C# / C Sharp
2
"not the pdb file that was used when this precompiled header wascreated"
by: Tommy Vercetti | last post by:
I am working on a Managed C++ project and I get the following error: TestThread.cpp(3) : error C2859: c:\projects\ProjectName\debug\vc70.pdb is not the pdb file that was used when this...
.NET Framework
3
What was used to create this?
by: Brett | last post by:
What was used to create this discussion group? Particularly the UI components? Thanks, Brett
ASP.NET
1
How to create a new empty text file?
by: JenHu | last post by:
Hi experts, I want to create a new empty text file after I upload a file to the desination. Then I need to read each line from the uploaded file and write the lines which first character <>'6'...
ASP.NET
0
can't create form in code-behind file
by: Dan | last post by:
Hi, I deleted the form created by VWD in the aspx file (because i know there may only be one server-form) and I tried to create in the code-behind file a form like: dim t as form but it...
ASP.NET
2
Create and Open a rtf file . c#
by: txomin | last post by:
Hi, I've been able to create and save a .rtf file with the text of a RichtextBox. private void btnPrint_Click(object sender, EventArgs e) { if (this.saveFileDialog1.ShowDialog() ==...
.NET Framework
1
loop through a directory and find the most recently created file
by: mrpknd57 | last post by:
Hi, I am new to Access/VBA can anyone help? I have a form with a button that runs a macro. I have been using the TransferText action within the macro to import a text file, from a specific...
Microsoft Access / VBA
10
Fastest way to import large fixed width file into a DataTable
by: BostonNole | last post by:
Using Visual Studio 2005, .NET 2.0 and VB.NET: I am looking for the fastest possible way to import a very large fixed width file (over 6 million records and over 1.2 GB file size) into a...
Visual Basic .NET
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!