Tool 16: Convert a record
Description:
A record is a capture file. It contains several packets captured
during a sniff. It can also be created by hand. There are 7 formats
for records: pcap (tcpdump compatible), bin (binary, unreadable by
humans but fast) and mixed/mixed_wrap/dump/hexa/hexa_wrap (easy to
read and edit). A record also has an associated DLT (Data Link Type),
indicating at which level a packet start: raw (start at IP header) and
ether (start at Ethernet header) are the 2 most common DLT. Tool 13
displays DLT of each device.
This tool converts a record. For example, it can convert a pcap
capture file to a mixed capture file.
Parameter --src-file indicates the input record filename.
Parameter --input-dlt defines the DLT of packets in input record (it
depends on how it was sniffed, generally 'ether' (for Ethernet) or
'raw' (if packet starts at IP header)). Full list is available through
netwag or running tool 12.
Parameter --dst-file indicates the output record filename.
Parameter --output-dlt defines the DLT of packets to write in output
record.
Parameter --recordencode defines how to encode data in this record
(suggested values: bin, pcap and mixed_wrap).
Synonyms:
capture
Usage:
netwox 16 -f file [-t dlt] -F file [-T dlt] [-r recordencode]
Parameters:
| parameter |
description |
example |
| -f|--src-file file |
input record file |
srcfile.txt |
| -t|--input-dlt dlt |
dlt type of input record |
ether |
| -F|--dst-file file |
output record file |
dstfile.txt |
| -T|--output-dlt dlt |
dlt type of output record |
ether |
| -r|--recordencode recordencode |
encoding type for output record |
bin |
Examples:
netwox 16 -f "srcfile.txt" -F "dstfile.txt"
netwox 16 --src-file "srcfile.txt" --dst-file "dstfile.txt"