diff options
author | ulfl <ulfl@f5534014-38df-0310-8fa8-9805f1628bb7> | 2006-01-11 01:53:46 +0000 |
---|---|---|
committer | ulfl <ulfl@f5534014-38df-0310-8fa8-9805f1628bb7> | 2006-01-11 01:53:46 +0000 |
commit | 2fcaebd40826f24eb93afd4d35ce1acb5804196b (patch) | |
tree | 574681252258a3c8ea83e2693d2595e85f03e6f3 /doc | |
parent | 7c80a41a83a004938968a3bcfb4926a6348a3336 (diff) |
instead of repeating the capture file format description over and over again (this list also tends to become outdated), just give a small description and refer to the Ethereal man page
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16997 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'doc')
-rw-r--r-- | doc/capinfos.pod | 2 | ||||
-rw-r--r-- | doc/editcap.pod | 132 | ||||
-rw-r--r-- | doc/mergecap.pod | 114 |
3 files changed, 41 insertions, 207 deletions
diff --git a/doc/capinfos.pod b/doc/capinfos.pod index 68933891ef..9848ad65ed 100644 --- a/doc/capinfos.pod +++ b/doc/capinfos.pod @@ -31,7 +31,7 @@ will report all statistics available. B<Capinfos> is able to detect and read the same capture files that are supported by B<Ethereal>. -The input file doesn't need a specific filename extension, the file +The input files don't need a specific filename extension, the file format and an optional gzip compression will be automatically detected. The I<capture file format> section of I<ethereal(1)> or I<http://www.ethereal.com/docs/man-pages/ethereal.1.html> diff --git a/doc/editcap.pod b/doc/editcap.pod index 99cf40ae13..40364c4d85 100644 --- a/doc/editcap.pod +++ b/doc/editcap.pod @@ -26,17 +26,28 @@ B<Editcap> is a program that reads some or all of the captured packets from the I<infile>, optionally converts them in various ways and writes the resulting packets to the capture I<outfile> (or outfiles). -By default, it reads all packets from the I<infile> and writes them to the I<outfile> -in libpcap file format. +By default, it reads all packets from the I<infile> and writes them to the +I<outfile> in libpcap file format. + +A list of packet numbers can be specified on the command line; ranges of +packet numbers can be specified as I<start>-I<end>, referring to all packets +from I<start> to I<end>. +The selected packets with those numbers will I<not> be written to the +capture file. +If the B<-r> flag is specified, the whole packet selection is reversed; +in that case I<only> the selected packets will be written to the capture file. + +B<Editcap> is able to detect, read and write the same capture files that +are supported by B<Ethereal>. +The input file doesn't need a specific filename extension, the file +format and an optional gzip compression will be automatically detected. +The I<capture file format> section of I<ethereal(1)> or +I<http://www.ethereal.com/docs/man-pages/ethereal.1.html> +provides a detailed description. -A list of packet numbers can be specified on the command line; ranges of packet numbers can be -specified as I<start>-I<end>, referring to all packets from I<start> to -I<end>. -The selected packets with those numbers will I<not> be written to the capture file. -If the B<-r> flag is specified, the whole packet selection is reversed; in that case I<only> the selected packets -will be written to the capture file. - -The supported input and output capture file formats are described in a section below. +B<Editcap> can write the file in several output formats. The B<-F> +flag can be used to specify the format in which to write the capture +file, B<editcap -F> provides a list of the available output formats. =head1 OPTIONS @@ -174,104 +185,6 @@ To introduce 5% random errors in a capture file use: =back -=head1 Capture File Formats - -There is no need to tell B<Editcap> what type of -file you are reading; it will determine the file type by itself. - -B<Editcap> is also capable of reading any of these file formats if they -are compressed using gzip. It recognizes this directly from the -file; the '.gz' extension is not required for this purpose. - -The following I<input> file formats are supported: - -=over 4 - -=item * -libpcap/WinPcap, tcpdump and various other tools using tcpdump's capture format - -=item * -B<snoop> and B<atmsnoop> - -=item * -Shomiti/Finisar B<Surveyor> captures - -=item * -Novell B<LANalyzer> captures - -=item * -Microsoft B<Network Monitor> captures - -=item * -AIX's B<iptrace> captures - -=item * -Cinco Networks B<NetXRay> captures - -=item * -Network Associates Windows-based B<Sniffer> captures - -=item * -Network General/Network Associates DOS-based B<Sniffer> (compressed or uncompressed) captures - -=item * -AG Group/WildPackets B<EtherPeek>/B<TokenPeek>/B<AiroPeek>/B<EtherHelp>/B<PacketGrabber> captures - -=item * -B<RADCOM>'s WAN/LAN analyzer captures - -=item * -Network Instruments B<Observer> version 9 captures - -=item * -B<Lucent/Ascend> router debug output - -=item * -files from HP-UX's B<nettl> - -=item * -B<Toshiba's> ISDN routers dump output - -=item * -the output from B<i4btrace> from the ISDN4BSD project - -=item * -traces from the B<EyeSDN> USB S0. - -=item * -the output in B<IPLog> format from the Cisco Secure Intrusion Detection System - -=item * -B<pppd logs> (pppdump format) - -=item * -the output from VMS's B<TCPIPtrace>/B<TCPtrace>/B<UCX$TRACE> utilities - -=item * -the text output from the B<DBS Etherwatch> VMS utility - -=item * -Visual Networks' B<Visual UpTime> traffic capture - -=item * -the output from B<CoSine> L2 debug - -=item * -the output from Accellent's B<5Views> LAN agents - -=item * -Endace Measurement Systems' ERF format captures - -=item * -Linux Bluez Bluetooth stack B<hcidump -w> traces - -=back - -B<Editcap> can write the file in several output formats. The B<-F> -flag can be used to specify the format in which to write the capture -file, B<editcap -F> provides -a list of the available output formats. - =head1 SEE ALSO I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)> @@ -281,6 +194,9 @@ I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)> B<Editcap> is part of the B<Ethereal> distribution. The latest version of B<Ethereal> can be found at B<http://www.ethereal.com>. +HTML versions of the Ethereal project man pages are available at: +http://www.ethereal.com/docs/man-pages + =head1 AUTHORS Original Author diff --git a/doc/mergecap.pod b/doc/mergecap.pod index 6fc4e12701..bcbc745bf1 100644 --- a/doc/mergecap.pod +++ b/doc/mergecap.pod @@ -26,6 +26,19 @@ B<Ethereal>, and other tools that write captures in that format. By default, it writes the capture file in B<libpcap> format, and writes all of the packets in both input capture files to the output file. +B<Mergecap> is able to detect, read and write the same capture files that +are supported by B<Ethereal>. +The input files don't need a specific filename extension, the file +format and an optional gzip compression will be automatically detected. +The I<capture file format> section of I<ethereal(1)> or +I<http://www.ethereal.com/docs/man-pages/ethereal.1.html> +provides a detailed description. + +B<Mergecap> can write the file in several output formats. +The B<-F> flag can be used to specify the format in which to write the +capture file, B<mergecap -F> provides a list of the available output +formats. + Packets from the input files are merged in chronological order based on each frame's timestamp, unless the B<-a> flag is specified. B<Mergecap> assumes that frames within a single capture file are already stored in @@ -105,104 +118,6 @@ fddi>' is specified). =back -=head1 CAPTURE FILE FORMATS - -There is no need to tell B<Mergecap> what type of -file you are reading; it will determine the file type by itself. - -B<Mergecap> is also capable of reading any of these file formats if they -are compressed using gzip. B<Mergecap> recognizes this directly from -the file; the '.gz' extension is not required for this purpose. - -The following I<input> file formats are supported: - -=over 4 - -=item * -libpcap/WinPcap, tcpdump and various other tools using tcpdump's capture format - -=item * -B<snoop> and B<atmsnoop> - -=item * -Shomiti/Finisar B<Surveyor> captures - -=item * -Novell B<LANalyzer> captures - -=item * -Microsoft B<Network Monitor> captures - -=item * -AIX's B<iptrace> captures - -=item * -Cinco Networks B<NetXRay> captures - -=item * -Network Associates Windows-based B<Sniffer> captures - -=item * -Network General/Network Associates DOS-based B<Sniffer> (compressed or uncompressed) captures - -=item * -AG Group/WildPackets B<EtherPeek>/B<TokenPeek>/B<AiroPeek>/B<EtherHelp>/B<PacketGrabber> captures - -=item * -B<RADCOM>'s WAN/LAN analyzer captures - -=item * -Network Instruments B<Observer> version 9 captures - -=item * -B<Lucent/Ascend> router debug output - -=item * -files from HP-UX's B<nettl> - -=item * -B<Toshiba's> ISDN routers dump output - -=item * -the output from B<i4btrace> from the ISDN4BSD project - -=item * -traces from the B<EyeSDN> USB S0. - -=item * -the output in B<IPLog> format from the Cisco Secure Intrusion Detection System - -=item * -B<pppd logs> (pppdump format) - -=item * -the output from VMS's B<TCPIPtrace>/B<TCPtrace>/B<UCX$TRACE> utilities - -=item * -the text output from the B<DBS Etherwatch> VMS utility - -=item * -Visual Networks' B<Visual UpTime> traffic capture - -=item * -the output from B<CoSine> L2 debug - -=item * -the output from Accellent's B<5Views> LAN agents - -=item * -Endace Measurement Systems' ERF format captures - -=item * -Linux Bluez Bluetooth stack B<hcidump -w> traces - -=back - -B<Mergecap> can write the file in several output formats. -The B<-F> flag can be used to specify the format in which to write the -capture file, B<mergecap -F> provides a list of the available output -formats. - =head1 SEE ALSO I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<editcap(1)> @@ -215,6 +130,9 @@ B<Mergecap> is based heavily upon B<editcap> by Richard Sharpe B<Mergecap> is part of the B<Ethereal> distribution. The latest version of B<Ethereal> can be found at B<http://www.ethereal.com>. +HTML versions of the Ethereal project man pages are available at: +http://www.ethereal.com/docs/man-pages + =head1 AUTHORS Original Author |