Make some updates to describe the newer features.

svn path=/trunk/; revision=34964

1 files changed, 7 insertions, 4 deletions

diff --git a/doc/text2pcap.pod b/doc/text2pcap.pod
index ec9be9b613..570cdd9001 100644
--- a/doc/text2pcap.pod
+++ b/doc/text2pcap.pod
@@ -57,9 +57,12 @@ a hex number longer than two characters. Any text after the bytes is
 ignored (e.g. the character dump). Any hex numbers in this text are
 also ignored. An offset of zero is indicative of starting a new
 packet, so a single text file with a series of hexdumps can be
-converted into a packet capture with multiple packets. Multiple
-packets are read in with timestamps differing by one second each. In
-general, short of these restrictions, B<text2pcap> is pretty liberal
+converted into a packet capture with multiple packets. Packets may be
+preceded by a timestamp. These are interpreted according to the format
+given on the command line (see B<-t>). If not, the first packet
+is timestamped with the current time the conversion takes place. Multiple
+packets are written with timestamps differing by one microsecond each.
+In general, short of these restrictions, B<text2pcap> is pretty liberal
 about reading in hexdumps and has been tested with a variety of
 mangled outputs (including being forwarded through email multiple
 times, with limited line wrap etc.)
@@ -76,7 +79,7 @@ type etc.
 B<Text2pcap> also allows the user to read in dumps of
 application-level data, by inserting dummy L2, L3 and L4 headers
 before each packet. The user can elect to insert Ethernet headers,
-Ethernet and IP, or Ethernet, IP and UDP/TCP headers before each
+Ethernet and IP, or Ethernet, IP and UDP/TCP/SCTP headers before each
 packet. This allows Wireshark or any other full-packet decoder to
 handle these dumps.