Yes I am doing live capturing, but all what I interested about is the 16 byte "Source Name" field (Name to Add). I want to include the tcpdump command in my perl program so that I can make further processing on the data of that field.
I need your help in this matter Regards Bassam A. Al-Khaffaf R & D Engineer R & D Department Palette Multimedia Bhd www.palettemm.com www.yellowspots.com [EMAIL PROTECTED] Tel: +60 (3) 6253 3299 - Ext: 229 Fax: +60 (3) 6253 4399 MPhone: +60 (16) 493 1776 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jun-ichiro itojun Hagino Sent: Friday, May 28, 2004 1:15 PM To: [EMAIL PROTECTED] Subject: Re: [tcpdump-workers] How to extract the source name field data of > Hi, > I am capturing the NetBeui (NBF) packets by using the following command: > > tcpdump -X netbuie > > I am getting a range of data, but, is there a way to determine which part of > the packet to extract? I am interested in the 16 byte "Source Name" field > (Name to add) as shown below. I want to extract the name SHEILA only. > > 15:12:21.446893 NetBeui Packet > 0x0000 f0f0 032c 00ff ef01 0000 0000 0000 0000 ...,............ > 0x0010 0000 0000 0000 0000 0000 0000 0000 0053 ...............S > 0x0020 4845 494c 4120 2020 2020 2020 2020 03 HEILA.......... if you are doing live capture on network, bigger capture size like "-s 2000" will help you. otherwise, binary capture file won't have enough data so you can do nothing about it. itojun - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe. --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.686 / Virus Database: 447 - Release Date: 14/05/04 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.686 / Virus Database: 447 - Release Date: 14/05/04 - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
