I use editcap to extract RTP packets from a wiershark file. The packets
are renamed "UDP" under the Protocol column instead of staying as "RTP".
How can I change the protocol marking back to RTP?
I use the following command to change IP 12.120.198.12 to 12.120.198.138
in a Wireshark pcap file
tcprewrite --infile=in.pcap --outfile=out.pcap -S 12.120.198.12
--srcipmap=12.120.198.138
The OS is Linux 2.6.9-5, and version of the tcprewrite is 3.4.0, build
2145.
The following error was returned:
Only one srcipmap option allowed. Options are specified by doubled
hyphens and their name or by a single hyphen and the flag character.
I tried to change the command using different combinations of "-- or -",
"= or a blank", "= or #", but to no avail.
What is the right format to use? Concrete examples in the manual would
be helpful.
Also I need to change the time stamps of the packets. What tool can I
use, and how
Thx.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Tcpreplay-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/tcpreplay-users
Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
