开发者

Ethernet header?

开发者 https://www.devze.com 2023-01-31 11:19 出处：网络

Does Wireshark support a format that doesn\'t require TCP/UDP/Ethernet he开发者_开发知识库aders in every packet?

相关专题：packet-capture pcap udp wireshark

Does Wireshark support a format that doesn't require TCP/UDP/Ethernet he开发者_开发知识库aders in every packet?

Any other (non-pcap) formats wireshark supports would be appreciated. I need to get header-less data into wireshark for further examination.

Apparently this IS possible with newer versions. See their How To Dissect Anything wiki entry.

Basically, in the pcap header you set the network linktype DLT to USER DLT #147 decimal. Pcap files are simple to create.

Then in wireshark Edit->Preferences->Protocols->DLT_USER->Edit Encapsulations Table, fill in the GUI dialog. And voila! it parses raw packets.

UPDATE: This doesn't support some protocols (like DNS). But you can possibly append fake headers using text2pcap (development version as of Dec-2010).

上一篇:火柴天堂是谁唱的啊？？

Failing to create type dynamically:下一篇

精彩评论

暂无评论...

登录注册

请自觉遵守互联网相关的政策法规，严禁发布色情、暴力、反动的言论！

验证码：

换一张

取消

关注公众号

图文推荐

Delphi - Custom drawing a message list

C++ header-only include pattern

IE7 Margin Collapses Into Padding

in CoffeeScript, how can I use a variable as a key in a hash?

Interactive visualization of a graph in python [closed]

How to customise PHP MYSQL tables?

High quality, simple random password generator

Image Recognition ApI in android

开发者开发者网给大家分享系统运维,大数据运维,云计算,编程开发技巧,路由交换,运维和开发相关的资讯及技术文章，同时StackOverflow中文社区，知识经验交流分享。

法律声明：本站内容均为网友上传，网站举办方负责审核和监督，如存在版权或非法内容，欢迎举报，我们将尽快予以删除。邮箱：devze@qq.com

How do I get Wireshark to read header-less pcap files without a UDP/IP/Ethernet header?

更多 问答 相关资讯：

精彩评论

关注公众号

热门标签

图文推荐

更多问答相关资讯：