|
EtherealAW: [Ethereal-users] New User - How do I cpature/save Cisco Debug s For Analysis |
|
||
|
|
EtherealAW: [Ethereal-users] New User - How do I cpature/save Cisco Debug s For Analysis |
|
||
Did you ever try this in practice? I just cannot make it work. What parameters to text2pcap do you use? Torsten -----Ursprüngliche Nachricht----- Von: Marco van den Bovenkamp [mailto:marco@xxxxxxxxxxxxxxxxxxx] Gesendet am: Donnerstag, 20. Juni 2002 16:46 An: Visser, Martin (Sydney) Cc: ethereal-users@xxxxxxxxxxxx Betreff: Re: [Ethereal-users] New User - How do I cpature/save Cisco Debugs For Analysis Visser, Martin (Sydney) wrote: > Of course if you can find a Cisco "debug xxx packet" command that > produces a sufficiently verbose hex-dump you may be able to use the > ethereal "text2pcap" utility to import the trace. Try 'debug ip packet dump' (undocumented, sadly), and the following Perl script: --------------- Cut here ----------------------- #!/usr/bin/perl # Convert Cisco dump file format to something text2pcap can read. # Author: Hamish Moffatt <hamish@xxxxxxxxxxxx>. # License: GPL (see www.gnu.org). sub dumppkt () { for ($i = 0; $i < scalar(@pkt); $i++) { if ($i % 16 == 0) { printf "\n%08X", $i; } printf " %02X", $pkt[$i]; } } while(<>) { chomp; unless (m/[0-9A-F]{8}:/) { $new_pkt = 1; dumppkt; undef @pkt; next; } # Strip the offsets and ASCII dump $hex = substr $_, 10, 35; # Remove all spaces $hex =~ s/ //g; # Convert hex bytes on this line while ((length $hex) > 0) { push @pkt, hex (substr $hex, 0, 2, ""); } } dumppkt; print "\n"; --------------- Cut here ------------------ Regards, Marco. _______________________________________________ Ethereal-users mailing list Ethereal-users@xxxxxxxxxxxx http://www.ethereal.com/mailman/listinfo/ethereal-users
Powered by MHonArc 2.6.10