Dears,

I am trying to run a bash script to take a snoop on an interface with a certain port for like 5 minute and once the snoop is finished I need to parse the snoop file on unix/solaris without using WIRESHARK or ETHERAL.

the snoop that I will capture will be for DIAMETER Protocol and what I will be looking for is the total number of CCR Send and total number of CCA recieved and other related information.

I can generate the script to a level of executing the script on partiular interface and close it but how to parse it with DIAMETER protocol on solaris this is what I am more intersted in.

---------- Post updated at 06:53 AM ---------- Previous update was at 06:26 AM ----------

Moderator's Comments:

Forum Rules: No Bumping Up Posts.... Please Read and Follow Forum Rules

snoop doesn't parse the diameter protocol. While certainly doable with some shell scripting, that won't worth the effort given the fact wireshark already does it. Why are you ruling out wireshark ?

Well whireshark can be run over windows I am more interested to take live snoop and analyse at bash level.

Any idea?

Sounds pretty easy... capture data and parse data ... .what's the problem?

Wireshark has a CLI mode, tshark, if this is what you are looking for.