Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: printing out information from pcap file
Top Forums Programming printing out information from pcap file Post 302470851 by thisismyname on Thursday 11th of November 2010 09:03:00 AM
Old 11-11-2010
printing out information from pcap file
Hi Folks,

i got the following Problem: I want to make an analysis on a pcap file. (diestance between different packets and so on) The difficulty now... it's not a simple Ethernet/ IP/ File, but it's a SS7 file.
There are the Layers MTP2 MTP3 and ISUP. My analysis depends on the ISUP Layer.
Now I'm searching for a way to do this. I really don't prefer C, because I want to write those things into a Database. C is not really made for that.
So I took a look on the Java wrapper. There I couldn't find any support for SS7. Also with the python wrapper.

Is there anyone with a quick hint?

Probably a little bit Backround, here what I want to suck out of every message:
- timestamp
- packetnumber
- messagetype (IAM,SAM,ACM...)
- CIC (Number indicating the used Channel)
....so I need a library to decode this.

Thanks for your help!!

greetz myname
 

9 More Discussions You Might Find Interesting

1. Programming

Compiling Pcap.c

I don't know if this is the correct forum to post this but hopefully someone can atleast point me in the right direction if they can't help me. I am trying to install the Net::Pcap module for perl from Tim Potter version .04. I have installed gcc 2.95.3 on my Solaris 8 box. I am sure it's just... (6 Replies)
Discussion started by: TioTony
6 Replies

2. Programming

pcap.h

I cant use pcap.h include file. How can I do so? :confused: (8 Replies)
Discussion started by: Pervez Sajjad
8 Replies

3. Programming

Pcap.h Sniffing

Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know? Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies

4. Shell Programming and Scripting

Pcap.h Sniffing

Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know? Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies

5. UNIX for Dummies Questions & Answers

Filtering pcap files

Hi, I am new at UNIX and programing in general and only have a basic knowledge of C++. I am helping out with some research at a college and was given the task to sort through captured packets via IP addresses. I was wondering if anyone could help me with writing a code which filters through pcap... (1 Reply)
Discussion started by: hershey101
1 Replies

6. Programming

Packet capturing using pcap

Hi, i am using a linux CentOS machine. I have 2 real network interfaces eth0, eth1 and 2 virtual interfaces tap0 and tap1. I am using PCAP library to capture the packets on theses interfaces. If i specify the interface as "any", i cannot find a way to know from which interface the packet... (1 Reply)
Discussion started by: rahulnitk2004
1 Replies

7. Shell Programming and Scripting

Sampling pcap file

Hi, I have a standard pcap file created using tcpdump. The file looks like 06:49:36.487629 IP 202.1.175.252 > 71.126.222.64: ICMP echo request, id 52765, seq 1280, length 40 06:49:36.489552 IP 192.120.148.227 > 71.126.222.64: ICMP echo request, id 512, seq 1280, length 40 06:49:36.491812 IP... (8 Replies)
Discussion started by: sajal.bhatia
8 Replies

8. Shell Programming and Scripting

Help in printing out information

Hello everyone, I got a small question. Can I ask if there is any way to shorten the codes at the bottom cuz it looks abit messy. My Text file contain.. With ":" as a delimiter Little Prince:The Prince:15.00:188:9 Lord of The Ring:Johnny Dept:56.80:100:38 At the end of the day... (6 Replies)
Discussion started by: aLHaNz
6 Replies

9. Programming

PCAP -> PFRING

Hi I have a program that captures packets with the libpcap library by calling the pcap-functions, e.g. pcap_next(...). I would like to use PF_RING for the program and therefore I would have to adjust the calling functions to pfring_open(...) pfring_recv(...) I'm pretty knew in network... (0 Replies)
Discussion started by: Freaky123
0 Replies

LEARN ABOUT REDHAT

ipfwadm-wrapper

IPFWADM-WRAPPER(8)														IPFWADM-WRAPPER(8)

NAME

       ipfwadm-wrapper - IP firewall administration

SYNOPSIS

       ipfwadm-wrapper -A command parameters [options]
       ipfwadm-wrapper -I command parameters [options]
       ipfwadm-wrapper -O command parameters [options]
       ipfwadm-wrapper -F command parameters [options]
       ipfwadm-wrapper -M [ -l | -s ] [options]

DESCRIPTION

       Ipfwadm-wrapper	emulates  the  behaviour  of  ipfwadm.	You can use this wrapper to use your old ipfwadm firewall rules with ipchains. See
       ipfwadm(8) for more details.

       If the kernel does not support ipchains (eg. a 2.0 kernel), and the file /sbin/ipfwadm.real exists and is executable, then it will be  exe-
       cuted  with  the  arguments  given  to  ipfwadm-wrapper.   This allows simple dual-booting of 2.2 and 2.0 kernels with the same firewalling
       scripts: simply move ipfwadm to ipfwadm.real, and ipfwadm-wrapper to ipfwadm.

SEE ALSO

       ipfwadm(8), ipchains(8)

BUGS

       The script isn't clever at parsing command line arguments.  You must use separate arguments, rather than run them together.   For  example,
       `ipfwadm -Mle' becomes `ipfwadm-wrapper -M -l -e'.

       Fragment accounting rules are not translated correctly; they will account packets with source port 65535.

       Due to new kernel restrictions, you must be root even to list rules for 2.2 kernels.

       If /usr is mounted from NFS, you will not be able to use ipfwadm-wrapper before /usr is mounted.

AUTHOR

       Paul ``Rusty'' Russell <ipchains@rustcorp.com>

								 February 8, 1998						IPFWADM-WRAPPER(8)
All times are GMT -4. The time now is 11:51 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy