Translation of IP addresses in a tcpdump file.

[Vaidehi Kasarekar <vaidehi_30 () yahoo com>]

Hello,

  I want to edit a tcpdump file. I want to replace
some addresses by some other addresses and delete rest
of the addresses, present in the tcpdump file. I did a
considerable amount of research on the available
tools. I found netdude useful. But netdude does not
support large files. My tcpdump files are very large.
I did not find any other tools, which could translate
these ip addresses.

  I am aware that all the tools use the libpcap API's.
The alternative to my problem would be to write code,
which will read tcpdump file. Get it in a buffer,
search for the ipaddress-to-be-replaced, replace them
with different ip adrresses. 

This is a very preliminary step of my research and i
am  a java-girl. i am not that comfortable with the
libpcap format. My research depends on this step. I am
not even sure of how difficult this task can be. This
is a very imp step for me.

Has anybody got this problem earlier? Can i find
some code/references to do this.

Any pointers or hints in this direction will be very
useful.

Thanks
-Vaidehi

__________________________________
Do you Yahoo!?
Yahoo! Calendar - Free online calendar with sync to Outlook(TM).
http://calendar.yahoo.com
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe