On Fri, Nov 16, 2007 at 01:36:05PM +0900, Kenichi Okuyama wrote:
> Being honest, I usually first filter the cap file so it only contains
> the packet type I needed, ouput them in text mode, then compare them.
> So for myself, currently I only need feature to ignore "capture time"
> and "sequence".
Dear Steve,
> > Usually, src1 and src2 comes from different source, and hence each
> > packet owns different timestamp. Sometimes we need to ignore those
> > time stamps. But when we output "common" part, user might need those
> > timestamp again. Hence, we need two file to output "common"
On Fri, Nov 16, 2007 at 10:57:33AM +0900, Kenichi Okuyama wrote:
> I'm currently looking for "diff" tool for tcpdump/wireshark capture
> files. I found similar topic in "Wishlist" section of wiki page
> (GUI:48.). But there seems to be some difference between what is
> written and what I imagine.
Dear list,
I'm currently looking for "diff" tool for tcpdump/wireshark capture files.
I found similar topic in "Wishlist" section of wiki page (GUI:48.).
But there seems to be some difference between what is written and what
I imagine.
Is there any project already started about this? I'd be very
