John Smith wrote:
> Is there a way to export caps from Wireshark with the TCP `magically`
> reassemebled so that my program can just treat the split packets as
> really big TCP packets(ignoring the ethernet MTU)?
No.
However, there *is* a way to construct a "tap" that will get handed
informatio
Hello,
I'm trying to write a small program that will extract some statistics
from CAPs containing SMB traffic.
Since this is a small program I want to use Wireshark/tcpdump to
filter out all other traffic and let the program assume that all the
packets are SMB.
My problem is that many SMB packet
