PCAPdispatcher
Download latest version of pcapdispatcher. Send remarks to phil@secdev.org
Ideal complement of Net2Pcap.
Abstract
PCAPdispatcher is the very first version of a (maybe modular, one day) program
that will try to explode a pcap file into differents files, one with
ARP packets, one with ICMP packets, per-peer TCP/UDP exchanges
(or per connection). If There is less that MINPKTGRP packets for a communication
(maybe a scan ?) these packets are regrouped in a remaining file.
Usage
$ ./pcapdispatcher -h
Usage: pcapdispatcher -i input [-o outputdir] [-f bpffilter]