This article is written by Balakrishnan M
A while back we reviewed 11 examples on how to use editcap utility to capture network dumps. In this article, let us review mergecap utility and tshark commands.
Mergecap is a packet dump combining tool, which will combine multiple dumps into a single dump file. Based on timestamp, the packets are written into the output file in an orderly manner. By default the output file is written in the libpcap format. However using mergecap options, we can generate output in various different format including those that are supported by wireshark tool.
(more…)
{ 2 comments }
My name is Ramesh Natarajan. I will be posting instruction guides, how-to, troubleshooting tips and tricks on Linux, database, hardware, security and web. My focus is to write articles that will either teach you or help you resolve a problem. Read more about