hi all,
I am new to this site and hoping to get a solution to my problem.I am using ethereal to capture the packets in the network and the file is saved as .cap file.now using c prog i should filter out only dns packet in that file.can any one help me.please...thanks in advance..
regards,
syndal
So what's the problem?
Have you read the relevant documentation to learn about the .cap file format?
Are you able to open and read the file, and retrieve a packet?
Are you able to decode the header of that packet to determine it's purpose?
Perhaps you should begin with some exercises which get you used to using these operators
^
&
|
>>
<<
~
Use fread() to read one or more bytes from the file,
Use the bitwise ops to extract the bit(s) which interest you.
Use the information in the file format specs to guide you.
ya i am working on those operators.can u help me with a piece of code to do tht.
What?
Write some code to read a .cap file, extract a frame and show usage of the bitwise operators to extract some information?
Go read your C book or some tutorials to find out how they work, then try to use them in your application. Then (or if) you get stuck, then you can post some code and we'll see if we can help you past your difficulties.
Yes I can help, but I'm not going to spend the next hour researching .cap files, saving a trace with ethereal and then writing some code just so you can grab it and say "tada, finished". It's your project, start pulling some weight.
fine.i have a written a small code to open read and write the binary file.now wat i need is to get only a certain peice of data from the whole file.i have used fseek to move my pointer to tht location.but not able to get the exact data.
this is the code tht i have written to get the piece of data from the string.any idea how to covert a binary file into readable form using c
#include<stdio.h>
#include<conio.h>
main()
{
FILE *fp,*ft;
char ch;
int i;
clrscr();
fp=fopen("test2.cap","rb");
ft=fopen("e1.c","wb");
fseek(fp,64,SEEK_SET);
printf("%ld",ftell(fp));
for(i=64;i<=96;i++)
{
ch=fgetc(fp);
fputc(ch,ft);
}
printf("%ld",ftell(fp));
fclose(fp);
fclose(ft);
}
Obviously you have NOT read the links I posted. If you want help, you must do what was suggested when help is given.
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.
