PCAPdispatcher

Download latest version of pcapdispatcher. Send remarks to phil@secdev.org
Ideal complement of Net2Pcap.

Abstract

PCAPdispatcher is the very first version of a (maybe modular, one day) program that will try to explode a pcap file into differents files, one with ARP packets, one with ICMP packets, per-peer TCP/UDP exchanges (or per connection). If There is less that MINPKTGRP packets for a communication (maybe a scan ?) these packets are regrouped in a remaining file.

Usage

$ ./pcapdispatcher -h
Usage: pcapdispatcher -i input [-o outputdir] [-f bpffilter]