Opened 10 years ago

#281 new defect

Add support for NetMon

Reported by: salcock Owned by: salcock
Priority: major Milestone: libtrace3
Component: libtrace-library Version:
Keywords: Cc:

Description

Starting to see a few traces using Microsoft NetMon?, such as Wireshark sample traces (http://wiki.wireshark.org/SampleCaptures). It would be nice if libtrace could also read these traces.

Some documentation of the format can be found at http://www.scritube.com/limba/engleza/computers/Netmon-Capture-File-Format14459.php

The format doesn't seem too bad - just need to make sure we don't treat the frame table as actual frames and will need a TRACE_TYPE to TRACE_NETMON conversion and vice versa.

Change History (0)

Note: See TracTickets for help on using tickets.