Convert pcap data to binary for testbench

Question

Hi,

I'm trying to convert a pcap file to binary for use in testing in a new product, I'm working on. I figured the best thing to do was

1...save the file in a .k12 text file, where I get the following format of text file...

+---------+---------------+----------+ 09:19:40,736,392 ETHER |0 |00|05|47|02|99|c6|00|03|fa| ........etc etc

2...I parse this text file using a perl script to get 00 05 47 02 99 c6 00 03 fa ........etc etc

3...I then convert this to serial binary data format which I need

000000000000010101000111000000101001 ........etc, etc, which is just the binary format of the hex data.

When I this is read by the internet device, I'm working on, I would have expected it to recognise this a valid internet traffic, but it doesn't. I've a few questions...

Does the .k12 file contain valid data or are there other headers, that I need to remove before converting it to binary?

Are there any endian issues that I need to be aware of when parsing the .k12 file?

Alternatively, is there any other method of extracting the data from wireshark into this format?

Regards Mike

Answer 1

A pcap file is "binary" in the sense that it's not a text file. What are you trying to do with the packets in the pcap file? Transmit them on a network of the same type as the network on which they were captured? If so, then the "Traffic generators" section of the Tools page on the Wireshark Wiki lists some tools you can use to do that, such as tcpreplay and bittwist.

Answer 2

Best way would be to use Lua to do it for you

Make sure your wireshark/tshark is compiled with lua
Enable lua by editing /usr/share/wireshark/init.lua
Create file test.lua with contents from source below
Run tshark with lua script like below

[[email protected] ~]$ tshark -n -r tmp.pcap -Xlua_script:./test.lua   -w /dev/null
Lua started
Found addr 00:50:56:c0:00:08 in packet # 1 Bin: 000000000101000001010110110000000000000000001000

For more info on how to extend wireshark with lua see this guide Lua Scripting in Wireshark

-- Start test.lua
print("Lua started")
local hex_tbl = {
["0"] = "0000",
["1"] = "0001",
["2"] = "0010",
["3"] = "0011",
["4"] = "0100",
["5"] = "0101",
["6"] = "0110",
["7"] = "0111",
["8"] = "1000",
["9"] = "1001",
["a"] = "1010",
["b"] = "1011",
["c"] = "1100",
["d"] = "1101",
["e"] = "1110",
["f"] = "1111"
}
function to_bin(s)
– Convert ethernet address to binary



– Logic stolen from http://www.dialectronics.com/Lua/code/BinDecHex.shtml




local ret = ""


local i = 0



    for i in string.gfind(s, &quot;.&quot;) do
            if i ~= &quot;:&quot; then
                    i = string.lower(i)
                    ret = ret..hex_tbl[i]
            end
    end
    return ret

end
eth_src_extr = Field.new("eth.src")
local eth_listener = Listener.new()
function eth_listener.packet(pinfo, tvb, userdata)
local eth_addr = eth_src_extr()
if eth_addr then
local eth_addr_str = tostring(eth_addr)
print("Found addr ".. eth_addr_str .. " in packet # " .. pinfo.number .. " Bin: " ..to_bin(eth_addr_str))
end
end
– End test.lua

Answer 3

stuck with the same problem, here is how i fixed it. Export the packet as a "C" array. Then replace the "static const unsigned char" with "reg [7:0]" (assuming verilog), replace the 0x of all hex numbers with 8'h and precede all the opening curly brackets with a single quote. This should let you place it directly in to a verilog file.