Good Morning, I was trying to capture several pcap files into one. I placed/saved the files on the desktop. Now on the recommendation of the book i entered the book verbatim, but i could not get it to work.Would you mind telling me how it works.
What do you think could be the reason. 1) Do i have to save the files in a different directory. 2) Seperately install mergecap. Thanks Bharat CP asked 07 Jan '14, 03:41  BharatNT2IE |
One Answer:
You don't mention which book you are using, but it should have a section for Windows users on making sure that the wireshark binaries (which includes mergecap) is on your path. The command shell is telling you that it doesn't know anything about mergecap, you'll need to adjust the path to include the wireshark binary path. Try executing
in your command shell, replacing answered 07 Jan '14, 03:52  grahamb ♦ showing 5 of 7 show 2 more comments |
Wireshark 101 essential, the official wireshark one, i just looked at the glossary and it indicated me to that syntax, it should have been Windows, because the terminal looked like windows, but i will try your suggestion.
Graham,
Thank you for you help. All i did was to place the file in the default c folder, where the wireshark was installed, thank you very much, I will also try to get the path file.
So i did it in Windows 8 this is the path if anyone need to merge files.
C:\Program Files\Wireshark>mergecap -w Meg.pcap Mergexxx.
keep these files in the folder above and run the command.
Thanks Bharat C P
It worked Voila!!!!!
P.S. You might want to run the CMD as administrator.
Its not a good idea to put capture files (or any data files you work with) into the program installation path. You should add the program installation path to the search path as @grahamb said.
Jasper,
Yes, i will try that out and definitely get back to the group, i think i owe Graham that much. But for my purpose now it is served, but i will let the group know, i was just a bit unclear on the syntax, i will definitely let you know.
Thanks Bharat C P
Graham,
Thank you that worked, i was not sure of the working of the commands of that instruction
set PATH=%PATH%;path\to\wireshark
I have never used this command before, mix up by me. I followed your instruction verbatim and i got the desired results.
Here here goes, i hope some one can benefit from this.
Once again appreciate it.
Thanks Bharat C P
Graham,
I am not quite done yet. Sorry about that,the previous example that was shown, i was merging files in windows. But this set i was trying to merge files that i took of MAC OSX. the problem that i am encountering
mergecap: Can't open or create xx.pcap: Files from that network type can't be saved in that format
the same syntax.
Please try to guide me in the right train of tought i am thinking MAC OSX the files by default are in libpcap, files, i even tried to change the extenstion to libpcap, with the same undesired result. Anay one is open for suggestion.
BTW. I was able to merge in MAC the group of files. But i wanted to know in the event of merging in MAC and find. Please any suggestion are welcome.
Thanks Bharat C P
Graham, I do not seem to be able to view any of our comments is it a know bug.
Thanks Bharat