This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I would like to create a program using python <2.7 to be able to dump the whole data section of a TCP packet.

I have tried parsing a PDML file, which worked when the packet has a "fake-field-wrapper" but proved difficult when the TCP packet contained application layer data.

What would be the best capture format to parse using python to achieve this?

asked 26 Aug '14, 03:30

WireTshark's gravatar image

WireTshark
5225
accept rate: 0%


What happens if you disable the application layer protocols that seem to be causing problems for you? If you're in possession of the original capture file, maybe you can try exporting the data again and then reparsing the PDML?

permanent link

answered 26 Aug '14, 07:31

cmaynard's gravatar image

cmaynard ♦♦
9.3k1038142
accept rate: 20%

This worked perfectly. Thank you, something relatively simple but I could not get my head around it. That's great

(26 Aug '14, 08:31) WireTshark
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×752
×549
×58
×26
×13

question asked: 26 Aug '14, 03:30

question was seen: 2,077 times

last updated: 26 Aug '14, 08:31

p​o​w​e​r​e​d by O​S​Q​A