PackPrint provides a pretty-printer for ethernet packets.
PackPrint is a program to parse and print out ethernet frames in a pretty way. For protocols that it knows about (ARP, UDP, TCP, ICMP, and raw IP), it will decode the data and print it out in an easy-to-read format.
Here are some key features of "PackPrint":
· PackPrint will display the contents of ethernet frames. For protocols that it knows about, it will decode the data and print it out in an easy to read format
· The protocols that PackPrint currently understands include
· ARP
· UDP
· TCP
· ICMP
· IP
Usage:
PackPrint is incredibly easy to use - simply to packprint , where is the name of a file generated using the -w option for tcpdump (or some other program using libpcap).
If is -, then packprint reads from standard input, so you could do:
$ tcpdump -s 65535 -w - | packprint -
to produce an nice output for tcpdump
NOTE: always use the -s 65535 options on tcpdump to make sure you get the entire packet contents so that packprint can decode it
Product's homepage
Find us on Google+
