How to read pcap files directly using matlab

87 vues (au cours des 30 derniers jours)

Aslihan Reyhanoglu le 5 Mai 2020

0
Lien

Utiliser le lien direct vers cette question

https://fr.mathworks.com/matlabcentral/answers/523226-how-to-read-pcap-files-directly-using-matlab

Commenté : Marek HICAR le 22 Déc 2022

Hi,

I have to extract statistical features like source port, destination port, packet length, total length and round trip time from .pcap files by using Matlab. I tried some widespread ways I found on the Internet (pcap2matlab, traceplay) but I didn't make them work. Is there anyone who has a new suggestion? I will really appreciate your help.

Regards,

Asli

0 commentaires
Afficher -2 commentaires plus anciensMasquer -2 commentaires plus anciens

Connectez-vous pour commenter.

Connectez-vous pour répondre à cette question.

Réponse acceptée

Samatha Aleti le 8 Mai 2020

0
Lien

Utiliser le lien direct vers cette réponse

https://fr.mathworks.com/matlabcentral/answers/523226-how-to-read-pcap-files-directly-using-matlab#answer_431131

Hi Aslihan,

There is no such feature as of now, but it will be considered for a future release. Also, 'pcap2matlab' is one of the submissions in MATLAB File Exchange on MATLAB Central which is a forum for our product users to interact, exchange information and knowledge, without MathWorks' involvement.

Feel free to contact the author of this submission directly for specific questions about the implementation.

1 commentaire
Afficher -1 commentaires plus anciensMasquer -1 commentaires plus anciens

Aslihan Reyhanoglu le 8 Mai 2020

Hi Samantha,

Thank you for your answer. I'll contact the author.

Connectez-vous pour commenter.

Plus de réponses (1)

michael le 20 Juin 2020

0
Lien

Utiliser le lien direct vers cette réponse

https://fr.mathworks.com/matlabcentral/answers/523226-how-to-read-pcap-files-directly-using-matlab#answer_454570

To make the pcap2matlab litlle bit simple to use:

capture = pcap2matlab(filter, decodeas_and_dissector, filename_or_interface, capture_stop_criteria)

Lets say you are using a udp protocol and the data you would like to read is on top of it: data[0:1] (in packet showed below is 0x5d 0x2d)

Therfore in order to read a file you shall use:

filter=[]; %there is no specific filter
decodeas_and_dissector.somedata=base+0:base+1; (where base is the location of the 1st byte of the data (0x2a=42))
capture_stop_criteria=[];

Now, lets assume that your data is dissected, like udp.srcport,

Therfore in order to read a file you may use:

decodeas_and_dissector = {'udp.srcport'}

other option is like before

decodeas_and_dissector.srcport = 34:35 %locations (0x22:0x23)

9 commentaires
Afficher 7 commentaires plus anciensMasquer 7 commentaires plus anciens

Walter Roberson le 29 Nov 2022

You need to install WireShark https://www.wireshark.org/download.html . The pcap2matlab() code invokes an executable named tshark from the wireshark installation.

Marek HICAR le 22 Déc 2022

pcap2matlab error.png

Thanks Walter, I do have WireShark installed before launching the pcap2matlab file.

The file was recordered. Are the input arguments correct? See attached fig.

Connectez-vous pour commenter.

Connectez-vous pour répondre à cette question.

Catégories

MATLAB Installation and Licensing Install Products Introduction to Installation and Licensing

En savoir plus sur Introduction to Installation and Licensing dans Help Center et File Exchange

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by