Read Tcpdump files from MATLAB
Hi,
I am stuck with a little issue. I need to read TCPDUMP file in MATLAB and to extract certain properties from the network traffic such as IP header fields, packet length, TCP Flags etc. I know how to do it in C but I am having issue while doing it in MATLAB as I am not able to find any library for traffic captures inside MATLAB. Can you please guide me with the appropriate functions and/or procedure in Matlab ?
Immediate response will be greatly appreciated.
Thanks.
I am stuck with a little issue. I need to read TCPDUMP file in MATLAB and to extract certain properties from the network traffic such as IP header fields, packet length, TCP Flags etc. I know how to do it in C but I am having issue while doing it in MATLAB as I am not able to find any library for traffic captures inside MATLAB. Can you please guide me with the appropriate functions and/or procedure in Matlab ?
Immediate response will be greatly appreciated.
Thanks.
ASKER
Sorry for the delayed response. I missed the response.
However, here attached is the sample file which I need to read through the MATLAB and cast the appropriate tcp, udp and IP headers inside.
Please take a look. Looking forward for further input from your end.
Thanks.
However, here attached is the sample file which I need to read through the MATLAB and cast the appropriate tcp, udp and IP headers inside.
Please take a look. Looking forward for further input from your end.
Thanks.
I don't see any attachment. Check the file extension you are uploading. EE doesn't support any file. It should be something common, like *.txt.
Also please show a desired output for a couple of lines. Which exactly values you need and how they look like?
ASKER
Attaching it again as txt file but it is not really text file rather a capture file and you should be able to read it in binary mode.
I need the output as an array of IP addresses of all the sessions that are present in the pcap. Lets say that we have three sessions then the output must be something like,
output_ip[] = ['1.1.1.1', '2.2.2.2', '3.3.3.3' ....]
Similarly we can do so for ports of all sessions i.e. output_ports[] = [1234, 4567 ... ]
Looking forward to your response.
Thanks.
test
I need the output as an array of IP addresses of all the sessions that are present in the pcap. Lets say that we have three sessions then the output must be something like,
output_ip[] = ['1.1.1.1', '2.2.2.2', '3.3.3.3' ....]
Similarly we can do so for ports of all sessions i.e. output_ports[] = [1234, 4567 ... ]
Looking forward to your response.
Thanks.
test
Sorry, I assumed you save tcpdump in ASCII mode. This was my assumption (fault as I see now) in my first comment and you probably didn't noticed.
It still can be done. MATLAB have I/O functions for binary files. But you need to know exact format to write a parser.
When you read it in C, do you apply any special libraries? If not and you have a raw code, I could try to translate it to MATLAB.
It still can be done. MATLAB have I/O functions for binary files. But you need to know exact format to write a parser.
When you read it in C, do you apply any special libraries? If not and you have a raw code, I could try to translate it to MATLAB.
ASKER
Hi,
Can you please point to function. I will have to look for the code as I wrote it quite some time back and I am not sure if I have the backup. I used C library called "Libpcap" and you can see the sample code here is the following link,
http://yuba.stanford.edu/~casado/pcap/section4.html
You don't need to translate the code. Just tell me the starting point of how to cast the bytes to structures after reading from binary files just like we do in C.
Thanks.
Can you please point to function. I will have to look for the code as I wrote it quite some time back and I am not sure if I have the backup. I used C library called "Libpcap" and you can see the sample code here is the following link,
http://yuba.stanford.edu/~casado/pcap/section4.html
You don't need to translate the code. Just tell me the starting point of how to cast the bytes to structures after reading from binary files just like we do in C.
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks
Thanks for accepting my comments. Although I don't care much about the points, I'd like you to know that giving C grade is not considered very polite on this site. Remember your feeling when you've got C in school? And how someone should feel who is trying to help you for nothing in return.
I believe I gave you useful links and even suggested help in writing the function.
I don't think you can easily change the grade, it's just a comment if you will use EE in the future. Take care.
I believe I gave you useful links and even suggested help in writing the function.
I don't think you can easily change the grade, it's just a comment if you will use EE in the future. Take care.
http://www.mathworks.com/help/matlab/ref/textscan.html
http://www.mathworks.com/help/matlab/ref/regexp.html
If you can show a file examples I can help you with the code.