NAME

recs-fromtcpdump

recs-fromtcpdump --help-all

 Usage: recs-fromtcpdump <file1> <file2> ...
    Runs tcpdump and puts out records, one for each packet. Expects pcap files.
    Will put the name of the originating capture file in the 'file' field.
 
    Will parse packet types: ethernet, ip, udp, arp, tcp The type key will
    indicate the highest level parsed. DNS information will be parsed for TCP or
    UDP packets that are from or to port 53. The parsed representation of the
    packet for each valid level will be placed in the corresponding key. For
    instance, for a tcp packet, there will be information in the keys 'ethernet',
    'ip', and 'tcp'
 
    By default, data output is suppressed due to poor interaction with
    terminal programs.
 
    Flags will be parsed into hash of strings
    Possible IP flags: congestion, dont_fragment, more_fragments
    Poassible TCP flags: ACK, CWR, ECE, FIN, PSH, RST, SYN, URG
 
    ARP opcodes will be matched
    Possible opcodes: ARP_REPLY, ARP_REQUEST, RARP_REPLY, RARP_REQUEST
 
 Creating a pcap file:
    Run a tcpdump command with -w FILE to produce a pcap file. For instance: sudo
    tcpdump -w /var/tmp/capture.pcap
 
    Optionally, include all the data and timing information: sudo tcpdump -w
    capture.pcap -s4096 -S -tt
 
    See 'man tcpdump' for more information.
 
 Arguments
    --data                       Include raw data bytes of deepest packet level
    --filename-key|fk <keyspec>  Add a key with the source filename (if no
                                 filename is applicable will put NONE)
 
   Help Options:
       --help  This help screen
 
 Examples
    Get records for all packets
       recs-fromtcpdump  capture.pcap

See App::RecordStream for an overview of the scripts and the system
Run recs examples or see App::RecordStream::Manual::Examples for a set of simple recs examples
Run recs story or see App::RecordStream::Manual::Story for a humorous introduction to RecordStream
Every command has a --help mode available to print out usage and examples for the particular command, just like the output above.

To install App::RecordStream, copy and paste the appropriate command in to your terminal.

cpanm

cpanm App::RecordStream

CPAN shell

perl -MCPAN -e shell
install App::RecordStream

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

recs-fromtcpdump --help-all

SEE ALSO

Module Install Instructions