Exporting PDUs from pcap in linux machine

0
votes

I want to extract all the PDUs from a pcap on linux machine. I have a windows system with 64-bit processing, which has wireshark installed on it. The wireshark provides a option of exporting PDUs as

File -> Export PDUs to file

This pop ups a new window that need how you want to export the PDUs. Pop up window looks like this. Select OSI layer 3 and click OK. This gives me the desired PDUs from the pcap.

I want to achieve this on a linux machine using tshark/wireshark or any other software. I have tried through tshark, but not able to achieve this till now.

1
wiresharkpcaptshark

1 Answers

1
votes

I want to achieve this on a linux machine using tshark/wireshark

Step 1: Make sure you have Wireshark 1.12 or later on your Linux machine.

Step 2: Run Wireshark on the file.

Step 3: Select "Export PDUs to file" from the "File" menu.

Step 4: Select OSI layer 3 in the dialog it pops up.

Step 5: Click OK.