Mergecap and Tshark: Merge Packet Dumps and Analyze Network Traffic
Mar 24, 2009, 15:32 (0 Talkback[s])
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
"Mergecap is a packet dump combining tool, which will combine
multiple dumps into a single dump file. Based on timestamp, the
packets are written into the output file in an orderly manner. By
default the output file is written in the libpcap format. However
using mergecap options, we can generate output in various different
format including those that are supported by wireshark tool.
"mergecap is available in the wireshark package. Make sure
wireshark/ethereal package is installed to use the mergecap."