How to read pcap files directly using matlab

조회 수: 58 (최근 30일)
Aslihan Reyhanoglu
Aslihan Reyhanoglu 2020년 5월 5일
댓글: Marek HICAR 2022년 12월 22일
Hi,
I have to extract statistical features like source port, destination port, packet length, total length and round trip time from .pcap files by using Matlab. I tried some widespread ways I found on the Internet (pcap2matlab, traceplay) but I didn't make them work. Is there anyone who has a new suggestion? I will really appreciate your help.
Regards,
Asli

이 질문에 답변하려면 로그인하십시오.

채택된 답변

Samatha Aleti
Samatha Aleti 2020년 5월 8일
Hi Aslihan,
There is no such feature as of now, but it will be considered for a future release. Also, 'pcap2matlab' is one of the submissions in MATLAB File Exchange on MATLAB Central which is a forum for our product users to interact, exchange information and knowledge, without MathWorks' involvement.
Feel free to contact the author of this submission directly for specific questions about the implementation.
  댓글 수: 1
Aslihan Reyhanoglu
Aslihan Reyhanoglu 2020년 5월 8일
Hi Samantha,
Thank you for your answer. I'll contact the author.

댓글을 달려면 로그인하십시오.

추가 답변 (1개)

michael
michael 2020년 6월 20일
To make the pcap2matlab litlle bit simple to use:
capture = pcap2matlab(filter, decodeas_and_dissector, filename_or_interface, capture_stop_criteria)
Lets say you are using a udp protocol and the data you would like to read is on top of it: data[0:1] (in packet showed below is 0x5d 0x2d)
Therfore in order to read a file you shall use:
  • filter=[]; %there is no specific filter
  • decodeas_and_dissector.somedata=base+0:base+1; (where base is the location of the 1st byte of the data (0x2a=42))
  • capture_stop_criteria=[];
Now, lets assume that your data is dissected, like udp.srcport,
Therfore in order to read a file you may use:
  • decodeas_and_dissector = {'udp.srcport'}
other option is like before
  • decodeas_and_dissector.srcport = 34:35 %locations (0x22:0x23)
  댓글 수: 9
이전 댓글 7개 표시
Walter Roberson
Walter Roberson 2022년 11월 29일
You need to install WireShark https://www.wireshark.org/download.html . The pcap2matlab() code invokes an executable named tshark from the wireshark installation.
Marek HICAR
Marek HICAR 2022년 12월 22일
Thanks Walter, I do have WireShark installed before launching the pcap2matlab file.
The file was recordered. Are the input arguments correct? See attached fig.

댓글을 달려면 로그인하십시오.

카테고리

Help CenterFile Exchange에서 Introduction to Installation and Licensing에 대해 자세히 알아보기

태그

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by