Help with extracting tcpdump data...?
I'm using tcpdump to monitor the traffic on my router - very slick! Anyway, right now I'm using wireshark with a filter like this to pull yahoo chats:
data.data contains "Command=\"6" || data.data contains "Command=\"11"
This gets me the right packets, but it's very tedious to extract the actual chat session - ie, I have to do a 'follow stream' in WireShark and then copy and paste all of the chat texts to another document. In addition to that, it seems like the follow stream only pulls the current session so if the session had ended and another one started later I need to find a packet from the next session and follow that stream...
Is there a utility out there that will pull yahoo chats from these files in a nice format? Something like this:
user1: blah blah
user2: blah blah blah
I have dozens of these files with huge amounts of chat data that I want to archive.