# ----------------------------------------------------------------- # batchimp.rb - Batch import a set of libpcap files into a # single Unsniff capture file # # usage : batchimp <directory> <libpcapfiles> <unsniff-file> # exmple : batchimp ..\tdata a*.pcap output.usnf #------------------------------------------------------------------ require 'win32ole' USAGE = "batchimp <directory> <import-files> <unsniff-file>" if ARGV.length != 3 puts USAGE exit 1 end FromDirectory = ARGV[0] FromWildcards = ARGV[1] ToFile = ARGV[2] #------ Check all parameters ------------ if ! File.directory?(FromDirectory) print "#{FromDirectory} is not a directory" exit 1 end #------ Create or Open the Unsniff file ----- UnsniffDB = WIN32OLE.new("Unsniff.Database") if File.exist?(ToFile) UnsniffDB.Open(ToFile) else UnsniffDB.New(ToFile) end #------ Start importing ------------- ipkts =UnsniffDB.PacketCount OldDir = Dir.pwd Dir.chdir(FromDirectory) FilesToImport = Dir[FromWildcards] Dir.chdir(OldDir) FilesToImport.each { |fil| impfile = File.join(FromDirectory,fil) impfile.sub!(/\//,'\\') print "Importing from #{impfile}..." begin UnsniffDB.Import("libpcap",impfile) rescue end ipkts = UnsniffDB.PacketCount - ipkts print "(#{ipkts} packets) done.\n" } print "wait! saving capture file" UnsniffDB.Save print "done" print "Unsniff Filename is #{ToFile}"