# --------------------------------------------------------------- # export2.rb - Export a single stream to a libpcap file # # usage : export2 <unsniff file> <libpcap file> <stream-id> #---------------------------------------------------------------- require 'win32ole' USAGE = "export2 <unsniff-file> <to-libpcap-file> <stream-id>" if ARGV.length != 3 puts USAGE exit 1 end FromDB = ARGV[0] ToFile = ARGV[1] StreamID = ARGV[2] UnsniffDB = WIN32OLE.new("Unsniff.Database") UnsniffDB.Open(FromDB) StmToExport = UnsniffDB.StreamIndex(StreamID) UnsniffDB.BeginExport( "libpcap", ToFile) UnsniffDB.ExportStream(StmToExport) UnsniffDB.EndExport() UnsniffDB.Close() print "Exported Stream #{StreamID} to libpcap/tcpdump file #{ToFile}"