# --------------------------------------------------------------- # export3.rb - Export selected individual packets to a file # # usage : export3 <unsniff file> <libpcap file> <packets> # <packets> = list of pktids, comma separated # #---------------------------------------------------------------- require 'win32ole' USAGE = "export3 <unsniff-file> <to-libpcap-file> <packet-ids>" if ARGV.length != 3 puts USAGE exit 1 end FromDB = ARGV[0] ToFile = ARGV[1] PacketIDs = ARGV[2] UnsniffDB = WIN32OLE.new("Unsniff.Database") UnsniffDB.Open(FromDB) PacketIndex = UnsniffDB.PacketIndex PacketIDArr = PacketIDs.chomp.split(/\s*,\s*/) UnsniffDB.BeginExport("libpcap", ToFile) PacketIDArr.each { |idx| packet2export = PacketIndex.Item(idx) UnsniffDB.ExportPacket(packet2export) } UnsniffDB.EndExport() UnsniffDB.Close() print "Exported #{PacketIDArr.length} selected packets to libpcap/tcpdump file #{ToFile}"