Represents a capture file. You must first create this object and then use this to open an existing capture file or create a new capture file. You can then use the methods and properties provided by this object to navigate to other interesting parts of the capture file. The Unsniff.Database is the only object that can be publicly created via its ProgID.
Name | Type | Access | Description |
---|---|---|---|
PacketCount | Long | Read | The number of packets currently present in the capture database. |
PDUCount | Long | Read | The number of PDUs currently present in the capture database. |
PacketIndex | Collection | Read | A collection of Packet objects. |
PDUIndex | Collection | Read | A collection of PDUs. |
StreamIndex | Collection | Read | A collection of Streams. Each stream represents a TCP/IP session. |
UserObjectsIndex | Collection | Read | A collection of User Objects. Examples of user objects are images, HTML, audio, RTP media, files, etc. |
Name | Parameters | Description |
---|---|---|
Open | Filename (String) | Opens the capture file identified by the filename parameter for read-write access. The filename can be a full pathname or a relative filename. You can also open the file explicitly for readonly or readwrite access using the OpenForRead and OpenForWrite methods. |
OpenForRead | Filename (String) | Opens the capture file identified by the filename for read only. Use this method if you are just analyzing a capture file and not trying to change its contents. |
OpenForWrite | Filename (String) | Open the capture file for read-write access. Use this method if you want to change the contents of the capture file in any way. This call will return an error if the capture file is already opened in the main Unsniff application. Try OpenForRead or close the capture file in Unsniff while your script is running |
New | Filename (String) | Creates a new capture file with the given filename. The filename can be a full pathname or a relative filename. |
Close | None | Close the file. The file must be currently open via the Open or New methods. All changes made to a file opened with write access are saved. |
BeginExport | Filename (String) Type (String) | Open an export file with the given name and type. Currently the only type supported is“libpcap”. To export an entire file: Use the Export() method To selectively export packets: Call BeginExport(), followed by a bunch of ExportXXX() calls, then with an EndExport() |
ExportPacket | Packet | Export this packet to the export file currently opened via BeginExport() |
ExportStream | Stream | Export the entire stream (e.g. TCP/IP session) to the export file currently opened via BeginExport() |
EndExport | None | Close the export file previously opened via BeginExport() |
Export | Type(String) Filename (String) | Export all the packets in this capture file to the given file. The desired export format is specified in the Type parameter. Currently the only Type supported is “libpcap” |
Import | Type(String) Filename (String) | Import all the packets in a capture file in another format into this file. You must already a USNF file open into which you want to import. Type must be set to “libpcap” Sample UDB = WIN32OLE.CreateObject(“Unsniff.Database”) UDB.Open(“mycap.usnf”) UDB.Import(“test1.pcap”, “libpcap”) '' |
AddPacket | Packet | Add the given Packet to this capture file. This packet could be from another capture file that is currently open. |
AddStream | Stream | Add the given Stream to this capture file. The stream could be from another capture file that is currently open. |