- dlayer.rb
# ------------------------------------------------------------------
# dlayer.rb Print all the layer fields
# usage : prlayer <capture-file> <layername>
#
#
# ------------------------------------------------------------------
require 'win32ole'
USAGE = "prlayer <capture-filename> <layer-name>"
# function printField
# Formats and prints a field (also subfields if present)
#
def printField(indent, field)
pad = " "*indent
print pad
print "#{field.Name}\t\t #{field.Value} \n"
if field.SubFieldCount > 0
field.SubFields.each { |f| printField(indent+2, f) }
end
end
if ARGV.length != 2
puts USAGE
exit 1
end
InputFile = ARGV[0]
LayerName = ARGV[1]
UnsniffDB = WIN32OLE.new("Unsniff.Database")
UnsniffDB.Open(InputFile)
PacketStore = UnsniffDB.PacketIndex
(0..PacketStore.Count-1).each do |idx|
pkt = PacketStore.Item(idx)
layers = pkt.Layers
layers.each do |lyr|
if lyr.Name == LayerName
print "#{lyr.Name}\n---#{pkt.ID}--#{pkt.Description}---\n"
lyr.Fields.each { |field| printField(1,field) }
end
end
end
UnsniffDB.Close()
