- export2.rb
# ---------------------------------------------------------------
# export2.rb - Export a single stream to a libpcap file
#
# usage : export2 <unsniff file> <libpcap file> <stream-id>
#----------------------------------------------------------------
require 'win32ole'
USAGE = "export2 <unsniff-file> <to-libpcap-file> <stream-id>"
if ARGV.length != 3
puts USAGE
exit 1
end
FromDB = ARGV[0]
ToFile = ARGV[1]
StreamID = ARGV[2]
UnsniffDB = WIN32OLE.new("Unsniff.Database")
UnsniffDB.Open(FromDB)
StmToExport = UnsniffDB.StreamIndex(StreamID)
UnsniffDB.BeginExport( "libpcap", ToFile)
UnsniffDB.ExportStream(StmToExport)
UnsniffDB.EndExport()
UnsniffDB.Close()
print "Exported Stream #{StreamID} to libpcap/tcpdump file #{ToFile}"
