[RADIATOR] MessageLog Format text2pcap, missing tool in goodies
Heikki Vatiainen
hvn at open.com.au
Thu Aug 10 10:04:07 UTC 2017
On 9.8.2017 20.11, Karl Gaissmaier wrote:
> is there already a wrapper in your toolbox to feed the msglog to
> text2pcap, using the proper directives per packet and collecting all
> packets in one pcap file?
No, there is not. If I remember correctly, the idea was to have the
directives more or less ready for text2pcap so that it could do the
processing when it creates the pcap file. As you probably noticed from
text2pcap documentation, line starting with '#TEXT2PCAP' is a special
directive but it looks like it does nothing yet (and currently Radiator
adds ##TEXT2PCAP).
The only, slightly, related thing in goodies is hexdump2wireshark.pl
which creates similar output from Trace 5 messages dumps.
In case someone wants to try this now, running text2pcap against the
file with one set of command line options does create a valid pcap file.
However, the ports and IPs are all the same, so the direction needs to
be deduced from the message contents.
Please let us know how it goes if you decide to do a script,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list