<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content=text/html;charset=gb2312>
<META content="MSHTML 6.00.2900.5726" name=GENERATOR></HEAD>
<BODY id=MailContainerBody
style="PADDING-RIGHT: 10px; PADDING-LEFT: 10px; PADDING-TOP: 15px" leftMargin=0
topMargin=0 CanvasTabStop="true" name="Compose message area">
<DIV><FONT face=Calibri>
<DIV><FONT face=Calibri>I'm wondering if it's technically doable to capture
payloads at a TCP port into a binary file.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Calibri>Eg, we've established a connection at A(1234), B(5678).
And during some period the parckets are:</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Calibri><BR>A(1234)->B(5678): [1, 2,
3]<BR>B(5678)->A(1234): [8, 8, 8]<BR>A(1234)->B(5678): [4, 5,
6]<BR>B(5678)->A(1234): [9, 9, 9]<BR>A(1234)->B(5678): [7, 8,
9]<BR>B(5678)->A(1234): [10, 10, 10]</FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT face=Calibri>What I wanna do is to capture all payload
bytes of TCP into some binary file, say, A_to_B.bin, that has the following
content:</FONT></DIV>
<DIV><FONT face=Calibri>[1, 2, 3, 4, 5, 6, 7, 8, 9].</FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT face=Calibri>Is it possible to do this with Wireshark? If it's not,
is there any other way to help me do this? Or do I need to write some code with
WinPCap to do this?</FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT face=Calibri>Best Regards</FONT></DIV>
<DIV><FONT face=Calibri>Tactoth</FONT></DIV></FONT></DIV></BODY></HTML>