P

pdml2sbud

PDML to SBuD converter

pdml2sbud

Convert a packet from a Wireshark PDML file into a SBuD compatible format.

Usage example

$ tshark -T pdml -f icmp -c 2 2>/dev/null >icmp.pdml&
$ ping -c1 1.1.1.1
$ nix-shell [or pip install -r requirements.txt]

# show from proto ip onwards (default):
$ ./pdml2sbud.py icmp.pdml icmp_packet.bin 0 > icmp0.json
$ python2 /path/to/dat.py icmp0.json

# show from proto eth onwards:
$ ./pdml2sbud.py icmp.pdml icmp_packet.bin 1 eth > icmp1.json
$ python2 /path/to/dat.py icmp1.json

Known problems

Quite a few protocols are not possible to dump at the moment since the packet bytes are "hidden" a few layers down the XML tree. Work in progress ;-).