Reading PCAP files on Matlab
Ältere Kommentare anzeigen
I am trying to read PCAP files on matlab. Can anyone suggest how to do so?
5 Kommentare
James
am 3 Mär. 2020
I recently decided to do this also. I've found pcap2matlab code mentioned by Punjitha not very functional.
It requires TShark installed AND on your path. TShark is part of wireshark, and was not initially part of my installation for some reason.
The help was unclear, and a challenge to read through.
Further I'm interested in "live" analysis as the data streams in, so I've ended up using a different part of wireshark (editcap) to convert the packet data to a text based format and wrote my own parser.
I'd be happy to share if you're intersted, but its (very) poorly tested. The part that works can load hex text ethernet frame (k12 text) output from wireshark:editcap into ipv4, and udp. It returns a cell array of packets structs.
Nishu Vidyarthi
am 3 Mär. 2020
Well, okay, I've cleaned up my messy bits(a little), and apologize in advance for minimal testing. I read the bare minimum of documentation to get what I wanted done so many pieces are incomplete. Further, this was a home project, so my work was done in gnu octave, and I didnt bother to check that it ran the same at work.
All the disclaimers aside, this code ran fast enough for me written in pure matlab, so I was happy. I'm thinking of just learning the pcapng format since I just about had to drop to binary packet handling here, and it doesnt seem like it'd be much more work.
If you need copyright licensing ... this is free, it will destroy the computer of anyone whom runs it, encourage people to blame me, but only for succes .
Tolga Ulupinar
am 1 Feb. 2022
Hi James. I have some problems in your scripts. In capture read " error using hex2num Too many input arguments" . Can you help me for this error. How can ı fix this error. I used test_packet.txt
Walter Roberson
am 1 Feb. 2022
Bearbeitet: Walter Roberson
am 1 Feb. 2022
I see that @James mentioned that he wrote the code using Octave. The Octave hex2num() supports passing a class as the second parameter, but MATLAB does not.
I think you can change the hex2udp line
udp.(fields{fn})=hex2num(udp.(fields{fn}),'uint16');
to
udp.(fields{fn}) = uint16(sscanf(udp.(fields{fn}), '%x'));
This would possibly have slightly different behaviour in cases where the input somehow had spaces or non-hex characters instead of the expect hex output; I do not have access to Octave to test its behaviour in detail (and there is the big question of what would be most reasonable to have happen in that circumstance.)
Akzeptierte Antwort
Pujitha Narra
am 24 Feb. 2020
Bearbeitet: Pujitha Narra
am 24 Feb. 2020
1 Stimme
Hi,
There is no such feature as of now, but it might be considered for a future release. However, 'pcap2matlab' is one of the several submissions in MATLAB File Exchange on MATLAB Central which is a forum for our product users to interact, exchange information and knowledge, without MathWorks' involvement. Feel free to contact the author of this submission directly for specific questions about the implementation.
Here's the link to the file:
Weitere Antworten (2)
michael
am 20 Jun. 2020
0 Stimmen
Hello,
Idin Motedayen-Aval
am 3 Jun. 2024
0 Stimmen
For completeness:
If you have access to 5G Toolbox, there is built-in pcapReader function that has been available since R2021b.
Kategorien
Mehr zu WLAN Toolbox finden Sie in Hilfe-Center und File Exchange
am 20 Feb. 2020
am 3 Jun. 2024
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!
Translated by 
