readme.txt

用matlab写的以太网报头提取工具。它可以截获网络数据包并记录下它的时间戳、数据包长度和数据域等。

%% readme.txt

%% Instructions
1- Capture a network traffic session using Ethereal
2- Start the etherealParser2 GUI
3- Select the data file to analyze and the fields to capture
4- Process the data file and view the extracted field arrays in MATLAB

%% Capturing a data file with Ethereal
*** Setting up a capture filter is very important!!!***
This program can only efficiently process data files that have been captured by Ethereal and filtered for only a single source and destination address.  Please use the following procedure to capture your own data files.

1- Start Ethereal (Ethereal can be downloaded at www.ethereal.com)
2- Select an interface in Ethereal for the LAN card that you want to use for the capture
3- Set up a capture filter for the IP address of a single machine.  The ethereal string for that kind of filter is: host 192.168.0.1 
4- Start the capture, let it run, and then stop the capture.
5- Inspect the captured packets.  If it worked correctly only packets witha source or destination IP address equal to the filter address should have been captured.
6- Save the captured data file.  It is ready to be processed by etherealParser2.

%% Sample data file
1- Start the etherealParser2 GUI from MATLAB.  >> etherealParser2
2- Select the Browse button, select the data file: weei1
3- Enter the IP address for the data traffic (144.212.211.89)
4- Enter the number of pacckets to process (1000 for example)
5- Select the fields you want to extract from the file (IP Fields - Total Length for example)
6- Select the Process File button
7- The data fields should appear in the MATLAB Workspace.  
    a- The fieldArray variable will have the selected data fields.
    b- The field names are visible in the Command Window (fieldNames).
    c- The packet Time Stamps are in the first column of the lenArray or sourceArray variables.