A simple FileHandler which supports performing some simple modifications on PCAP network capture files.
Such files contain the packet data that gets transmitted over digital networks.
They are usually obtained by some network sniffing software which can dump
that data into files of this type. Such files are commonly named with extensions
.tcp or .pcap.
This FileHandler allows loading such files and inspecting the individual packets contained therein. Some very basic protocol detection on IP data is available but nothing more. For sophisticated analysis on upper protocol levels, a dedicated software should be used instead.
However, this FileHandler provides a few convenience modification operations on its own:
The packets can be sorted in some custom ways.
Individual packets can be deleted.
A simple action provides a possibility to strip non-IP data, e.g. the Ethernet frames surrounding the IP packets and all packets not containing IP data.
The bytes of each packet can be modified in a HEX editor.
In addition it is possible to perform some custom filtering of the packets to display using a flexible XML-based filtering mechanism, but without actually modifying the packet list.
In case the optional libraries for graphical charting are available, it is also possible to display some bandwidth statistics chart on the currently visible list of packets.
As this FileHandler supports modification and saving of the loaded data, it is an editor by nature.