 | 1 | initial version |
If you want the raw frame data in binary form, you could read the capture file yourself.
If it's a pcap file, you could write a program using libpcap to do that. (See tcpdump's source as an example.)
If it's a pcapng file, newer versions of libpcap can read those, as long as they fit within the constraints of the current pcap API, i.e. all interfaces in the file must have the same link-layer header type and snapshot length.
If it's neither pcap nor pcapng, or it's in another format, you could try getting the Wireshark source, building it, and then adding your own program using Wireshark's libwiretap library to read it. (See the editcap source as an example.)
