Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
amargys
New Contributor

txt conversion to pcap via Perl script

Hi all,

 

I am trying to convert the txt file to pcap by using PERL script as per be low link:

http://kb.fortinet.com/kb...nk.do?externalId=11186

 

 but every time I am trying to convert it I am getting the below error:

 

C:\Users\m.a>fgt2eth.pl -in pcap.txt -out pcpaps.pcap Can't use string ("5b") as an ARRAY ref while "strict refs" in use at C:\Users\m.a\fgt2eth.pl line 220, <fh_in> line 16.

 

and the pcap files comes up as empty, I've uploaded txt file and used the below sniffer command to get it:

 

diag sniffer packet wan1 "port 443" 6 10

 

Thanks

6 REPLIES 6
rwpatterson
Valued Contributor III

As a test, try commenting out the first line after "# ------------------ don't edit after this line -------------------------------". In PERL, start the line with the hash (#) symbol to comment it out. Obviously this is against the wishes of the initial programmer, but the 'use strict;' directive seems to be what is causing the error. This script may have been created on a different flavor of PERL than you are running. That's all I have. Good luck

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
neonbit
Valued Contributor

There's an exe version of the conversion tool as well. You could give that a try since you're running Windows.

hmtay_FTNT
Staff
Staff

Hello amargys,

 

https://www.dropbox.com/s/h2ax6c8srtkg9eu/fgt2eth.zip?dl=0

 

I uploaded a zipped file here containing a different format of fgt2eth that is usable on both Linux and Windows OS. I also converted your txt file for you here. The difference between this script is you have to add a "-system <linux|windows>" because of the difference in the file format. An example command would be:

 

./fgt2eth.pl -in pcap.txt -out pcpaps.pcap -system linux

 

HoMing

joerothstein

script fails for me, as it could not find the path to text2pcap.exe, even with the argument -system windows

mjw80013

Replying to hmtay_FTNT

  Just pulled your script (had same problem as original post) - you need to change line 16 from ethereal to wireshark - ethereal is deprecated and no longer available or supported, its now wireshark

 

OrthoC
New Contributor II

joerothstein wrote:

script fails for me, as it could not find the path to text2pcap.exe, even with the argument -system windows

I just started to use this script, and I came across the same error. I was attempting to capture a putty output from a different computer than where we have wireshark installed. I was getting this same error, until I installed wireshark on the same computer that I was using to run the script. After that it worked.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors