Quote:
Originally Posted by trevius
I did finally get showeq running on my Debian box, but I need to move both PCs to share a hub so that the packets can be sniffed and I didn't want to do that last night since it would affect my players obviously. I will try to put a hub in the next time I reboot the server. Then, I can get a look at what it shows for Live at least. And see if there is anything useful coming into it.
|
I found that for the purposes of packet collecting from live, you don't need to use a hub.
What I did was to run Wireshark on my PC, perform the actions I wanted to collect, then stop the capture and save the packets as a .pcap file.
I then transferred the capture file over to my Linux box and ran ShowEQ in replay mode:
showeq --playback-tcpdump-file=/tmp/livecap.pcap --log-zone --zone-log-file=/tmp/livecap.txt
Once the GUI has loaded and processed the capture, quit and you have a text version of the capture in, e.g. /tmp/livecap.txt
Code:
[OPCode: 0x0e98]
[Name: OP_ExpUpdate][Updated: 01/17/08][Type: expUpdateStruct (8) ==]
000 | 42 00 00 00 02 00 00 00 | B.......
Jul 20 2008 19:58:18:849 [Decoded] [Server->Client] [Size: 12]
[OPCode: 0x4656]
[Name: OP_MobUpdate][Updated: 01/17/08][Type: spawnPositionUpdate (12) ==]
000 | 0f 46 e7 1d 61 f4 bf 4f f7 01 0a 00 | .F..a..O....
<snip>