In some email I received from Andrew Brown, sie wrote:
> 
> i don't like snoop (you can't get it to *not* look up hostnames) but
> that's probably affected by the fact that i don't like solaris much
> (but that's a differnet rant :).  anyways...i have a need to move some
> packet capture files from a solaris box to somewhere i can manipulate
> them more easily.  so i was gonna write a little program to convert
> between the two formats.  it seems easy enough (i figured out the file
> formats from inspection after about 20 minutes), but i was
> wondering...
> 
>  * is this something that's already been done?  if so, where is it?
>  * what other packet capture file formats are there that i might like
>    to support?
>  * can you think of any other silly ideas for me?

yeah, rip ipft_sn.c out of netbsd for something that already groks
the snoop format.  ipftest reads different input (text/binary) for
putting through ipfilter rules...maybe a featurism is to have it
output records rather than run them through rules ?

darren