>> Shawn Ostermann's (CCed) tcptrace program sort of does what you
>> want.
>
>Oh, and what I forgot was a pointer to the program:
>
>    http://jarok.cs.ohiou.edu/software/tcptrace/tcptrace.html

thanks. it's in the package system though, and i built it already at
one point when i was madly building anything that sounded remotely
interesting.  :)

i think i'll proceed with my original plan, though, which is to write
a dump translater: snoop <-> tcpdump, bigendian <-> littleendian
dumps, etc.  sort of a sox for sockets, so to speak.

can anyone think of any other packet capture file formats that might
be nice to add?

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."