From 207df6fc406e81bfeebdff7f404bd242ff3f099f Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Tue, 7 May 2024 06:48:35 +0200
Subject: Merging upstream version 0.12.2.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 src/formats/pcap_log.json | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'src/formats/pcap_log.json')

diff --git a/src/formats/pcap_log.json b/src/formats/pcap_log.json
index 8ae73e2..a9e86ef 100644
--- a/src/formats/pcap_log.json
+++ b/src/formats/pcap_log.json
@@ -4,11 +4,17 @@
         "json": true,
         "title": "Packet Capture",
         "description": "Internal format for pcap files",
-        "mime-types": [
-            "application/vnd.tcpdump.pcap"
-        ],
-        "multiline": false,
         "convert-to-local-time": true,
+        "converter": {
+            "header": {
+                "expr": {
+                    "pcapng": ":header REGEXP '^0a0d0d0a.{8}(?:1a2b3c4d|4d3c2b1a).*'",
+                    "pcap": ":header REGEXP '^(?:a1b2c3d4|d4c3b2a1|a1b23c4d|4d3cb2a1).*'"
+                },
+                "size": 24
+            },
+            "command": "pcap_log-converter.sh"
+        },
         "line-format": [
             {
                 "field": "time"
-- 
cgit v1.2.3