#!/usr/bin/env ruby
# extracts UDP/TCP data payload from packets to numbered files
#   Usage: cap2files out_prefix pcap-file [filter]]

require 'rbkb/plug/feed_import'

begin
  unless prefix = ARGV.shift and file = ARGV.shift
    raise "Usage: #{File.basename $0} out_prefix pcap-file [filter]"
  end

  filter = ARGV.join(" ")

  caps = FeedImport.import_pcap(file, filter)
  i=0
  caps.each {|p| File.open("#{prefix}.#{i}", "w") {|f| f.write p }; i+=1 }
rescue
  STDERR.puts $!
  exit 1
end