#!/usr/bin/env ruby
# extracts UDP/TCP data payload from packets to an array encapsulated in yaml
#   Usage: cap2yaml pcap-file [filter]]

require 'rbkb/plug/feed_import'

begin
  unless file = ARGV.shift
    raise "Usage: #{File.basename $0} pcap-file [filter]"
  end

  filter = ARGV.join(" ")

  caps = FeedImport.import_pcap(file, filter)
  puts caps.to_yaml
rescue
  STDERR.puts $!
  exit 1
end