netsniff: Allow filter input pcap file to output pcap

It might be useful to filter out interesting traffic
from input pcap to output pcap file which will contain only
filtered packets:

    $ netsniff-ng -i input.pcap -o output.pcap ip src 192.168.1.198

Now it is possible by specifying output pcap file with ".pcap"
extension, otherwise the trafgen file will be generated as by default.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tklauser: small wording and whitespace adjustment]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>

1 files changed, 5 insertions, 4 deletions

diff --git a/netsniff-ng.8 b/netsniff-ng.8
index b6f129a..748a390 100644
--- a/netsniff-ng.8
+++ b/netsniff-ng.8
@@ -78,10 +78,11 @@ file that should not have the default pcap type (0xa1b2c3d4), the additional
 option \[lq]\-T\[rq] must be provided. If a directory is given, then, instead of a
 single pcap file, multiple pcap files are generated with rotation based on
 maximum file size or a given interval (\[lq]\-F\[rq] option). A trafgen configuration
-file can currently only be specified if the input device is a pcap file. If
-stdout is given as a device, then a trafgen configuration will be written to
-stdout if the input device is a pcap file, or a pcap file if the input device
-is a networking device.
+file can currently only be specified if the input device is a pcap file. To
+specify a  pcap file as the output device, the file name must have
+\[lq].pcap\[rq] as its extension. If stdout is given as a device, then a trafgen
+configuration will be written to stdout if the input device is a pcap file, or a
+pcap file if the input device is a networking device.
 .PP
 .SS -f, --filter <bpf-file|expr>
 Specifies to not dump all traffic, but to filter the network packet haystack.