stripe v0.3 Alpha
Written by Foeh Mannay, January 2015

PURPOSE
=======

"stripe" is a tool which attempts to remove any and all encapsulating headers (i.e.
VLAN tags, MPLS shim headers, PPPoE, GRE, L2TP and GTP) from a pcap file, leaving plain
old payload over Ethernet. This is useful as some tools cannot work with encapsulated
frames and, until now, I couldn't find any automatic way to convert a pcap with such
headers into a usable format.

This version adds experimental nested IP fragment re-assembly support. The code should
handle 90% of use cases. Please bear with it for now, or if you're impatient, fix the
code :D

Please see http://networkingbodges.blogspot.com/ for more information on the
theory behind this if you are interested.

INSTALLATION
============

For Linux / Mac / MinGW it should be possible to build from source using:

gcc -o stripe stripe.c

I will make some binaries available for convenience but I make no assurances that I will
keep them up to date.

USAGE
=====

There are only two parameters and both are mandatory. You must specify your
input capture file (original pcap format) with the -r flag and your output capture file
with the -w flag. Here's an example:

Harrys-MacBook-Air:stripe foeh$ ./stripe -r mpls-frames.cap -w clean-frames.cap

Parsing capfile...

4 frames processed.
Harrys-MacBook-Air:stripe foeh$

CHANGE LOG
==========

v0.1a	First working release, tested with 802.1Q VLANs, MPLS, GRE and PPPoE. L2TP in 
development.

v0.2a	Added "experimental" GTP support, realised the need to pad small frames!

v0.3a	Added IP fragment reassembly support