osamu · May 13, 2016 12:54
diff --git a/gistfile1.txt b/gistfile1.txt
 require 'rubygems'
 require 'pcap'
 require 'time'

 if 2 != ARGV.size
  STDERR.puts "Usage: #{$0} in.pcap out.pcap delta"
  exit(2)
 end

 in_filename, out_filename = ARGV

 inp = outc = outp = nil
 begin
  inp = Pcap::Capture.open_offline(in_filename)
  outc = Pcap::Capture.open_dead(inp.datalink, inp.snaplen)
  outp = Pcap::Dumper.open(outc, out_filename)
  start_time = Time.parse("2016-5-12 14:44:00")
  inp.each  do |pkt|
    next if  pkt.time < start_time
    outp.dump(pkt)
  end
 rescue Exception => e
  STDERR.puts e.message,e.backtrace
 ensure
  inp.close if inp
  outp.close if outp
  outc.close if outc
 end
	require 'rubygems'
	require 'pcap'
	require 'time'

	if 2 != ARGV.size
	STDERR.puts "Usage: #{$0} in.pcap out.pcap delta"
	exit(2)
	end

	in_filename, out_filename = ARGV

	inp = outc = outp = nil
	begin
	inp = Pcap::Capture.open_offline(in_filename)
	outc = Pcap::Capture.open_dead(inp.datalink, inp.snaplen)
	outp = Pcap::Dumper.open(outc, out_filename)
	start_time = Time.parse("2016-5-12 14:44:00")
	inp.each do \|pkt\|
	next if pkt.time < start_time
	outp.dump(pkt)
	end
	rescue Exception => e
	STDERR.puts e.message,e.backtrace
	ensure
	inp.close if inp
	outp.close if outp
	outc.close if outc
	end