Package: wireshark-common Version: 1.4.4-1 Severity: normal When having merged captures from two machines the "remove duplicates" option in editcap doesn't work, because the identical packets have a different header field "packet type" with values "Sent by us" (4) vs. "unicast to us" (0), and so the MD5 is different and both are kept.
Furthermore, in case there's a router inbetween, the MAC addresses would be different, too; so it might make sense to define some point from which the MD5 gets derived. Per default the MD5 should be derived from the Link-Layer, but optionally only the IP, TCP, or perhaps even more restricted data areas might be chosen. (So perhaps this could be an "expression" what fields to use in the MD5, eg. "http.host,http.request.uri" to keep only all different URLs being used) -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.34-1-amd64 (SMP w/2 CPU cores) Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages wireshark-common depends on: ii debconf [debconf-2.0] 1.5.38 Debian configuration management sy ii libc6 2.11.2-13 Embedded GNU C Library: Shared lib ii libcap2 1:2.20-1 support for getting/setting POSIX. ii libcap2-bin 1:2.20-1 basic utility programs for using c ii libgcrypt11 1.4.6-5 LGPL Crypto library - runtime libr ii libglib2.0-0 2.28.1-1+b1 The GLib library of C routines ii libpcap0.8 1.1.1-2 system interface for user-level pa ii libwireshark0 1.4.4-1 a network packet dissection librar ii libwiretap0 1.4.4-1 a network packet capture library - ii libwsutil0 1.4.4-1 network packet dissection utilitie ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime Versions of packages wireshark-common recommends: ii tshark 1.4.4-1 network traffic analyzer - console ii wireshark 1.4.4-1 network traffic analyzer - GTK+ ve wireshark-common suggests no packages. -- debconf information: wireshark-common/install-setuid: false -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org