Re: [Wireshark-users] [ANNOUNCE] WinPcap 4.0 has been released
Note that WinPcap 4.0 didn't go in until rev 20622 which isn't up in the prerelease directory. Jaap Keuter wrote: Hi List, On the back of WinPCap 4.0 our fearless leader has made a new prerelease http://www.wireshark.org/download/prerelease/wireshark-setup-0.99.5pre2-20620.exe with a whole bunch of fixes and improvements. Lets give this installer a serious testdrive. Thanx, Jaap On Mon, 29 Jan 2007, Gianluca Varenni wrote: As of today, WinPcap 4.0 is available in the download section of the WinPcap website, http://www.winpcap.org/install/ . This software release contains major improvements to the kernel driver, which has been thoroughly reviewed (and partially rewritten). As a result, WinPcap 4.0 is extremely more reliable and stable than previous versions! The 4.0 version also adds the long awaited stable support for x64 platforms, including Windows XP and the upcoming Vista. Finally, this release includes support for the CACE Technologies Wireless AirPcap Adapters, the first open and affordable solution for Wi-Fi capture on the Windows platform. Full details of the changes can be found in the change log attached at the end of this message. As always, we profoundly thank all the users that tested the development versions of WinPcap 4.0, it would not have been possible without your help and precious suggestions. Thanks! Gianluca Varenni WinPcap Team Changelog from WinPcap 4.0 beta3 - Added support for Vista x64 by digitally signing all the binaries of the WinPcap distribution. - Better error handling in the installer - if the installation of the Microsoft Network Monitor Driver (NetMon) fails. - Improved the documentation layout and readability - updated the style sheet and migrated to Doxygen 1.5.1. = ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
[Wireshark-users] error while loading dfilter_macro':No such file or directory
Version 0.99.6-SVN-20621 (SVN Rev 20621) on win xp sp2 every time openning wireshark, I saw the erorr message in subject and I have to click OK to continue. any idea? ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] error while loading dfilter_macro':No such file or directory
As a workarround please put an empty file in the dir called dfilter_macros in wireshark's directory. As soon as I re-stabilize the code I'm working on, i'll checkin a fix. Luis On 1/30/07, Xiaoguang Liu [EMAIL PROTECTED] wrote: Version 0.99.6-SVN-20621 (SVN Rev 20621) on win xp sp2 every time openning wireshark, I saw the erorr message in subject and I have to click OK to continue. any idea? ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
[Wireshark-users] Opening Acterna WAN capture files in wireshark
Hello folks, is there a way to open in Wireshark files captured by an Acterna packet analyzer in a Frame Relay interface? Regards, Persio ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
[Wireshark-users] Y axis advanced fields
Hello again, is there nay good documentation on how to use Wireshark's IO Graphs Y axis advanced fields? Regards, Persio ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] Y axis advanced fields
Persio Pucci wrote: Hello again, is there nay good documentation on how to use Wireshark's IO Graphs Y axis advanced fields? The best you can get is at http://www.wireshark.org/docs/wsug_html_chunked/ChStatIOGraphs.html Why not write it yourself and share it with us? Regards, ULFL ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
[Wireshark-users] Exporting IO Graphs
Hi there, it's me again. Is there anyway to export IO graphs to image files? That would help a lot on reports. Regards, Persio ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] [ANNOUNCE] WinPcap 4.0 has been released
Hi, Ahh crap, I thought Gerald was holding of until the new WinPcap. Hope he does that soon then. Thanx, Jaap On Tue, 30 Jan 2007, Jeff Morriss wrote: Note that WinPcap 4.0 didn't go in until rev 20622 which isn't up in the prerelease directory. Jaap Keuter wrote: Hi List, On the back of WinPCap 4.0 our fearless leader has made a new prerelease http://www.wireshark.org/download/prerelease/wireshark-setup-0.99.5pre2-20620.exe with a whole bunch of fixes and improvements. Lets give this installer a serious testdrive. Thanx, Jaap On Mon, 29 Jan 2007, Gianluca Varenni wrote: As of today, WinPcap 4.0 is available in the download section of the WinPcap website, http://www.winpcap.org/install/ . This software release contains major improvements to the kernel driver, which has been thoroughly reviewed (and partially rewritten). As a result, WinPcap 4.0 is extremely more reliable and stable than previous versions! The 4.0 version also adds the long awaited stable support for x64 platforms, including Windows XP and the upcoming Vista. Finally, this release includes support for the CACE Technologies Wireless AirPcap Adapters, the first open and affordable solution for Wi-Fi capture on the Windows platform. Full details of the changes can be found in the change log attached at the end of this message. As always, we profoundly thank all the users that tested the development versions of WinPcap 4.0, it would not have been possible without your help and precious suggestions. Thanks! Gianluca Varenni WinPcap Team Changelog from WinPcap 4.0 beta3 - Added support for Vista x64 by digitally signing all the binaries of the WinPcap distribution. - Better error handling in the installer - if the installation of the Microsoft Network Monitor Driver (NetMon) fails. - Improved the documentation layout and readability - updated the style sheet and migrated to Doxygen 1.5.1. = ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] Gdk-ERROR **: file gdkdisplay-win32.c: line 72 (wireshark 0.99.4 on windows server 2003)
Hi Jaap,
Thanks for your effort. I would like to say yes, you are right! NetOp is
the point!
And I start Wireshark on my virtual PC for hours, without problem!
Thanx,
Enyuan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jaap Keuter
Sent: Montag, 22. Januar 2007 16:51
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Gdk-ERROR **: file gdkdisplay-win32.c:
line 72 (wireshark 0.99.4 on windows server 2003)
Hi,
NetOp as in http://www.netop.com/netop-13.htm ??
That could be your culprit. My guess is it creates some virtual display
which totally freaks out GTK+.
Thanx,
Jaap
On Mon, 22 Jan 2007 [EMAIL PROTECTED] wrote:
Hi Jaap,
Thanks for your quick echo, and here are my answers to your inquires:
Q: Did you run Wireshark with a multimonitor setup before?
A: No.I installed it on the server, and I access the server only via
NetOp. I don't know how NetOp handles with Monitor-settings. I don't
know where it is exactly or do not know whether it has monitor, or how
many.
Q: And did you move certain windows to the secondary monitor?
A: No.
Hope it helps for debugging. If you need more information, let me
know.
Regards
Enyuan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jaap
Keuter
Sent: Montag, 22. Januar 2007 14:23
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Gdk-ERROR **: file gdkdisplay-win32.c:
line 72 (wireshark 0.99.4 on windows server 2003)
Hi,
Interesting. It sure seems like a GTK+ thing to me, getting confused
over
the monitors connected. Did you run Wireshark with a multimonitor
setup before? And did you move certain windows to the secondary
monitor?
Then maybe it's in the stored window positions and sizes found in
Document
and Settings\You\Application Data\Wireshark\recent.
Thanx,
Jaap
On Mon, 22 Jan 2007 [EMAIL PROTECTED] wrote:
Hi all,
Recently I installed wireshark 0.99.4 on windows server 2003 (EE
SP1),
and try to catch some packages, sometimes it runs into trouble with
the
following errors:
1)Gdk-ERROR **: file gdkdisplay-win32.c: line 72 (enum_monitor):
assertion failed: (*index _gdk_num_monitors)
Aborting...
Gdk-ERROR (recursed )**: file gdkdisplay-win32.c: line 72
(enum_monitor): assertion failed: (*index _gdk_num_monitors)
Aborting...
Then I have to click on OK on this message, then I get the
2)MS Visual C++ Run time Library --Runtime Error! Program: {empty}
Then i have to click on OK, afterwards Winshark disappears and
have
to
start it again, the filter options like host x.x.x.x or host
y.y.y.y
in caputure options, which I setup in the last caputure, disappears.
Sometimes it takes longer to get to this point.
I remember that I installed it with standard windows msi installer
and
default installation options.
I search the mail list and on the internet, it seems that no one has
reported such problem until now.
What could be? It is something with GTK+?
Best regards
Enyuan
___
Wireshark-users mailing list
Wireshark-users@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-users
___
Wireshark-users mailing list
Wireshark-users@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] Opening Acterna WAN capture files in wireshark
If you send in some files (binary and decoded text) we maybe able to reverse engineer the format and add support for them. On 1/30/07, Persio Pucci [EMAIL PROTECTED] wrote: Hello folks, is there a way to open in Wireshark files captured by an Acterna packet analyzer in a Frame Relay interface? Regards, Persio ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] Opening Acterna WAN capture files in wireshark
Give ProConvert a shot - http://www.wildpackets.com/products/free_utilities/proconvert/overview Thanks! _Raju On 1/30/07, Persio Pucci [EMAIL PROTECTED] wrote: Hello folks, is there a way to open in Wireshark files captured by an Acterna packet analyzer in a Frame Relay interface? Regards, Persio ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users -- May the packets be with you. ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] Opening Acterna WAN capture files in wireshark
Persio Pucci wrote: is there a way to open in Wireshark files captured by an Acterna packet analyzer in a Frame Relay interface? The list of file formats supported by Wireshark can be found at http://wiki.wireshark.org/FileFormatReference It doesn't explicitly list Acterna's format; unless it uses one of the formats listed there, Wireshark can't read it. In order to enhance Wireshark to read a file format that it currently doesn't read, somebody would need to write additional code to read that file format. This would require the author of that code to know what the file format is. If Acterna has documented the format, and you have that documentation, we could use that to write the code to read those files. We would need some capture files to test it. If they have *not* documented the format, we would have to reverse-engineer the format. As Luis Ontanon indicated, that would require that we have capture files - we'd probably want more than one file, so that we can look for patterns in the file format - as well as decoded versions of those files giving time stamps, packet content, etc. for the packets in those files. ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] [ANNOUNCE] WinPcap 4.0 has been released
Whoah there! :) I just copied WinPcap 4.0 into the 0.99.5 trunk, and plan on releasing 0.99.5pre2 later today. I'll send a message when it's ready. I'm hoping to have 0.99.5 final out on Thursday or Friday. Jaap Keuter wrote: Hi List, On the back of WinPCap 4.0 our fearless leader has made a new prerelease http://www.wireshark.org/download/prerelease/wireshark-setup-0.99.5pre2-20620.exe with a whole bunch of fixes and improvements. Lets give this installer a serious testdrive. Thanx, Jaap On Mon, 29 Jan 2007, Gianluca Varenni wrote: As of today, WinPcap 4.0 is available in the download section of the WinPcap website, http://www.winpcap.org/install/ . This software release contains major improvements to the kernel driver, which has been thoroughly reviewed (and partially rewritten). As a result, WinPcap 4.0 is extremely more reliable and stable than previous versions! The 4.0 version also adds the long awaited stable support for x64 platforms, including Windows XP and the upcoming Vista. Finally, this release includes support for the CACE Technologies Wireless AirPcap Adapters, the first open and affordable solution for Wi-Fi capture on the Windows platform. Full details of the changes can be found in the change log attached at the end of this message. As always, we profoundly thank all the users that tested the development versions of WinPcap 4.0, it would not have been possible without your help and precious suggestions. Thanks! Gianluca Varenni WinPcap Team Changelog from WinPcap 4.0 beta3 - Added support for Vista x64 by digitally signing all the binaries of the WinPcap distribution. - Better error handling in the installer - if the installation of the Microsoft Network Monitor Driver (NetMon) fails. - Improved the documentation layout and readability - updated the style sheet and migrated to Doxygen 1.5.1. = ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] Opening Acterna WAN capture files in wireshark
Hi, I'll give ProConverter a try to see if it works. also I'll forward to Luis a couple of files on its format, to see what is wrong. Thank you all. Persio On 1/30/07, Guy Harris [EMAIL PROTECTED] wrote: Persio Pucci wrote: is there a way to open in Wireshark files captured by an Acterna packet analyzer in a Frame Relay interface? The list of file formats supported by Wireshark can be found at http://wiki.wireshark.org/FileFormatReference It doesn't explicitly list Acterna's format; unless it uses one of the formats listed there, Wireshark can't read it. In order to enhance Wireshark to read a file format that it currently doesn't read, somebody would need to write additional code to read that file format. This would require the author of that code to know what the file format is. If Acterna has documented the format, and you have that documentation, we could use that to write the code to read those files. We would need some capture files to test it. If they have *not* documented the format, we would have to reverse-engineer the format. As Luis Ontanon indicated, that would require that we have capture files - we'd probably want more than one file, so that we can look for patterns in the file format - as well as decoded versions of those files giving time stamps, packet content, etc. for the packets in those files. ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] Opening Acterna WAN capture files in wireshark
Murali Raju wrote: Give ProConvert a shot - http://www.wildpackets.com/products/free_utilities/proconvert/overview I've added a link to the Wiki Tools and FileFormatReference pages. Regards, ULFL ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] [ANNOUNCE] WinPcap 4.0 has been released
Maybe I am a little late for that, but also, would that be possible to add IO graphs the possibility to select bits (kbps) to the Y axis? :D Hope I am not asking too much... or maybe 0.99.6 ;) On 1/30/07, Persio Pucci [EMAIL PROTECTED] wrote: Hey, maybe somebody asked for it already... but would that be possible to include in 0.99.5 a way to export IO graphs to any graphic file format (GIF, JPG, PNG, BMP, etc)? Persio On 1/30/07, Gerald Combs [EMAIL PROTECTED] wrote: Whoah there! :) I just copied WinPcap 4.0 into the 0.99.5 trunk, and plan on releasing 0.99.5pre2 later today. I'll send a message when it's ready. I'm hoping to have 0.99.5 final out on Thursday or Friday. Jaap Keuter wrote: Hi List, On the back of WinPCap 4.0 our fearless leader has made a new prerelease http://www.wireshark.org/download/prerelease/wireshark-setup-0.99.5pre2-20620.exe with a whole bunch of fixes and improvements. Lets give this installer a serious testdrive. Thanx, Jaap On Mon, 29 Jan 2007, Gianluca Varenni wrote: As of today, WinPcap 4.0 is available in the download section of the WinPcap website, http://www.winpcap.org/install/ . This software release contains major improvements to the kernel driver, which has been thoroughly reviewed (and partially rewritten). As a result, WinPcap 4.0 is extremely more reliable and stable than previous versions! The 4.0 version also adds the long awaited stable support for x64 platforms, including Windows XP and the upcoming Vista. Finally, this release includes support for the CACE Technologies Wireless AirPcap Adapters, the first open and affordable solution for Wi-Fi capture on the Windows platform. Full details of the changes can be found in the change log attached at the end of this message. As always, we profoundly thank all the users that tested the development versions of WinPcap 4.0, it would not have been possible without your help and precious suggestions. Thanks! Gianluca Varenni WinPcap Team Changelog from WinPcap 4.0 beta3 - Added support for Vista x64 by digitally signing all the binaries of the WinPcap distribution. - Better error handling in the installer - if the installation of the Microsoft Network Monitor Driver (NetMon) fails. - Improved the documentation layout and readability - updated the style sheet and migrated to Doxygen 1.5.1. = ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] Opening Acterna WAN capture files in wireshark
ProConvert did the job just fine, just to let you guys know. I am really glad I've found this forum, Wireshark is just a tremendous tool, light-years ahead of any other. I really pretend to help out on the forum, I just love this tool. Persio On 1/30/07, Ulf Lamping [EMAIL PROTECTED] wrote: Guy Harris wrote: Persio Pucci wrote: is there a way to open in Wireshark files captured by an Acterna packet analyzer in a Frame Relay interface? The list of file formats supported by Wireshark can be found at http://wiki.wireshark.org/FileFormatReference It doesn't explicitly list Acterna's format; unless it uses one of the formats listed there, Wireshark can't read it. ... If Acterna has documented the format, and you have that documentation, we could use that to write the code to read those files. We would need some capture files to test it I googled around if I can find some docs about that format but couldn't find anything. BTW: Acterna was bought by JDSU and was formerly Wavetek Wandel Goltermann / TTC, according to http://www.wildpackets.com/products/free_utilities/proconvert/file_types Regards, ULFL ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] Opening Acterna WAN capture files in wireshark
On Jan 30, 2007, at 4:13 PM, Ulf Lamping wrote: BTW: Acterna was bought by JDSU and was formerly Wavetek Wandel Goltermann / TTC, according to http://www.wildpackets.com/products/free_utilities/proconvert/file_types And, according to http://telephonyonline.com/backoffice/print/telecom_acterna_creates_new/ we have THE HISTORY OF ACTERNA 1923 - Communications test company Wandel Goltermann founded 1974 - TTC founded in 1974, becomes third largest communications test company 1998 - Wandel Goltermann merges with Wavetek, becomes WWG, second largest test company 1999 - WWG acquires ADA 2000 - Dynatech buys WWG, merges with TTC and changes name to Acterna. Acterna acquires Cheetah Technologies and so on. (Almost as much fun as watching telephone service providers thrashing in the US; there are probably some outside the US that have been as much fun to watch.) (For even more Acterna/JDSU historical fun, see http://www.lightreading.com/document.asp?doc_id=74450 .) That's why there are several file types for Acterna on the ProConvert file types page. The only one that lists WAN is Domino. BTW, their PVA-1000 VoIP Network Analysis Suite reads several different types of capture files: http://www.jdsu.com/test_and_measurement/products/descriptions/PVA-1000/index.html although they're using the old name for one of the file types (the one beginning with E rather than W :-)). ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
[Wireshark-users] bogus LLC header in UDP packet
Hi, I think I may have stumbled onto a wireshark bug (ethereal version 0.99.0, libpcap version 0.8.3 on RHEL4). An application on which I'm working is receiving UDP packets over gigabit Ethernet from some custom hardware. The packets have a fixed source and destination UDP port number, which we had set to 12001 and 12000, respectively. Wireshark shows an LLC header after the UDP header, which is simply not present; see first attachment (bad.pcap). In the process of poking around a bit, I changed the UDP port numbers to 12032 and 12048 in the pcap file, and wireshark no longer reported the LLC header; see second attachment (good.pcap). Unless I'm totally missing something about LLC (definite possibility), this looks like a bug in wireshark or libpcap. I'm not subscribed to this list, please send questions to me directly. -- Martin bad.pcap Description: Binary data good.pcap Description: Binary data ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
[Wireshark-users] Wireshark 0.99.5pre2 is now available
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wireshark 0.99.5pre2 is now available for testing. Source code and a Windows installer can be downloaded immediately from http://www.wireshark.org/download/prerelease/wireshark-0.99.5pre2.tar.gz http://www.wireshark.org/download/prerelease/wireshark-0.99.5pre2.u3p http://www.wireshark.org/download/prerelease/wireshark-setup-0.99.5pre2.exe This release includes several bug fixes. The Windows installer now ships with WinPcap 4.0. Please report any problems you find to the wireshark-dev mailing list or open a ticket at http://bugs.wireshark.org/ . Barring any problems, the final release will be out on February 1st or 2nd. File verification information: wireshark-0.99.5pre2.tar.gz: 13934469 bytes MD5(wireshark-0.99.5pre2.tar.gz)=5a22972741fcdc6486aad575d7b1a7d4 SHA1(wireshark-0.99.5pre2.tar.gz)=d19e025f938b51787929ca42b13e4700b7231b22 RIPEMD160(wireshark-0.99.5pre2.tar.gz)=a7bdac4e943997b446b9c89d843c185c2dbb7567 wireshark-0.99.5pre2.u3p: 22313263 bytes MD5(wireshark-0.99.5pre2.u3p)=20cb350d3d9895e68f850dc1dfc4107b SHA1(wireshark-0.99.5pre2.u3p)=13561e61a1eb1074ab3d6dc9649c946f34ef2aaa RIPEMD160(wireshark-0.99.5pre2.u3p)=83f4d19134d666c95c596b33de5a8abec1afc461 wireshark-setup-0.99.5pre2.exe: 18134567 bytes MD5(wireshark-setup-0.99.5pre2.exe)=c579f22e9f3fa17af442ef9bb760f384 SHA1(wireshark-setup-0.99.5pre2.exe)=8ffecbee0e22bf39b42fdf72785b388b90138d6c RIPEMD160(wireshark-setup-0.99.5pre2.exe)=d1b3a3e8b2d30ebb4fb751823639cd8908262196 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFv+dcpw8IXSHylJoRAlCjAJsHtX6EfEcB+dUqWEdp2JPi7bZxOACfaDRz /8kZSxaRxLADJgPyMT/HwxY= =r4nl -END PGP SIGNATURE- ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] [ANNOUNCE] WinPcap 4.0 has been released
Persio Pucci wrote: Hey, maybe somebody asked for it already... but would that be possible to include in 0.99.5 a way to export IO graphs to any graphic file format (GIF, JPG, PNG, BMP, etc)? Definitely not in the 0.99.5 - it's in the release process quite ahead. Any new feature will be implemented if some of the developers will find the time and motivation to implement it. So don't expect anything here soon... Regards, ULFL ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] [ANNOUNCE] WinPcap 4.0 has been released
On Tue, Jan 30, 2007 at 10:33:51PM -0200, Persio Pucci wrote: Maybe I am a little late for that, but also, would that be possible to add IO graphs the possibility to select bits (kbps) to the Y axis? :D Hope I am not asking too much... or maybe 0.99.6 ;) On 1/30/07, Persio Pucci [EMAIL PROTECTED] wrote: Hey, maybe somebody asked for it already... but would that be possible to include in 0.99.5 a way to export IO graphs to any graphic file format (GIF, JPG, PNG, BMP, etc)? Could you open a bug for these requests and mark it as an enhancement so it isn't forgotten? The URL is http://bugzilla.wireshark.org. Steve ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
Re: [Wireshark-users] bogus LLC header in UDP packet
Hi, According to RFC 2353 this decoding is correct. See paragraph 2.6.1. These UDP/TCP ports are assigned by IANA to this protocol. It is implemented as such in the LLC dissector. Thanx, Jaap On Tue, 30 Jan 2007, Martin Pokorny wrote: Hi, I think I may have stumbled onto a wireshark bug (ethereal version 0.99.0, libpcap version 0.8.3 on RHEL4). An application on which I'm working is receiving UDP packets over gigabit Ethernet from some custom hardware. The packets have a fixed source and destination UDP port number, which we had set to 12001 and 12000, respectively. Wireshark shows an LLC header after the UDP header, which is simply not present; see first attachment (bad.pcap). In the process of poking around a bit, I changed the UDP port numbers to 12032 and 12048 in the pcap file, and wireshark no longer reported the LLC header; see second attachment (good.pcap). Unless I'm totally missing something about LLC (definite possibility), this looks like a bug in wireshark or libpcap. I'm not subscribed to this list, please send questions to me directly. -- Martin ___ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
