https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
simon.leg...@gmail.com changed:
What|Removed |Added
CC||simon.leg...@gmail.com
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
fowl changed:
What|Removed |Added
CC||wireshar...@fowlsmurf.net
--
You are
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
Bug 15104 depends on bug 16031, which changed state.
Bug 16031 Summary: Netsh .etl files are treated as i4b, PacketLogger, or JSON
files
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16031
What|Removed
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
Guy Harris changed:
What|Removed |Added
Depends on|6694|
Referenced Bugs:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
Guy Harris changed:
What|Removed |Added
Depends on||16031
Referenced Bugs:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
Guy Harris changed:
What|Removed |Added
Ever confirmed|0 |1
Status|RESOLVED
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
Michael Mann changed:
What|Removed |Added
Resolution|--- |DUPLICATE
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
--- Comment #8 from Niklas E ---
(In reply to Peter Wu from comment #6)
> Do you have an example packet capture file?
>
> I think that Dario looked into this (or it was on his wishlist), adding him
> in cc.
I don't have a sandbox
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
--- Comment #7 from Dario Lombardo ---
> Which libraries on, for example, macOS and Linux have those APIs?
They don't. My idea is to write an extcap that uses those native APIs (on
windows only) that read the events and write a pcap
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
Peter Wu changed:
What|Removed |Added
Component|Dissection engine |Capture file support
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
Niklas E changed:
What|Removed |Added
Depends on||6694
--- Comment #5 from Niklas E
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
--- Comment #4 from Guy Harris ---
(In reply to Niklas E from comment #2)
> There is no public specification, but I was told to use APIs to read the
> events from the .etl file. Perhaps those could be used?
>
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
--- Comment #3 from Niklas E ---
Also if you do this you would get .etl and .cap of same session:
netsh trace start capture=yes filemode=circular maxsize=1024
tracefile=c:\%computername%.etl
netsh trace stop
Open Message Analyzer
Open
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
--- Comment #2 from Niklas E ---
There is no public specification, but I was told to use APIs to read the events
from the .etl file. Perhaps those could be used?
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
Guy Harris changed:
What|Removed |Added
Severity|Normal |Enhancement
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15104
Niklas E changed:
What|Removed |Added
CC||raven...@hotmail.com
16 matches
Mail list logo
