joyce wrote:
> Thanks for your reply. What the "libpcap-format file header" looks like?
>
It looks like the first 24 bytes of a pcap-version file that your system
generates and that Wireshark *can* read. To undo the damage your system
did, if you have another log file from that system, you co
On Wed, Jan 03, 2007 at 03:25:43PM +0800, joyce wrote:
> Thanks for your reply. What the "libpcap-format file header" looks
> like?
See here:
http://wiki.wireshark.org/Development/LibpcapFileFormat
Steve
___
Wireshark-users mailing list
Wireshark-u
Hi Guy,
Thanks for your reply. What the "libpcap-format file header" looks like?
Regards
Joyce
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Guy Harris
Sent: Wednesday, January 03, 2007 2:44 AM
To: Community support list for Wireshark
Subject: Re: [Wire
Ok, actually I've never tried it. There's probably going to be some some
conflicts/collisions that you can't or, hopefully, can overcome.
On Tue, 2 Jan 2007 15:14:14 -0500, "Small, James"
<[EMAIL PROTECTED]> said:
> Hans,
>
> That's an interesting idea. I just tried it under XP SP2 (two laptops
VoIP calls is excellent for H.323 calls. However, is there any chance that the
start & end times could reflect the current settings in the main Wireshark
display for date & time.
It currently only displays based on seconds since the beginning of the capture.
It would be very useful to be able t
Hans,
That's an interesting idea. I just tried it under XP SP2 (two laptops
on same AP, same SSID/channel). However, even after disabling
gratuitous ARPs, I could not get both laptops to associate to the same
SSID on the same AP when I set the second monitoring laptop to have the
same MAC (tried
joyce wrote:
> My system will generate monitor log file in both
> ASCII(Monitor.log.1.zip) and pcap version(Monitor.pcap.1.9) as
> attached. Because the ASCII version log does suitable for extracting
> information, I use tshark to decode the pcap version file and so far
> works fine. Howev
Maybe you could change the MAC-address of the Wireless card (or bridge?)
to the MAC-address of the gateway in the network? That way your NIC will
accept all traffic going to and from the gateway (and you because you
have the same MAC-address). Because the MAC-adress in those packets is
the same as
Hi,
what do you mean with "... the program does not recognize any VoIP calls"?
You don't see any RTP packets?
Note that since RTP is an application layer protocol with dynamic port
assignments, it is not by default decoded in Wireshark,
unless ...
- the capture also contains the signalling traf
Yep--that's it. Thanks Guy.
Also, just for the record, I tried capturing under WinPcap under XP, SP2
both using the Microsoft Bridge and just using my wireless adapter in
non-promiscuous mode (Intel Pro Wireless 2200BG built-in to a Dell
Latitude D610).
My particular wireless card will only capt
10 matches
Mail list logo
