What works:- the first file I opened was a 50+MB file generated with NTAR. Real ethernet packets coming from a custom board. Wireshark opened the trace without any problem, and the decoded packets made perfectly sense. YAY!
What doesn't work: - timestamps are wrong. There are two problems here:1. the IDB option for the timestamp precision is not decoded, and I was generating timestamps with nanosecond precision. 2. timestamps are not in the libpcap fashion (seconds and microseconds, or seconds and nanoseconds). It's a single 64bit quantity that is split into high and low 32bits.
Have a nice day GV
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
