On Jul 17, 2009, at 10:21 PM, Joshua (Shiwei) Zhao wrote:
> I did try to set the limit to big value, such as 200 or even 400
> bytes, but it still fails.
For *any* network, including Ethernet, the only way to be *guaranteed*
not to get *any* "Packet size limited during captures" exceptions is
to set the limit to a value greater than or equal to the MTU on the
network plus the largest possible link-layer header - and bear in mind
that, if you're capturing with radio headers, "the link-layer header"
includes the radio information, so "the largest possible link-layer
header" means "the largest possible {radiotap,AVS,Prism} header
followed by the largest possible 802.11 header".
And, again, as I said, "it will throw an exception if the packet was
bigger than XX bytes and Wireshark tries to dissect all the bytes in
the packet" - it could well be that all 400 bytes are stuff that
Wireshark will dissect.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe
