Comment # 4
on bug 8349
from Erik Hjelmvik
(In reply to comment #3)
> The important question is: how was this file generated? What steps were
> taken?
The pcapng file was most likely created as you described, i.e. by sniffing,
filtering and saving the file. I.e. traffic to/from "iPhone-von-b1.local" and
"iPhone-von-Gurkan.local" was most likely captured and then removed via
filtering.
> The fix does not prevent unused names from being in the capture file, it
> only causes Wireshark's name resolution database to be flushed when a file
> is closed.
That's too bad. Seems as if there is a need for a new fix, which would remove
any NRB entries for IPs that aren't in the frames being saved to disk.
> So, for example, you could generate a PCAPNG file with an NRB
> that contains host names not in the file by:
>
> 1) Getting some traffic (capturing or opening an existing file).
> 2) Resolving the network names.
> 3) Filtering out some traffic--in particular the traffic that has the
> network names resolved.
> 4) Doing an File->Export Specified Packets with the Displayed box selected.
You are receiving this mail because:
- You are watching all bug changes.
