Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Wireshark-users: Re: [Wireshark-users] Wireshark and 2GB capture files

Date Index Thread Index Other Months All Mailing Lists

Date Prev Date Next Thread Prev Thread Next

From: <juan.wortley@xxxxxxx>
Date: Fri, 4 May 2007 10:02:05 -0500

Hi Alex,

I never used CentOS, however independently of the OS it is recommended not to grow up to much the files to keep them manageable. Otherwise it takes too much to process them.

Using multiple files when doing the capture and limiting them to lets say 100MB (or less) you can handle that more easily.

In case you need to see all together wireshark can reassemble the files automatically opening subsequent files together.

Juan

From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of ext Alex Lee
Sent: Viernes, 04 de Mayo de 2007 05:18 a.m.
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users] Wireshark and 2GB capture files

Hi –

I was just wondering if there was support for trace files larger than 2GB on x86 machines (CentOS 5) by any chance? And if so, how do you go about getting this to work?

2.6.18-8.1.3.el5

libpcap-devel-0.9.4-8.1

libpcap-0.9.4-8.1

wireshark-0.99.5

sorry, I’m new, so I apologize if I didn’t provide sufficient information.

Alex

Follow-Ups:
- Re: [Wireshark-users] Wireshark and 2GB capture files
  - From: Alex Lee

References:
- [Wireshark-users] Wireshark and 2GB capture files
  - From: Alex Lee

Prev by Date: [Wireshark-users] capture filter
Next by Date: Re: [Wireshark-users] capture filter
Previous by thread: [Wireshark-users] Wireshark and 2GB capture files
Next by thread: Re: [Wireshark-users] Wireshark and 2GB capture files
Index(es):
- Date
- Thread