Wireshark
the world's foremost network protocol analyzer
Wireshark-users: [Wireshark-users] 32768 bytes missing in capture file
From: Deepti Kumar <deepti_kumar47@xxxxxxxxx>
Date: Sat, 10 May 2008 00:04:21 -0700 (PDT)
| Hi, I have been trying to download a file of size 11MB using wget. I've run wireshark at the same time to capture the traffic. All this is done on the localhost and wireshark is therefore capturing on the lo interface. After the file transfer when i right click and see "Follow TCP Stream" and see the number of bytes exchanged, it is less than 11MB(no of bytes actually that should have been exchanged). I check the data in the display window of "Follow TCP Stream" and see that there are some bytes missing: >32768 bytes missing in capture file >[-32768 bytes missing in capture file] >[16384 bytes missing in capture file] My question is (1) why has wireshark not captured these files? (Note: The download gives me the complete file) (2) What are these negative values? Hoping someone would help me on this. Thanks in advance. |
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
- Follow-Ups:
- Re: [Wireshark-users] 32768 bytes missing in capture file
- From: Sake Blok
- Re: [Wireshark-users] 32768 bytes missing in capture file
- Prev by Date: [Wireshark-users] tshark html page data
- Next by Date: [Wireshark-users] logging of "PPP LCP Echo Reply" packets into syslog
- Previous by thread: [Wireshark-users] Filter all messages belonging to the same call...
- Next by thread: Re: [Wireshark-users] 32768 bytes missing in capture file
- Index(es):