Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: Re: [Wireshark-users] How to extract the user-defined header data from the captured file

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Fri, 6 Feb 2009 17:29:42 -0800


On Feb 6, 2009, at 3:20 PM, Abhik Sarkar wrote:


Hi Dinesh,

This is currently not possible, but I have submitted a patch
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3242) which might
make it possible.
Well, semi-possible, anyway. See the bug for details on why it doesn't work - and, if it adds additional header types when it sees them in the file, why it *can't* work - with TShark, and why it would be limited (for the same reason) in its use in Wireshark, and also see it for an alternative suggestion (which requires that the user explicitly tell Wireshark/TShark about those fields before it starts up).
  • References:
    • [Wireshark-users] How to extract the user-defined header data from the captured file
      • From: Appusamy Dinesh
    • Re: [Wireshark-users] How to extract the user-defined header data from the captured file
      • From: Abhik Sarkar
  • Prev by Date: [Wireshark-users] Wireshark 1.0.6 is now available
  • Next by Date: Re: [Wireshark-users] Wireshark 1.0.6 is now available
  • Previous by thread: Re: [Wireshark-users] How to extract the user-defined header data from the captured file
  • Next by thread: [Wireshark-users] Packet loss at file transition on multiple file ring buffer
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation