Wireshark · Ethereal-dev: Re: [Ethereal-dev] Bug in compressed sniffer file decode

Ethereal-dev: Re: [Ethereal-dev] Bug in compressed sniffer file decode

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Tue, 2 Sep 2003 21:44:05 -0700

On Wed, Sep 03, 2003 at 06:29:07AM +0200, Martin Regner wrote:
> If I renamed the file to Snif6.cap.gz and extracted the Snif6.cap with
> WinZip (that didn't complain that the file is corrupted) and opened the
> Snif6.cap file I got and then did as Greg wrote in his mail
> (filter+Reset) the file was correctly dissected even after
> filtering+Reset. 

It appears that .caz files might be using some feature(s) of the
compressed file format that WinZip understands but neither gunzip, zlib,
nor Stuffit Expander understand.

RFC 1952 describes "GZIP file format specification version 4.3"; I don't
know whether the feature(s) are documented in there or not.

Follow-Ups:
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Guy Harris

References:
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Martin Regner

Prev by Date: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Next by Date: Re: [Ethereal-dev] decode as SNMP
Previous by thread: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Next by thread: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Index(es):
- Date
- Thread