Ethereal-dev: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
|
I created the caz file by performing a file/save as from within NAI Sniffer version 4.7. There are no problems opening or manipulating this file from within Sniffer. The only problems encountered are those with Ethereal. Should the Ethereal support for caz files be modified to extact the file to a temporary file for manipulation? Seems like the first extract/dissection works as desired.
Greg
>>> Guy Harris <guy@xxxxxxxxxxxx> 9/2/2003 10:44:05 PM >>>
On Wed, Sep 03, 2003 at 06:29:07AM +0200, Martin Regner wrote:
> If I renamed the file to Snif6.cap.gz and extracted the Snif6.cap with
> WinZip (that didn't complain that the file is corrupted) and opened the
> Snif6.cap file I got and then did as Greg wrote in his mail
> (filter+Reset) the file was correctly dissected even after
> filtering+Reset.
It appears that .caz files might be using some feature(s) of the
compressed file format that WinZip understands but neither gunzip, zlib,
nor Stuffit Expander understand.
RFC 1952 describes "GZIP file format specification version 4.3"; I don't
know whether the feature(s) are documented in there or not.
|
