Wireshark · Ethereal-dev: Re: [Ethereal-dev] Bug in compressed sniffer file decode

Ethereal-dev: Re: [Ethereal-dev] Bug in compressed sniffer file decode

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Gilbert Ramirez <gram@xxxxxxxxxxxxxxx>

Date: Wed, 03 Sep 2003 21:35:52 -0000

On Tue, 2003-09-02 at 18:16, Guy Harris wrote:
> 
> On Tuesday, September 2, 2003, at 4:03 PM, Greg Morris wrote:
> 
> > When attempting to decode a NAI Sniffer file CAZ.
> 
> ".caz" files are, allegedly, just gzipped ".cap" files (or, rather, 
> ".cap" files compressed using gzip format; I don't know whether they're 
> using gzip code).
> 
> However, if I rename that file to "snif6.cap.gz", and try to gunzip it, 
> I get
> 
> 	gunzip: snif6.cap.gz: invalid compressed data--crc error
> 

If you do this:

gzip -dc < Snif6.caz > Snif6.cap

then load Snif6.cap in ethereal, all 250 packets appear to be there,
*and* match the dissection of Snif6.caz (before it goes bad, that is).

--gilbert

Follow-Ups:
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Gilbert Ramirez
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Guy Harris

References:
- [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Greg Morris
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Guy Harris

Prev by Date: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Next by Date: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Previous by thread: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Next by thread: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Index(es):
- Date
- Thread