Wireshark · Ethereal-dev: Re: [Ethereal-dev] Bug in compressed sniffer file decode

Ethereal-dev: Re: [Ethereal-dev] Bug in compressed sniffer file decode

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Fri, 5 Sep 2003 12:23:58 -0700


On Sep 3, 2003, at 2:35 PM, Gilbert Ramirez wrote:

\If you do this:

gzip -dc < Snif6.caz > Snif6.cap

then load Snif6.cap in ethereal, all 250 packets appear to be there,
*and* match the dissection of Snif6.caz (before it goes bad, that is).


What happens if you then do

	gzip Snif6.cap

mv Snif6.cap.gz Snif6.caz (on UNIX) or ren Snif6.cap.gz Snif6.caz (onWindows)


and try to read the resulting .caz file in a Sniffer?

If it works, presumably that means the Sniffer doesn't check theCRC-32. If it doesn't work, presumably that means that the Sniffer isusing some other CRC-32 algorithm.

Follow-Ups:
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Gilbert Ramirez
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Andreas Sikkema

References:
- [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Greg Morris
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Guy Harris
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Gilbert Ramirez

Prev by Date: Re: [Ethereal-dev] Question regarding performance
Next by Date: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Previous by thread: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Next by thread: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Index(es):
- Date
- Thread