Rolf Fiedler said:
>>From what I learned, the timestamps in trace files are in GMT/UTC.
> I have 10:30 in my trace file and I live 1 hour east of Greenwhich. So
> Ethereal shows 11:30. However, at the moment I am two hours off
> Greenwich time, since daylight saving time is in effect. But ethereal
> does not care about "proper" timezone handling.
Ethereal knows nothing about time zones; it relies on the OS and/or C
library's code to handle them.
If a trace file has a time stamp that contains the number of seconds
between midnight GMT, January 1, 1970, GMT, and 10:30 UTC, {whatever the
date is supposed to be}, then, if Ethereal is not displaying that
correctly for your time zone, either
1) your machine's time zone is not configured correctly;
2) there's a bug in the time zone code in your OS.
If a trance file that has a time stamp that *doesn't* contain that value -
for example, if it's in the current time for the UK, with the DST offset
applied to UTC - then it won't display as 11:30 in the Western European
time zone.
> Where is the code that does this?
The code that formats the time stamp in the protocol tree is
"abs_time_to_str()", in "epan/to_str.c".
*HOWEVER*, it just calls "localtime()", which is part of the C library
(which comes with the OS in UN*Xes). There's nothing in
"abs_time_to_str()" itself that deals with time zones or daylight savings
time - that's done entirely by "localtime()", which isn't part of
Ethereal.
