Wireshark · Ethereal-users: Re: [Ethereal-users] Using snoop with Ethereal

Ethereal-users: Re: [Ethereal-users] Using snoop with Ethereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Marco van den Bovenkamp <marco@xxxxxxxxxxxxxxxxxxx>

Date: Tue, 04 Jun 2002 10:53:49 +0200

Schlabach, Torsten wrote:

> - The snoop file will be transferred to a Windows NT box running
> Ethereal.
>
> Ethereal just refuses to open the snoop file saying that the file was
> not in a format that Ethereal understands.

Assuming for a moment that you used FTP to transfer it: you didn'tforget to use binary mode? The Windows FTP client defaults to ASCII(converting line endings), and the Snoop file isn't ASCII, so it'll getmunged.


> I have tried to look at the sample from the Ethereal Website
> (www.ethereal.com/samples, 3.) I can open that file on my PC without
> any problem, but I cannot open it in a text editor to compare it to
> the snoop file that I produced because it is somehow compressed. Just
> all decompression utilities I know about (uncompress, unzip, gunzip)
> cannot expand this.

It's not a text file, but a binary one. The format is documented in RFC1761.


		Regards,

			Marco.

References:
- [Ethereal-users] Using snoop with Ethereal
  - From: Schlabach, Torsten

Prev by Date: Re: [Ethereal-users] Using snoop with Ethereal
Next by Date: [Ethereal-users] Ethereal crash problem
Previous by thread: Re: [Ethereal-users] Using snoop with Ethereal
Next by thread: [Ethereal-users] Ethereal crash problem
Index(es):
- Date
- Thread