http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1528
Summary: unable to load ulog pcap dumps
Product: Wireshark
Version: 0.99.5
Platform: PC
OS/Version: Linux
Status: NEW
Severity: Major
Priority: Low
Component: TShark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: fpeters@xxxxxxxxxx
Build Information:
TShark 0.99.5
Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GLib 2.12.6, with libpcap 0.9.5, with libz 1.2.3, with libpcre
6.7, without Net-SNMP, with ADNS, without Lua, with GnuTLS 1.4.4, with Gcrypt
1.2.3, without Kerberos.
Running on Linux 2.6.20.6, with libpcap version 0.9.5.
Built using gcc 4.1.2 20061115 (prerelease) (Debian 4.1.1-21).
--
Forwarded from http://bugs.debian.org/418275 :
ulogd outputs packet to a pcap file. I think this file is kind of truncated
because ulogd keeps updating it. Although the attached file was copied while
network was down.
tcpdump loads it fine. But tshark/wireshark don't.
tshark -nr pcap.log
tshark: "pcap.log" appears to be damaged or corrupt.
(pcap: File has 3145728-byte packet, bigger than maximum of 65535)
Maybe the file is really corrupted or inconsistent, but tcpdump
is able to decode it without errors.
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
