Wireshark-dev: Re: [Wireshark-dev] Unable to open OpenVMS tcptrace
From: "Abhik Sarkar" <[email protected]>
Date: Fri, 12 Oct 2007 02:46:26 +0400
Thanks a lot Bill! I was working on this myself and found out already that commenting out the ascend_open item in open_routines_base[] in wiretap/file_access.c helps solve the problem and hence the conflict must lie with that code.

I have updated by SVN copy, recompiled and tested (on Windows) and it is now detecting the files properly!

Point taken about opening a bug the next time... but many thanks for fixing this so quickly anyway!

Best regards,

On 10/12/07, Bill Meier <[email protected]> wrote:
Abhik Sarkar wrote:
> For a few versions now (since 0.99.5), I have been unable to open
> OpenVMS tcptrace files using Wireshark. A sample file is attached. In
> some cases, the File Open dialog preview shows is as an invalid Endance
> ERF file, sometimes an invalid Lucent/Ascend format and so on.
> I guess it is because the heuristics of one wiretap file format reader
> is better than the others in case of plain text files. Is there some way
> this can be improved or it there something wrong with the capture itself?

I've tightened the heuristic used to identify Lucent/Ascend capture
files so that now your example capture is no longer identified as a
Lucent/Ascend file but is correctly identified as a VMS TCPIPTRACE
capture file.

The fix will be available once 0.99.7 is released (or you can obtain or
build a Wireshark development version: SVN #23152 or newer).

If you have examples of other VMS TCPIPTRACE files which are
mis-identified (eg: as an ERF file), please let us know.
(Note that the code to process capture ERF files has very recently been
changed so it's possible that the situation has already improved in this

[For future reference: please use the Wireshark bugzilla
(bugs.wireshark.org) to report problems and provide example capture files].



Wireshark-dev mailing list
[email protected]