Wireshark-dev: [Wireshark-dev] Problem in wireshark pcap
From: "prashanth s" <[email protected]>
Date: Thu, 27 Nov 2008 02:41:00 +0530
I am capturing the HTTP traffice on wireshark. However for HTTP POST messages I get in the Protocol Column of wireshark display, IP as the protocol name. And Info column of wireshark reads as "Bogus IP length (0, less than header length 20). Destination reads like "Sonicwal_**:**:** "
And HTTP POST is actually seen under the tree node "Trailer" under  the subtree "Ethernet II "
It should actually be decoding as TCP and under TCP it should be HTTP. Instead I am seeing IP.
However this has been happening after I installed windows. Earlier I used to have linux. I never faced any such problems in captured file.
What may be the problem behind this?
If any of you could you assist me with your answers it would be great for me.