The issue there is that you'll need a buffer whose size is
indeterminate (you can get way more than 4 packets in 2ms).
So the buffer should adjust.
BTW if you add a parameter for the time window it would be certainly
more useful.
On Fri, Nov 28, 2008 at 4:13 AM, Petr Janata <janata@xxxxxx> wrote:
> Stephen Fisher napsal(a):
>> On Thu, Nov 27, 2008 at 11:43:58PM +0100, Petr Janata wrote:
>>
>>
>>> I am traiyng to modify editcap, because there is parameter '-d' for
>>> skipping duplicate packets. I am going to filter those packets witche
>>> have time interval less then 2ms. Do you have any idea?
>>>
>>
>> According to editcap's man page, "the length and MD5 sum of the MD5 sum
>> of the current packet are compared to the previous four packets." Do
>> you want to change this to 2ms instead?
>>
>>
>> Steve
>>
>> _______________________________________________
>> Wireshark-dev mailing list
>> Wireshark-dev@xxxxxxxxxxxxx
>> https://wireshark.org/mailman/listinfo/wireshark-dev
>>
> If I compare MD5 checksum I can find duplicate packets. I 'd like to add
> new parameter '-di' into the editcap. The algorithm skip only pakets
> that are duplicated and also the time interval betwean them is less than
> 2ms.
>
> Petr
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> https://wireshark.org/mailman/listinfo/wireshark-dev
>
--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
