Wireshark-dev: Re: [Wireshark-dev] Absolute arrvial time of packet in wireshark
From: Anders Broman <[email protected]>
Date: Thu, 26 Jun 2014 14:02:26 +0000


If you are talking about the packet timestamps they are delivered by Winpcap together with the packet data in case of real time capturing.

Google “winpcap time stamps” for further reading.




From: [email protected] [mailto:[email protected]] On Behalf Of Vishnu Bhatt
Sent: den 26 juni 2014 15:47
To: [email protected]
Subject: [Wireshark-dev] Absolute arrvial time of packet in wireshark




I need to know how does Wireshark gets the absolute arrival time of a packet in windows system? I saw in the code and found that GetSystemTimeAsFileTime() is used to get the system time in windows but the code at that point doesn’t hit. From where is the time being taken by Wireshark while capturing?


Any help would be appreciated.



