On Dec 3, 2015, at 3:12 PM, Guy Harris <guy@xxxxxxxxxxxx> wrote:
> On Dec 3, 2015, at 2:53 PM, Richard Kinder <rkinder@xxxxxxxxxxxxx> wrote:
>
>> From what I can see, peektagged has no TSF timestamp
>
> The "Peek tagged" format (to use WildPackets^WSavvius's name for it) *does* support TSF time stamps;
Sorry, my mistake. What we currently parse are tags for the upper and lower 32 bits of "the time when the packet arrived", not any tags for the TSF time stamp. 0x000C and 0x000D *might* be a TSF time stamp, but, without a capture where *Peek identifies something as the TSF time stamp and gets the values from those two tags, we don't know that for sure.
If you can identify any of the unknown tag values (at least some of which we're pretty sure we know, but others are mysteries), that would be nice.
