Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] wireshark 3.2.x-3.3.x zstandard brotli compress and decompre

From: Pascal Quantin <pascal@xxxxxxxxxxxxx>
Date: Fri, 10 Jan 2020 16:34:56 +0100
Hi Kem,

Le ven. 10 janv. 2020 à 16:31, Kem Okonkwo <kem.okonkwo@xxxxxxxxxxxxxxxxxxxx> a écrit :
Hello,

I compiled wireshark 3.3.xdev build with all the zstandard, brotli and snappy  devel libs, but when I go to use wireshark to read/open a zstd/brotli compressed file like a gzip compressed file. I get the error message below:-

09:51:30.868     Main Warn 0 duplicates of "The file "eth7_catch-all_20190701-0062.pcap.zst" isn't a capture file in a format Wireshark understands." were suppressed
10:26:35.078     Main Warn 0 duplicates of "The file "forkem.pcap.br" isn't a capture file in a format Wireshark understands." were suppressed

I am able to read a compressed pcap.gz file. Is the functionality possible within wireshark for zst and br extensions, if so where do I enable it.

The zstd or brotli support is for some specific protocols using those compression schemes, not for capture files.

Best regards,
Pascal.


Cheers,

Kem

run/wireshark -v
Wireshark 3.3.0rc0-274-g3b781dbab5f2 (Git commit 92aa1c6d4b69)

Copyright 1998-2020 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.12.5, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.62.4, with zlib 1.2.11, with SMI 0.4.8, with c-ares
1.15.0, without Lua, with GnuTLS 3.6.11 and PKCS #11 support, with Gcrypt 1.8.5,
with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.39.2, with brotli,
with LZ4, with Zstandard, with Snappy, with libxml2 2.9.10, with QtMultimedia,
with SpeexDSP (using bundled resampler), without SBC, with SpanDSP, without
bcg729.

Running on Linux 5.3.16-300.fc31.x86_64, with Intel(R) Core(TM) i7-7700K CPU @
4.20GHz (with SSE4.2), with 31988 MB of physical memory, with locale
en_US.UTF-8, with libpcap version 1.9.1 (with TPACKET_V3), with GnuTLS 3.6.11,
with Gcrypt 1.8.5, with brotli 1.0.7, with zlib 1.2.11, binary plugins supported
(0 loaded).

Built using gcc 9.2.1 20190827 (Red Hat 9.2.1-1)

run/tshark -v
TShark (Wireshark) 3.3.0rc0-274-g3b781dbab5f2 (Git commit 92aa1c6d4b69)

Copyright 1998-2020 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.62.4, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.15.0, without
Lua, with GnuTLS 3.6.11 and PKCS #11 support, with Gcrypt 1.8.5, with MIT
Kerberos, with MaxMind DB resolver, with nghttp2 1.39.2, with brotli, with LZ4,
with Zstandard, with Snappy, with libxml2 2.9.10.

Running on Linux 5.3.16-300.fc31.x86_64, with Intel(R) Core(TM) i7-7700K CPU @
4.20GHz (with SSE4.2), with 31988 MB of physical memory, with locale
en_US.UTF-8, with libpcap version 1.9.1 (with TPACKET_V3), with GnuTLS 3.6.11,
with Gcrypt 1.8.5, with brotli 1.0.7, with zlib 1.2.11, binary plugins supported
(0 loaded).

Built using gcc 9.2.1 20190827 (Red Hat 9.2.1-1).
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe