Siterer Joerg Mayer <jmayer@xxxxxxxxx>:
On Fri, Sep 07, 2007 at 12:23:54AM +0200, Aleksander Veksler wrote:
Anyone have tips on how you loose a few bytes? I get 12 bytes between
the Ethernet header and IP header. This means that wireshark does not
recognize the IP header as, and I can't use any of the wireshark's
advanced features.
Anyone know how to get rid of those bytes, or perhaps what they are?
* My card is Intel Pro/Wireless 3945ABG
* The wireless switch is D-Link DIR-635
* The problem only happens in promiscuous mode, and only to the
packets not directed to my computer
* I attach picture of a window of a sample http packet
* Please help :)
Actually it looks like this packet might have a third mac at the beginning:
Is the length of 02 d7 really correct? Sending a packet would have
helped more than the image you sent and have been smaller.
After the third mac it looks to me that there is an ordinary LLC/SNAP
header.
The LLC dissector attempted to dissect the first 4 bytes, right after
ethernet length. Again, I will have to send full data on Monday.
Thank you for the help!
Ciao
Joerg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
