I wanted to post here before clogging the bug tracker.
I'm running 1.2.2-22910 on a Windows Server 2003 box dedicated to
sniffing. I have captures running for weeks using dumpcap as well as
some in the GUI. My reason for posting is that the timestamps have
skewed in to the future. Right now I can send a packet to update my
capture and notice about a 4 minute difference between the time on the
box and the timestamp wireshark displays. This does carry over to other
systems when I open the files there.
Anyone heard of this. I think the best way to reproduce is to leave a
capture running for a day or so.
Thanks,
Lee
