Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-users: Re: [Wireshark-users] Req: Information regarding wireshark file logging

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: surabhi pandey <eshi14@xxxxxxxxx>
Date: Wed, 2 Jun 2010 13:06:45 +0530
Hi Douglas,

Thanks for your reply(about wireshark), it was really helpful ...

and about my name its good that u likd the movie (although i suppose it dint do good in India ) anyways I think u meant The Ballad of Mangal Pandey...(dunno if he was my grt grand fathr lol) !!!

On Mon, May 31, 2010 at 1:02 PM, Douglas Ross <doug_ross_59@xxxxxxxxxxx> wrote:
Hi Surabhi,
 
Wireshark Documentation Appendix A "Files and Folders" gives some explanation.
 
Here is an extract:
"

Wireshark uses the libpcap file format as the default format to save captured packets; this format has existed for a long time and it's pretty simple. However, it has some drawbacks: it's not extensible and lacks some information that would be really helpful (e.g. being able to add a comment to a packet such as "the problems start here" would be really nice).

In addition to the libpcap format, Wireshark supports several different capture file formats. However, the problems described above also applies for these formats.

"
 
and:
"
A detailed description of the libpcap file format can be found at: http://wiki.wireshark.org/Development/LibpcapFileFormat
"
I use the default wireshark file (format).
When I access these files with my own software on Windows O/S, I open them in binary format, as they are not recognised as text files. The first 24 bytes of each file have special information to identify it as libpcap file format, and some other basic info. like GMT...
 
 
I hope this helps.
Good luck.
 
Regards
Doug
 
btw your name has a special significance, I think.
A few years ago I saw "The Ballad Of Mandel Pandey". I was the ONLY person in the cinema (an afternoon in Melbourne, Australia).
It was a very moving story for me "a Britisher", born in India in the year of independence.
From: surabhi pandey <eshi14@xxxxxxxxx>
To: wireshark-users@xxxxxxxxxxxxx
Sent: Mon, 31 May, 2010 2:15:19 PM
Subject: [Wireshark-users] Req: Information regarding wireshark file logging


Hi ,
I want to know how the wireshark captured file are stored (i.e) in which format is it stored , whether a live capture is stored temporarily in a file or is it stored in some database. If in the file than what is the file format it uses.
Thank you ... 
--
---

 

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe



--
---
restless14.wordpress.com
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube