Ask Your Question
0

wireshark didn't follow the timezone of my system

asked 2022-12-13 04:18:37 +0000

walkerxk gravatar image

my timezone is UTC+08:00 https://i.imgur.com/gAUPVni.png

but wireshark didn't follow the timezone of my system,just display time of utc https://i.imgur.com/CA58mEo.gif

https://www.makemusic-asia.com/c.pcap

edit retag flag offensive close merge delete

Comments

How about just a screenshot, rather than a movie, so we don't have to pause the movie to see what's happening?

Guy Harris gravatar imageGuy Harris ( 2022-12-13 22:55:53 +0000 )edit

image description

TZ is Asia/Shanghai

image description

timestamp is 1671250750 time should be 2022-12-17 12:19:10 not 2022-12-17 04:19:10

image description

walkerxk gravatar imagewalkerxk ( 2022-12-17 04:39:21 +0000 )edit
add a comment

1 Answer

Sort by » oldest newest most voted
0

answered 2022-12-13 09:40:54 +0000

SYN-bit gravatar image

Wireshark looks for the TZ environment variable to use as a timezone, this will overrule the system setting. Do you by any chance have a TZ variable on your system?

sake@MacAir13:~/_tmp$ tshark -ta -c 1 -r c.pcap 
    1 04:46:52.951583 117.149.20.209 → 124.239.228.16 TCP 68 61042 → 80 [SYN] Seq=0 Win=42340 Len=0 MSS=1460 SACK_PERM=1 WS=2048
sake@MacAir13:~/_tmp$ TZ=Europe/Dublin tshark -ta -c 1 -r c.pcap 
    1 03:46:52.951583 117.149.20.209 → 124.239.228.16 TCP 68 61042 → 80 [SYN] Seq=0 Win=42340 Len=0 MSS=1460 SACK_PERM=1 WS=2048
sake@MacAir13:~/_tmp$ TZ=Europe/Athens tshark -ta -c 1 -r c.pcap 
    1 05:46:52.951583 117.149.20.209 → 124.239.228.16 TCP 68 61042 → 80 [SYN] Seq=0 Win=42340 Len=0 MSS=1460 SACK_PERM=1 WS=2048
sake@MacAir13:~/_tmp$
edit flag offensive delete link more

Comments

Also: if the TZ is set to a value that is not understood or invalid, the system will treat this as it was set to UTC.

André gravatar imageAndré ( 2022-12-13 21:40:06 +0000 )edit

TIL!

Hmmm... I would expected it to default back to the timezone from the system settings. Good to know, thanks!

SYN-bit gravatar imageSYN-bit ( 2022-12-14 14:04:11 +0000 )edit

6@18:48:22#xiakai1@tp/download> /cygdrive/d/program/wireshark/tshark -ta -c1 -r 21478.pcap 1 10:13:10.592133 10.21.239.12 → 10.21.239.12 TCP 68 21478 → 800 [SYN] Seq=0 Win=43690 Len=0 MSS=65495 SACK_PERM WS=2048 6@18:48:36#xiakai1@tp/download> TZ=ASIA/Shanghai /cygdrive/d/program/wireshark/tshark -ta -c1 -r 21478.pcap 1 10:13:10.592133 10.21.239.12 → 10.21.239.12 TCP 68 21478 → 800 [SYN] Seq=0 Win=43690 Len=0 MSS=65495 SACK_PERM WS=2048 6@18:48:57#xiakai1@tp/download> TZ=Europe/Dublin /cygdrive/d/program/wireshark/tshark -ta -c1 -r 21478.pcap 1 10:13:10.592133 10.21.239.12 → 10.21.239.12 TCP 68 21478 → 800 [SYN] Seq=0 Win=43690 Len=0 MSS=65495 SACK_PERM WS=2048 6@18:49:19#xiakai1@tp ...(more)

walkerxk gravatar imagewalkerxk ( 2023-04-23 10:50:43 +0000 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2022-12-13 03:58:17 +0000

Seen: 140 times

Last updated: Dec 17 '22

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2