There is a captured pcap file which appears to be corrupt:
tshark: The file "file.pcap" appears to be damaged or corrupt.
(pcap: File has 20447488-byte packet, bigger than maximum of 262144)
I tried to remove that packet from the trace with:
tshark -r filet.pcap -R "ip.len<=64555" -2
but I get the same error:
0.000000 CS0 172.19.0.1 → 228.6.7.8 UDP 47549 46655 114 47549 → 46655 Len=86
...
22622.071058 CS0 172.19.0.1 → 239.255.255.250 SSDP 52107 ssdp 200 M-SEARCH * HTTP/1.1
tshark: The file "file.pcap" appears to be damaged or corrupt.
(pcap: File has 20447488-byte packet, bigger than maximum of 262144)
Is there a workaround to sanitize the trace?