| 2022-05-29 09:12:53 +0000 | received badge | ● Famous Question (source) |
| 2020-05-20 14:03:26 +0000 | received badge | ● Notable Question (source) |
| 2020-05-20 14:03:26 +0000 | received badge | ● Popular Question (source) |
| 2018-10-14 06:22:58 +0000 | marked best answer | Wireshark does not correctly display timestamps in pcapng files written by ASG-TMON for TCP/IP I have been tasked with adding a feature to our TCP/IP monitor product, which runs under z/OS on IBM mainframes, that will allow a user create a PCAPng file from packet trace data provided by the TCP/IP stack being monitored. The product also allows the user to create a PCAPng file from an existing z/OS packet trace file. The feature works quite well, but I have recently discovered that something is amiss with the timestamp in the EPB. The time stamp is a 64-but unsigned binary number taken from the z/architecture TOD clock (sometimes called the STCK time). In Wireshark, if I choose one of the "Seconds since" time formats, the time displayed looks reasonable. However, if I choose a date and time of day format, the time field is blank. I am using Wireshark Version 2.6.2 (v2.6.2-0-g1b3cedbc). I'm confident that the timestamp field is being correctly populated with the timestamp from the packet trace header, suggesting that Wireshark is expecting something different from what I am giving it. I need to know what Wireshark expects to see. Can anyone help? |
| 2018-08-02 18:29:26 +0000 | answered a question | Wireshark does not correctly display timestamps in pcapng files written by ASG-TMON for TCP/IP The solution was two-fold: (1) Adjust the TOD clock time to epoch time (2) Shift the result right by 12 bits. The shif |
| 2018-07-31 15:26:39 +0000 | commented answer | Wireshark does not correctly display timestamps in pcapng files written by ASG-TMON for TCP/IP In the response provided by mrEEde, how did you calculate the epoch time? I understand the epoch begins in 1970. |
| 2018-07-27 17:53:49 +0000 | commented answer | Wireshark does not correctly display timestamps in pcapng files written by ASG-TMON for TCP/IP Fantastic response. Much obliged for your effort. Thanks. |
| 2018-07-26 12:01:35 +0000 | commented question | Wireshark does not correctly display timestamps in pcapng files written by ASG-TMON for TCP/IP In the CTE, the time stamp is at offset 28 |
| 2018-07-26 11:24:26 +0000 | commented question | Wireshark does not correctly display timestamps in pcapng files written by ASG-TMON for TCP/IP This is the IDB as it currently stands. Originally I had no TSresol option. Since adding it, I have tried base 2 and b |
| 2018-07-26 11:19:08 +0000 | commented question | Wireshark does not correctly display timestamps in pcapng files written by ASG-TMON for TCP/IP This is an EPB as it appears in the PCAPng file I create. The time has been adjusted to make it relative to 1970. ---- |
| 2018-07-26 11:18:24 +0000 | received badge | ● Rapid Responder (source) |
| 2018-07-26 11:18:24 +0000 | answered a question | Wireshark does not correctly display timestamps in pcapng files written by ASG-TMON for TCP/IP This is an EPB as it appears in the PCAPng file I create. The time has been adjusted to make it relative to 1970. ---- |
| 2018-07-25 18:26:05 +0000 | asked a question | Wireshark does not correctly display timestamps in pcapng files written by ASG-TMON for TCP/IP Wireshark does not display timestamp correctly I have been tasked with adding a feature to our TCP/IP monitor product, w |
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.