grahamb's profile - activity

Works for me. Profinet is provided by a plugin dissector, I suspect the tshark instance you're running somehow doesn't

Unknown protocol -- "pn_rt" i am in linux environment ,when i run command below [[email protected] test]$ tshark -r

tshark version info?

why protocol result is 0x8892 not PNIO-PS in linux environment if user/test the column protocol is 0x8892 [[email protected]

Possibly different configurations per user, are you sure they are running the same tshark binary?

"use test or root" what are are test and root, different captures?

why protocol result is 0x8892 not PNIO-PS my command is: tshark -r test.pcapng -Y "eth.addr==00:60:65:16:4f:22 &&

And possibly the Wayback Machine and whatever other TLA organisations have cached it.

Unable to capture packets on Surface Mobile Broadband adaptor Some info: Driver version: 12.35.25.169 Windows version:

Unable to capture packets on Surface Mobile Broadband adaptor Driver version: 12.35.25.169 Windows version: Windows

System performance might be a reason for the differences.

The issue is the granularity of the timestamping mechanism used by the capture library, in this case npcap, and the gran

output: # tshark -v TShark 1.10.14 (Git Rev Unknown from unknown)

Hex string of what, the whole packet, or a portion of it? Note that it's likely that every packet is different, so ther

If you're dropping packets with IP tables, the DDoS attack is already hitting that system, you need to take action furth

Display filters only operate on the information in a single frame, to decide whether that frame should be displayed or n

You might also post to the dev mailing list, see here.

Your question doesn't make sense. A pcap is a file containing captured traffic, it can't be used to patch anything. Ma

Re the profile and -C <config profile>, to copy settings from the newer version on the mac to the older version on

What have you tried?

The <config profile> is actually a directory named after the profile that contains the profile specific versions o

So using npcap 1.10. There is an old closed issue on their tracker here discussing timestamping that might help. Regar

Hi, Thank you for the replies. Here is the capture from wireshark: 3.4.4 (v3.4.4-0-gc33f6306cbb2) Compiled (64-bit) w

You haven't created an additional interface, you've just added an IP, so the interfaces list in Wireshark will still sho

Wireshark displays (and calculates) times using the values in the capture file. The times in the capture file are place

I don't know if this is causing the issue, but Wireshark always does a 2-pass dissection and tshark, by default, only do

How do the IP packets get to a UART? If you don't want to disturb the network, then use a separate network tap and a sy

You're still running an outdated version of npcap (from your info: with Npcap version 0.995). The new install of 3.4.4

now the version is 3.4.4 but it is the same. Version 3.4.4 (v3.4.4-0-gc33f6306cbb2) Copyright 1998-2021 Gerald Combs

no interfances found I opened the wireshark then no interfaces found. I click about wireshark but there is no dialog. th

Do you have a preceding call to add the item to the tree as well? Again, look at how the tcp dissector does it in packe

You use the return value from proto_tree_add_item() as the argument for the PROTO_ITEM_SET_HIDDEN() call, e.g. txxx = p

You're running quite an old version of Wireshark that is no longer supported (see the Wiki LifeCycle page). You're also

About details: Version 3.0.3 (v3.0.3-0-g6130b92b0ec6) Copyright 1998-2019 Gerald Combs <[email protected]> a

I thought the download area used to have .asc or .sig files, but I may be imagining that. The announcement of each vers

I'm not entirely sure your file will show up here, but you can try from the menu, File -> Export Objects -> HTTP .

From the menu, File -> Export Objects -> HTTP ... and then select the object. More info in the User Guide here.

For the current release it's as detailed on the download page, in the "Verify Downloads" section. Note that all the ins

For the current release it's as detailed on the download page, in the "Verify Downloads" section.

The issue is likely to be in your code, it's used extensively in the codebase, e.g. packet-tcp.c where among other thing

@hugo.vanderkooij, that's why I asked the "about" contents, it shows us what the user has installed.

Reset of FTP data transfer Hi all, I'm troubleshooting random resets happening occasionally during FTP data transfer wh

Do NOT, ever, run with admin privileges, it's not required on Windows. Can you post the contents of the Help -> Abou