Ethereal: Re: [ethereal-dev] Ethereal on Solaris -- lexical scanner problem s.

Ethereal-dev: August 1999

Subject: Re: [ethereal-dev] Ethereal on Solaris -- lexical scanner problem s.
From: Guy Harris <guy@xxxxxxxxxx>
Date: Fri, 6 Aug 1999 15:27:15 -0700 (PDT)

> $1 = {ts_sec = 12513210, ts_usec = 3489792186, incl_len = 3689869315,
>   orig_len = 134235392}

	#
	# "showtime_t" is a little program I whipped up a while ago
	# that takes a "time_t" value as an argument and prints it
	# out as a date and time.
	tooting$ showtime_t 12513210
	Mon May 25 12:53:30 1970

Hmm.  That's not a good sign; it looks as if we're at a bogus offset in
the file.

	tooting$ bc
	obase=16
	12513210
	BEEFBA
	3489792186
	D00200BA
	3689869315
	DBEEF003
	134235392
	8004500

"BEEF" looks a little suspicious - in fact, it looks as if "BADBEEF"
appears; this could be packet data of some sort, further suggesting that
we're at the wrong offset in the file.

Do you happen to have a pre-0.7.0 Ethereal handy, configured *without*
"wiretap"?  If so, it might be interesting to see whether it can read
the same capture file; if so, that suggests some problem with
"wiretap"'s handling of "libpcap" files.

Follow-Ups:
- Re: [ethereal-dev] Ethereal on Solaris -- lexical scanner problem s.
  - From: Guy Harris

References:
- RE: [ethereal-dev] Ethereal on Solaris -- lexical scanner problem s.
  - From: Brown, Wes

Prev by Date: Re: [ethereal-dev] Ethereal memory leakage fix and feature enhancement
Next by Date: Re: [ethereal-dev] Ethereal on Solaris -- lexical scanner problem s.
Previous by thread: RE: [ethereal-dev] Ethereal on Solaris -- lexical scanner problem s.
Next by thread: Re: [ethereal-dev] Ethereal on Solaris -- lexical scanner problem s.
Index(es):
- Date
- Thread