Ethereal: Re: [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on Win2k

Ethereal-users: July 2002

Subject: Re: [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on Win2k
From: Guy Harris <guy@xxxxxxxxxx>
Date: Wed, 3 Jul 2002 16:47:21 -0700

On Thu, Jul 04, 2002 at 09:43:36AM +1000, Tino wrote:
> 2)  " not" meant as follow:
>        the file size is zero during capture and after CTRL-C even when an
> RST was generated.

As I suspected.

>  3) One thing though, when it was working capturing to the file without the
> " tcp.flags.reset eq 1", I could see the file test.txt grows
>       in size during capturing (not having to press CTRL-C to write to the
> file).  Not sure why though.

Tethereal (like tcpdump/WinDump) writes to the file as it receives
packets; it doesn't buffer all packets in memory and then write them all
out when interrupted.

> 5) I meant to sit down and learn UNIX to convert the filter to TCPDUMP
> format capture filter.  Thanks for your help with the conversion.

Tcpdump isn't just for UNIX:

	http://windump.polito.it/

Follow-Ups:
- Re: [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on Win2k
  - From: Guy Harris

References:
- [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on Win2k
  - From: Tino
- Re: [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on Win2k
  - From: Guy Harris
- Re: [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on Win2k
  - From: Tino

Prev by Date: Re: [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on Win2k
Next by Date: Re: [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on Win2k
Previous by thread: Re: [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on Win2k
Next by thread: Re: [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on Win2k
Index(es):
- Date
- Thread