Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: network monitor 3.4 traces cannot be read

From: Guy Harris <guy () alum mit edu>
Date: Fri, 23 Jul 2010 03:19:45 -0700

On Jul 23, 2010, at 12:34 AM, Graham Bloice wrote:


Here's my capture.  Captured on Win 7 x64 Pro with NM 3.4 (3.4.2350.0).  Tried to load in to Wireshark x64 
1.5.0-SVN-33615 with the error I reported previously.  The capture has DNP3 traffic on port 2000 captured on a PPTP 
VPN.


OK, the per-file link-layer type for the file is 1, meaning Ethernet, but the per-packet link-layer type for most of 
the packets is 0.  That's probably a quirk either of VPN captures or general PPP captures.

I've checked into the trunk and 1.4 branches a change to treat a link-layer type of 0 as Ethernet; that allows it to 
read your capture.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: