Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Req: Information regarding wireshark file logging

From: surabhi pandey <eshi14 () gmail com>
Date: Wed, 2 Jun 2010 13:06:45 +0530
Hi Douglas,

Thanks for your reply(about wireshark), it was really helpful ...

and about my name its good that u likd the movie (although i suppose it dint
do good in India ) anyways I think u meant The Ballad of Mangal
Pandey...(dunno if he was my grt grand fathr lol) !!![?]

On Mon, May 31, 2010 at 1:02 PM, Douglas Ross <doug_ross_59 () yahoo co uk>wrote:


Hi Surabhi,

Wireshark Documentation Appendix A "Files and Folders" gives some
explanation.

Here is an extract:
"

*Wireshark uses the libpcap file format as the default format to save
captured packets; this format has existed for a long time and it's pretty
simple. However, it has some drawbacks: it's not extensible and lacks some
information that would be really helpful (e.g. being able to add a comment
to a packet such as "the problems start here" would be really nice). *

*In addition to the libpcap format, Wireshark supports several different
capture file formats. However, the problems described above also applies for
these formats. *
"

and:
"
*A detailed description of the libpcap file format can be found at: **
http://wiki.wireshark.org/Development/LibpcapFileFormat*<http://wiki.wireshark.org/Development/LibpcapFileFormat>
* *
"
I use the default wireshark file (format).
When I access these files with my own software on Windows O/S, I open them
in binary format, as they are not recognised as text files. The first 24
bytes of each file have special information to identify it as libpcap file
format, and some other basic info. like GMT...


I hope this helps.
 Good luck.

Regards
Doug

btw your name has a special significance, I think.
A few years ago I saw "The Ballad Of Mandel Pandey". I was the *ONLY*person in the cinema (an afternoon in Melbourne, 
Australia).
It was a very moving story for me "a Britisher", born in India in the year
of independence.
 ------------------------------
*From:* surabhi pandey <eshi14 () gmail com>
*To:* wireshark-users () wireshark org
*Sent:* Mon, 31 May, 2010 2:15:19 PM
*Subject:* [Wireshark-users] Req: Information regarding wireshark file
logging


Hi ,
I want to know how the wireshark captured file are stored (i.e) in which
format is it stored , whether a live capture is stored temporarily in a file
or is it stored in some database. If in the file than what is the file
format it uses.
Thank you ...
--
---



___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org
?subject=unsubscribe





-- 
---
restless14.wordpress.com


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: