Re: Absolute arrvial time of packet in wireshark

[Pascal Quantin <pascal.quantin () gmail com>]

Hi,

my understanding is that Anders was referring to the field you are looking
at (each packet being timestamped by WinPcap).

Pascal.


2014-06-26 16:31 GMT+02:00 Vishnu Bhatt <vishnu.bhatt () aricent com>:

>  Thanks for the reply. But I am talking of the following time:
>
>
>
>
>
>
>
>
>
> *From:* wireshark-dev-bounces () wireshark org [mailto:
> wireshark-dev-bounces () wireshark org] *On Behalf Of *Anders Broman
> *Sent:* Thursday, June 26, 2014 7:33 PM
>
> *To:* Developer support list for Wireshark
> *Subject:* Re: [Wireshark-dev] Absolute arrvial time of packet in
> wireshark
>
>
>
> And http://wiki.wireshark.org/Timestamps
>
>
>
> *From:* Anders Broman
> *Sent:* den 26 juni 2014 16:02
> *To:* 'Developer support list for Wireshark'
> *Subject:* RE: Absolute arrvial time of packet in wireshark
>
>
>
> Hi,
>
> If you are talking about the packet timestamps they are delivered by
> Winpcap together with the packet data in case of real time capturing.
>
> Google “winpcap time stamps” for further reading.
>
> Regards
>
> Anders
>
>
>
> *From:* wireshark-dev-bounces () wireshark org [
> mailto:wireshark-dev-bounces () wireshark org
> <wireshark-dev-bounces () wireshark org>] *On Behalf Of *Vishnu Bhatt
> *Sent:* den 26 juni 2014 15:47
> *To:* wireshark-dev () wireshark org
> *Subject:* [Wireshark-dev] Absolute arrvial time of packet in wireshark
>
>
>
> Hello,
>
>
>
> I need to know how does Wireshark gets the absolute arrival time of a
> packet in windows system? I saw in the code and found that
> GetSystemTimeAsFileTime() is used to get the system time in windows but the
> code at that point doesn’t hit. From where is the time being taken by
> Wireshark while capturing?
>
>
>
> Any help would be appreciated.
>
>
>
> Thanks
>
> "DISCLAIMER: This message is proprietary to Aricent and is intended solely
> for the use of the individual to whom it is addressed. It may contain
> privileged or confidential information and should not be circulated or used
> for any purpose other than for what it is intended. If you have received
> this message in error, please notify the originator immediately. If you are
> not the intended recipient, you are notified that you are strictly
> prohibited from using, copying, altering, or disclosing the contents of
> this message. Aricent accepts no responsibility for loss or damage arising
> from the use of the information transmitted by this email including damage
> from virus."
>  "DISCLAIMER: This message is proprietary to Aricent and is intended
> solely for the use of the individual to whom it is addressed. It may
> contain privileged or confidential information and should not be circulated
> or used for any purpose other than for what it is intended. If you have
> received this message in error, please notify the originator immediately.
> If you are not the intended recipient, you are notified that you are
> strictly prohibited from using, copying, altering, or disclosing the
> contents of this message. Aricent accepts no responsibility for loss or
> damage arising from the use of the information transmitted by this email
> including damage from virus."
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
> ?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe