Re: Wireshark (Tshark issue ) help required.

[Ravi Inder Singh <raviinder () gmail com>]

Tshark version :- Its on ubuntu 14  this is version details.

   TShark 1.10.6 (v1.10.6 from master-1.10)

Which version you are using ?

FYI .. ubuntu version details are also here
***********************
 uname -a
Linux ubuntu 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 03:51:08 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux

**********************




On Tue, Sep 2, 2014 at 1:15 AM, Guy Harris <guy () alum mit edu> wrote:

> On Sep 1, 2014, at 6:16 PM, Ravi Inder Singh <raviinder () gmail com> wrote:
>
> > When i gave following command on ubuntu
> >
> > tshark -2 -F pcap -r tcpdump.pcap -R "tcp and ip" -w  write.pcap
> >
> > 1) used -F pcap option i want e.pcap in old pcap format.
> >
> > problem/issue :- When i open write.pcap it has loosed his old time/date
> >
> >  i.e. tcpdump.pcap  in its Time column is having 26 July 2014  with some
> time 10.12.34 , but in write.pcap it comes to 1970-01-01 with time
> 00.00.00  in Time column.
>
> That didn't happen when I tried this with the top-of-trunk version of
> TShark.
>
> What version of tshark are you using?  (What does "tshark -v" print?)
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
> ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe