Re: Set capture to TZ blah?

[Guy Harris <guy () alum mit edu>]

On Mar 14, 2015, at 12:34 PM, Jeff Morriss <jeff.morriss.ws () gmail com> wrote:

> On 03/14/2015 02:16 PM, Guy Harris wrote:
> > On Mar 14, 2015, at 8:00 AM, Niels de Vos <ndevos () redhat com> wrote:
> >
> > > When I have captures and logs that do not match the timezone, I use the
> > > TZ environment variable to read the captures in the timezone of the
> > > logs, like:
> > >
> > >    $ TZ=America/New_York tshark -r /path/to/capture.pcap.gz ....
> > >
> > > or
> > >
> > >    $ TZ=America/New_York wireshark /path/to/capture.pcap.gz
> >
> > That would work on systems using the IANA tz database (and using the new tz naming scheme; I'm not sure whether 
> > Solaris does), so it'd work on, at minimum, most if not all Linux distributions, *BSD, and OS X.
> >
> > However, it doesn't work on, for example, Windows, which doesn't use the IANA tz database.
>
> (I think) the only thing that doesn't work on Windows is specifying the timezone in that format.  At least according 
> to:
>
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2629#c4
>
> you can still set the TZ variable on Windows (in a command shell) and Wireshark will use it.  Presumably you just 
> need to know the right format.

        https://msdn.microsoft.com/en-us/library/90s5c885.aspx

> (Personally I'm more used to doing things like TZ=PDT

        $ sw_vers
        ProductName:    Mac OS X
        ProductVersion: 10.8.5
        BuildVersion:   12F2501
        $ date
        Sat Mar 14 12:42:50 PDT 2015 
        $ TZ=PDT date
        Sat Mar 14 19:41:29 UTC 2015

Perhaps you meant "TZ=PST8PDT"?  That syntax dates back at least to System III:

        http://bitsavers.org/pdf/att/unix/System_III/UNIX_Users_Manual_Release_3_Jun80.pdf

(see the ENVIRON(7) page near the end), but wasn't used in V7 or BSD.  POSIX went with an extended version of that 
syntax:

        http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html

but Microsoft's doesn't support all the POSIX capabilities - in particular, the documentation does not claim that you 
can specify the *transition dates/times for daylight savings time/summer time*, so presumably it assumes the same rules 
as for your locale, which are likely to be wrong if the time zone setting you want for the capture is for a country 
other than, if you're in the US or Canada, the US or Canada or, if you're in Europe, another European country.

> than these fancy new-fangled TZ names;

"New-fangled" presumably meaning "prior to 1986", when the tz database was first introduced.  The advantage of the 
Olson/IANA names is that the names don't themselves incorporate the transition rules, the way the POSIX strings do, but 
do *identify* them, which the old-style UNIX TZ and Microsoft TZ settings don't.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe