[olwillm@xxxxxxxxxxxx]

The problem is stightly more complicated than I expected and the information I
gave first were not accurate.
1/ The source file is a MS Netmon file, which has 165 frames captured : (See
attached file: original.cap)
2/ The converted file in DOS sniffer format , using ethereal 0.8.7 on HP-UX
(Unix) is completly corrupted, but still has 169 frames in it. It is not
readable by the "Wandel an Golteman Mentor" product, which reads DOS sniffer
files : (See attached file: hpux.enc)
3/ The converted file in DOS sniffer format , using ethereal 8.4.4 on Linux is
readable and seems OK at first, but the information is bad beginning at frame
17. Moreover, it decodes 169 frames : (See attached file: linux.enc)
4/ The converted file in DOS sniffer format , using ethereal 8.4.7 on Windows is
OK : (See attached file: windows.enc). I am able to read it with "Wandel an
Golterman Mentor" and ethereal 8.4.7 on HP-UX.
---------------------- Envoy�e par Olivier Willm/NSS/ORY/GRAF/FR le 12/05/2000
13:53 ---------------------------


Gilbert Ramirez <gram@xxxxxxxxxx> le 10/05/2000 17:30:39
                                                           
                                                           
                                                           
 Pour  Olivier Willm/NSS/ORY/GRAF/FR@GRAF                  
 :                                                         
                                                           
 cc :  ethereal-users@xxxxxxxx                             
                                                           
                                                           
                                                           
 Objet Re: [ethereal-users] Conversion to DOS sniffer file 
 :     is wrong under HP-UX and Windows    NT but is OK on 
       Linux                                               
                                                           




On Wed, May 10, 2000 at 07:53:26AM -0500, olwillm@xxxxxxxxxxxx wrote:
>
>
>
>
> I tried to convert a Windows Netmon capture file using either the graphical
> interface (ethereal) or editcap and it generates a badly formatted output.
> It does not work with ethereal 0.8.7 (binary distribution from
> http://hpux.connect.org.uk/) and the windows 0.8.8 binary distribution. I
> compiled 0.8.4 on my linux Mandrake 7.02 at home and it works fine !
> I saw someone had a similar problem in March. How was it solved ?

If it worked on Unix but not on Windows then we probably have a bug
related to text files vs. binary files. Can you recreate a small
file, both on Windows and on Unix, and send them to ethereal-dev@xxxxxxxx?

--gilbert

Attachment: att1.eml
Description: Binary data

--

Les donn�es et renseignements contenus dans ce message sont personnels,
confidentiels et secrets. Ce message est adress� � l'individu ou l'entit� dont
les coordonn�es figurent ci-dessus. Si vous n'�tes pas le bon destinataire, nous
vous demandons de ne pas lire, copier, utiliser ou divulguer cette
communication. Nous vous prions de notifier cette erreur � l'exp�diteur et
d'effacer immediatement cette communication de votre syst�me.

The information contained in this message is privileged, confidential, and
protected from disclosure. This message is intended for the individual or entity
adressed herein. If you are not the intended recipient, please do not read,
copy, use or disclose this communication to others ;also please notify the
sender by replying to this message, and then delete it from your system.

Attachment: original.cap
Description: Binary data

Attachment: hpux.enc
Description: Binary data

Attachment: linux.enc
Description: Binary data

Attachment: windows.enc
Description: Binary data