Ethereal-dev: Re: [ethereal-dev] can't open capture files from RedHat

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date: Wed, 4 Oct 2000 11:18:53 -0500
Can you attach the binary trace files?

--gilbert

Matthew Boeckman <matthewb@xxxxxxxxxxxxx> on 10/04/2000 10:00:46 AM

To:   ethereal-dev@xxxxxxxx
cc:    (bcc: Gilbert Ramirez/Tivoli Systems)
Subject:  [ethereal-dev] can't open capture files from RedHat




I have 0.8.12 running on a freshly installed RH7.0 distro. After
upgrading to RH7.0 I am unable to open any tcpdumps with ethereal. I get
the error "The file "filename" is not a capture file in a format
Ethereal understands. Attached are captures from a RH6.1, 6.2, and 7.0
box, all of which are un-openable. I am able to capture from the
ethereal menu just fine (after working out a little font problem, the
default font with 8.12 displays gibberish under rh7.0) .

The rh6.1 box is running tcpdump 3.4, and libpcap 0.4.
the rh6.2 box is running default RH tcpdump and libpcap 0.4-16 (rpm)
the 7.0 box is running default RH tcpdump and libpcap 0.4-16 (rpm)

???
--
Matthew Boeckman              (913) 327-5360
Systems/Network Administrator      (913) 302-1125 - Cell
ClaimPort                matthewb@xxxxxxxxxxxxx
Time is an illusion perpetrated by the manufacturers of space.

09:34:39.066658 amiga.claimport.com.ssh > leto-ii.claimport.com.1022: P
2809477166:2809477210(44) ack 3825513046 win 32120 <nop,nop,timestamp
6227709 8756007> (DF) [tos 0x10]
09:34:39.076658 leto-ii.claimport.com.1022 > amiga.claimport.com.ssh: . ack
44 win 32120 <nop,nop,timestamp 8756035 6227709> (DF) [tos 0x10]
09:34:39.086658 amiga.claimport.com.1024 > ns2.claimport.com.domain: 3024+
(43)
09:34:39.096658 wopr.claimport.com.syslog > amiga.claimport.com.syslog: udp
136
09:34:39.096658 amiga.claimport.com > wopr.claimport.com: icmp:
amiga.claimport.com udp port syslog unreachable [tos 0xc0]
09:34:39.436658 0:1:63:bb:e:cd > 1:80:c2:0:0:0 802.1d ui/C len=47
                0000 0000 0080 0000 0142 d417 c000 0000
                1380 0000 0163 bb0e c080 1a01 0014 0002
                000f 0000 0000 0000 0000 00c1 000c 00
09:34:41.446658 0:1:63:bb:e:cd > 1:80:c2:0:0:0 802.1d ui/C len=47
                0000 0000 0080 0000 0142 d417 c000 0000
                1380 0000 0163 bb0e c080 1a01 0014 0002
                000f 0000 0000 0000 0000 00c1 000c 00
09:34:42.236658

09:50:37.679190 eth0 < 146.83.123.60.64848 > 143-corp.claimport.com.www: R
7872646:7872646(0) win 0 (DF)
09:50:37.680079 eth0 < 146.83.123.60.64849 > 143-corp.claimport.com.www: R
7873786:7873786(0) win 0 (DF)
09:50:37.680712 eth0 > deepblue.ssh > leto-ii.1021: .
3762037113:3762037113(0) ack 3830649391 win 32120 <nop,nop,timestamp
236688255 8763365> (DF) [tos 0x10]
09:50:37.680857 eth0 > deepblue.ssh > leto-ii.1021: P 0:108(108) ack 1 win
32120 <nop,nop,timestamp 236688255 8763365> (DF) [tos 0x10]
09:50:37.681884   lo > deepblue.1375 > deepblue.domain: 31846+ PTR?
143.35.19.64.in-addr.arpa. (43)
09:50:37.681884   lo < deepblue.1375 > deepblue.domain: 31846+ PTR?
143.35.19.64.in-addr.arpa. (43)
09:50:37.682154   lo > deepblue.domain > deepblue.1375: 31846* 1/2/2 PTR
143-corp.claimport.com. (168)
09:50:37.682154   lo < deepblue.domain > deepblue.1375: 31846* 1/2/2 PTR
143-corp.claimport.com. (168)
09:50:37.682695   lo > deepblue.1375 > deepblue.domain: 31847+ PTR?
60.123.83.146.in-addr.arpa. (44)
09:50:37.682695   lo < deepblue.1375 > deepblue.domain: 31847+ PTR?
60.123.83.146.in-addr.arpa. (44)
09:50:37.682965 eth0 > deepblue.4798 > i.root-servers.net.domain: 58334
PTR? 60.123.83.146.in-addr.arpa. (44)
09:50:37.692564 eth0 < leto-ii.1021 > deepblue.ssh: . 1:1(0) ack 108 win
32120 <nop,nop,timestamp 8763368 236688255> (DF) [tos 0x10]
09:50:37.780873   lo > deepblue.2244 > deepblue.6012: P
3347216154:3347216362(208) ack 3345694078 win 31072 <nop,nop,timestamp
236688265 236688226> (DF)
09:50:37.780873   lo < deepblue.2244 > deepblue.6012: P 0:208(208) ack 1
win 31072 <nop,nop,timestamp 236688265 236688226> (DF)
09:50:37.781078 eth0 > deepblue.ssh > forsaken.1020: P
953575642:953575870(228) ack 3323480841 win 31856 <nop,nop,timestamp
236688265 15450852> (DF) [tos 0x10]
09:50:37.792611 eth0 < forsaken.1020 > deepblue.ssh: . 1:1(0) ack 228 win
31856 <nop,nop,timestamp 15450893 236688265> (DF) [tos 0x10]
09:50:37.800700   lo > deepblue.6012 > deepblue.2244: . 1:1(0) ack 208 win
30976 <nop,nop,timestamp 236688267 236688265> (DF)
09:50:37.800700   lo < deepblue.6012 > deepblue.2244: . 1:1(0) ack 208 win
30976 <nop,nop,timestamp 236688267 236688265> (DF)
09:50:37.863070 eth0 < i.root-servers.net.domain > deepblue.4798: 58334-
0/4/2 (208)
09:50:37.863684 eth0 > deepblue.4798 > d.root-servers.net.domain: 22536 A?
TERMINUS.REUNA.CL. (35)
09:50:37.863888 eth0 > deepblue.4798 > d.root-servers.net.domain: 14703 A?
NS.DCC.UCHILE.CL. (34)
09:50:37.864091 eth0 > deepblue.4798 > c.gtld-servers.net.domain: 270 A?
SPARKY.CCMAIL.COM. (35)
09:50:37.864178 eth0 >

09:52:52.733605 eth0 M 802.1d config 8000.00:01:63:b9:ff:c0.8021 root
8000.00:01:63:b9:ff:c0 pathcost 0 age 0 max 20 hello 2 fdelay 15
09:52:54.734596 eth0 M 802.1d config 8000.00:01:63:b9:ff:c0.8021 root
8000.00:01:63:b9:ff:c0 pathcost 0 age 0 max 20 hello 2 fdelay 15
09:52:55.858041 eth0 > leto-ii.2179 > deepblue.pop3: S
4050461910:4050461910(0) win 32120 <mss 1460,sackOK,timestamp 8768883
0,nop,wscale 0> (DF)
09:52:55.858222 eth0 < deepblue.pop3 > leto-ii.2179: S
3940096298:3940096298(0) ack 4050461911 win 32120 <mss
1460,sackOK,timestamp 236693772 8768883,nop,wscale 0> (DF)
09:52:55.858267 eth0 > leto-ii.2179 > deepblue.pop3: . 1:1(0) ack 1 win
32120 <nop,nop,timestamp 8768884 236693772> (DF)
09:52:55.863963 eth0 < deepblue.pop3 > leto-ii.2179: P 1:51(50) ack 1 win
32120 <nop,nop,timestamp 236693772 8768884> (DF)
09:52:55.864009 eth0 > leto-ii.2179 > deepblue.pop3: . 1:1(0) ack 51 win
32120 <nop,nop,timestamp 8768884 236693772> (DF)
09:52:55.864277 eth0 > leto-ii.2179 > deepblue.pop3: P 1:15(14) ack 51 win
32120 <nop,nop,timestamp 8768884 236693772> (DF)
09:52:55.864432 eth0 < deepblue.pop3 > leto-ii.2179: . 51:51(0) ack 15 win
32120 <nop,nop,timestamp 236693772 8768884> (DF)
09:52:55.864590 eth0 < deepblue.pop3 > leto-ii.2179: P 51:87(36) ack 15 win
32120 <nop,nop,timestamp 236693772 8768884> (DF)
09:52:55.864748 eth0 > leto-ii.2179 > deepblue.pop3: P 15:29(14) ack 87 win
32120 <nop,nop,timestamp 8768884 236693772> (DF)
09:52:55.867189 eth0 < deepblue.pop3 > leto-ii.2179: . 87:87(0) ack 29 win
32120 <nop,nop,timestamp 236693773 8768884> (DF)
09:52:55.871058 eth0 < deepblue.pop3 > leto-ii.2179: P 87:149(62) ack 29
win 32120 <nop,nop,timestamp 236693773 8768884> (DF)
09:52:55.871169 eth0 > leto-ii.2179 > deepblue.pop3: P 29:35(6) ack 149 win
32120 <nop,nop,timestamp 8768885 236693773> (DF)
09:52:55.871426 eth0 < deepblue.pop3 > leto-ii.2179: P 149:160(11) ack 35
win 32120 <nop,nop,timestamp 236693773 8768885> (DF)
09:52:55.871663 eth0 > leto-ii.2179 > deepblue.pop3: P 35:41(6) ack 160 win
32120 <nop,nop,timestamp 8768885 236693773> (DF)
09:52:55.871931 eth0 < deepblue.pop3 > leto-ii.2179: P 160:201(41) ack 41
win 32120 <nop,nop,timestamp 236693773 8768885> (DF)
09:52:55.872231 eth0 < deepblue.pop3 > leto-ii.2179: F 201:201(0) ack 41
win 32120 <nop,nop,timestamp 236693773 8768885> (DF)
09:52:55.872260 eth0 > leto-ii.2179 > deepblue.pop3: . 41:41(0) ack 202 win
32120 <nop,nop,timestamp 8768885 236693773> (DF)
09:52:55.875671 eth0 > leto-ii.2179 > deepblue.pop3: F 41:41(0) ack 202 win
32120 <nop,nop,timestamp 8768885 236693773> (DF)
09:52:55.875829 eth0 < deepblue.pop3 > leto-ii.2179: . 202:202(0) ack 42
win 32120 <nop,nop,timestamp 236693773 8768885> (DF)
09:52:56.737273 eth0 M 802.1d config 8000.00:01:63:b9:ff:c0.8021 root
8000.00:01:63:b9:ff:c0 pathcost 0 age 0 max 20 hello 2 fdelay 15