Ethereal-dev: [Ethereal-dev] Ethereal time problem with Sniffer Pro 4.50.04 files

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Sheinin, Oleg" <Oleg.Sheinin@xxxxxxxxx>
Date: Sun, 9 Dec 2001 13:11:46 +0200
Hi, All !
I have the time problem with Sniffer Pro files.
The files was captured by original program.
But if i opens it by Ethereal I have time difference.
For first packet in capture:
Pro: 11/14/2001 23:23:40.4420
Etereal: 2001-11-14 23:46:33.3289
 
For the end packet of the capture:
Pro: 11/14/2001 23:28:09.7996
Ethereal: 2001-11-15 00:00:01.402725
 
As I can guess the time differences is exactly triple, when captures is made at 100BaseT media.
The media speed can be found in the capture header structure.
 
/* NetXRay file header (minus magic number). */
struct netxray_hdr {
 char version[8]; /* version number */
 guint32 start_time; /* UNIX time when capture started */
 guint32 nframes; /* number of packets */
 guint32 xxx;  /* unknown */
 guint32 start_offset; /* offset of first packet in capture */
 guint32 end_offset; /* offset after last packet in capture */
 guint32 xxy[3];  /* unknown */
 guint16 network; /* datalink type */
 guint8 xxz[2];
 guint8 timeunit; /* encodes length of a tick */
 guint8 xxa[3];
 guint32 timelo;  /* lower 32 bits of time stamp of capture start */
 guint32 timehi;  /* upper 32 bits of time stamp of capture start */
 guint32 media_speed; /* the speed of the media */ <-------------------------------- HERE
 /*
  * XXX - other stuff.
  */
};
 
Regards,

Oleg Sheinin,
E-Mail: mailto://Oleg.Sheinin@xxxxxxxxx
This message is made with 100% recyclable electrons.

 

This message has been 'sanitized'. This means that potentially dangerous content has been rewritten or removed. The following log describes which actions were taken. 


Sanitizer (start="1007896836"):
  Part (pos="1309"):
    SanitizeFile (filename="unnamed.txt", mimetype="text/plain"):
      Match (rule="2"):
        Enforced policy: accept

  Part (pos="2853"):
    SanitizeFile (filename="unnamed.html", mimetype="text/html"):
      Match (rule="default"):
        Enforced policy: accept

    Rewrote HTML tag: >>_META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1251"_<<
                  as: >>_MANGLED_ON_PURPOSE_META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1251"_<<
    Rewrote HTML tag: >>_META content="MSHTML 5.50.4807.2300" name=GENERATOR_<<
                  as: >>_MANGLED_ON_PURPOSE_META content="MSHTML 5.50.4807.2300" name=GENERATOR_<<
    Total modifications so far: 2

Anomy 0.0.0 : Sanitizer.pm $Id: Sanitizer.pm,v 1.32 2001/10/11 19:27:15 bre Exp $