Ethereal-users: Re: [Ethereal-users] Strange things happen with tethereal -w option (V 0.94) on

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <guy@xxxxxxxxxx>
Date: Wed, 3 Jul 2002 16:47:21 -0700
On Thu, Jul 04, 2002 at 09:43:36AM +1000, Tino wrote:
> 2)  " not" meant as follow:
>        the file size is zero during capture and after CTRL-C even when an
> RST was generated.

As I suspected.

>  3) One thing though, when it was working capturing to the file without the
> " tcp.flags.reset eq 1", I could see the file test.txt grows
>       in size during capturing (not having to press CTRL-C to write to the
> file).  Not sure why though.

Tethereal (like tcpdump/WinDump) writes to the file as it receives
packets; it doesn't buffer all packets in memory and then write them all
out when interrupted.

> 5) I meant to sit down and learn UNIX to convert the filter to TCPDUMP
> format capture filter.  Thanks for your help with the conversion.

Tcpdump isn't just for UNIX:

	http://windump.polito.it/