Wireshark · Ethereal-users: Re: [Ethereal-users] Difference between TCPDump capture file and Ethereal capture file

Ethereal-users: Re: [Ethereal-users] Difference between TCPDump capture file and Ethereal captur

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Martin Regner" <martin.regner@xxxxxxxxx>

Date: Thu, 13 Mar 2003 18:26:09 +0100

Jacky Buyck wrote:
<Hi all.
<Is there a difference between a file capture byt the following command :
<tcpdump -w file
<and a dump capture throught ethereal ?
<
<I ask this question because I have detect some problem when analysing H323 communications.
<When I make a dump with tcpdump on linux and read it on win32 ethereal (with H323 plugins) it's not the same result that a file <capure on Ethereal on linux and read on ethereal on Win32.
<
<Any explanation to that ???


Its probably the snaplen that you have increase from the default value, use the "-s" option of tcpdump.

Prev by Date: [Ethereal-users] Difference between TCPDump capture file and Ethereal capture file
Next by Date: Re: [Ethereal-users] New Ethereal install v9.11
Previous by thread: Re: [Ethereal-users] Difference between TCPDump capture file and Ethereal capture file
Next by thread: [Ethereal-users] Trying to measure CRC errors..
Index(es):
- Date
- Thread