https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4443
Summary: Capture fails after a few seconds
Product: Wireshark
Version: 1.2.6
Platform: x86
OS/Version: Linux (other)
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: wulfsolter@xxxxxxxxx
Created an attachment (id=4242)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4242)
Example of a capture by Dumpcap 1.2.6 that will not open in Wireshark 1.2.6
Build Information:
wireshark 1.2.6
Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.18.5, with GLib 2.22.3, with libpcap 1.0.0, with libz
1.2.3.7, with POSIX capabilities (Linux), with libpcre 8.1, without SMI,
without
c-ares, without ADNS, without Lua, with GnuTLS 2.8.5, with Gcrypt 1.4.5, with
Heimdal Kerberos, without GeoIP, without PortAudio, without AirPcap.
Running on Linux 2.6.32-ARCH, with libpcap version 1.0.0, GnuTLS 2.8.5, Gcrypt
1.4.5.
Built using gcc 4.4.3.
On ArchLinux 2.6.32.6, other similar programs such as
ettercap/tcpdump/aircrack-ng suite, etc all run fine.
--
Listing capture interfaces shows packets coming in. After selecting an
interface and starting a session, there is a 2 second window of capture, after
which capture stops. Dumpcap (1.2.6) will keep capturing, but Wireshark cannot
read files - reporting a "An error occurred while reading from the file
"/tmp/wiresharkXXXXxxxxxx": Less data was read than was expected." Said file
exists and keeps growing.
Browsing to open a dumpcap file, wireshark sees the format as "RedHad 6.1
tcpdump - libcap" with "Packets: error reading after 0 packets"
Attempting to open results in error: "The capture file appears to be damaged or
corrupt. (pcap: File has 3221647360-byte packet, bigger than maximum of 65535)"
with byte size being the size of the capture, growing with time.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.