I would guess this too, except the same capture works fine when not capturing live, and wireshark correctly dissects the protocol in the middle pane in live mode and on static dump files. It just highlights the bytes in the bottom pane incorrectly while the live session is taking place, which makes no sense to me at all.
On Dec 21, 2009 1:00 PM, "Jaap Keuter" <jaap.keuter@xxxxxxxxx> wrote:
Hi,
My guess would be that the offsets passed in the proto_tree_add_xxx() calls is
incorrect.
Thanks,
Jaap
Jeremy O'Brien wrote:
> 1.2.2 on windows. Haven't tried live captures on Linux yet. Only dump
> files.
>
>> On Dec 18, 2...
>> <mailto:jaap.keuter@xxxxxxxxx>> wrote:
>>
>> Hi,
>>
>> One which Wireshark release are you develo...