Wireshark-dev: Re: [Wireshark-dev] time question
From: wsgd <wsgd@xxxxxxx>
Date: Thu, 08 Apr 2010 21:47:14 +0200
The 4 bytes contains seconds (and not milli-seconds). Olivier Brian Oleksa a �crit :
AndersYes...I am aware of that. This is what I did...but I am still getting an invalid date. This is exactly what I get as the output (Jan 15th, 1970 16:59:15 UTC)nstime_t t; guint32 msecs_since_the_epoch; struct tm *tmp;msecs_since_the_epoch = tvb_get_ntohl(tvb, offset);t.secs = msecs_since_the_epoch / 1000;t.nsecs = (msecs_since_the_epoch % 1000)*1000000; /* milliseconds to nanoseconds */tmp = gmtime(&t.secs); if (tmp != NULL) {proto_tree_add_time_format(mgen_sub_tree, hf_helen_time, tvb, offset, 4, &t, "Date: %s %2d, %d %02d:%02d:%02d UTC", mon_names[tmp->tm_mon], tmp->tm_mday, tmp->tm_year + 1900, tmp->tm_hour, tmp->tm_min, tmp->tm_sec);} offset += 4; Thanks, Brian Anders Broman wrote:Brian Oleksa skrev 2010-04-08 16:41:Wiresharkers I am trying to dissect the time in a particular packet. Here is it's format: "The time is the source computer's system time in Greenwich Mean Time (GMT)." The size is 32 bits or 4 bytes. What is the best method to use to dissect this time..?? I tired this...but did not have any luck: nstime_t t; guint64 msecs_since_the_epoch; struct tm *tmp; msecs_since_the_epoch = tvb_get_ntoh64(tvb, offset);Well you are fetching 8 bytes not four...t.secs = msecs_since_the_epoch / 1000; t.nsecs = (msecs_since_the_epoch % 1000)*1000000; /* milliseconds to nanoseconds */ tmp = gmtime(&t.secs); if (tmp != NULL) { proto_tree_add_time_format(time_sub_tree, hf_helen_time, tvb, offset, 4,&t, "Date: %s %2d, %d %02d:%02d:%02d UTC", mon_names[tmp->tm_mon], tmp->tm_mday, tmp->tm_year + 1900, tmp->tm_hour, tmp->tm_min, tmp->tm_sec); } offset += 4 Also...I am trying to dissect longitude, latitude and altitude. Here is it's format. The size is also 32 bits or 4 bytes. The<latitude>,<longitude>, and<altitude> fields contain values corresponding to GPS information for the MGEN source if it was available. The<latitude> and<longitude> fields are encoded as follows: <fieldValue> = (unsigned long)((<actualValue>+180.0)*60000.0) The<altitude> field is the direct representation of the altitude value available from the source's GPS system. I tried this but had no luck: longitude = tvb_get_ntoh64(tvb, offset);Well you are fetching 8 bytes not four...longitude = (longitude+180)*60000;Assuming the field on the wire is encoded as: <fieldValue> = (unsigned long)((<actualValue>+180.0)*60000.0) shouldn't that be (double)actualValue= (longitude/60000.0)-180proto_tree_add_uint_format(mgen_sub_tree, hf_helen_length, tvb, offset, 4, 0, "Longitude: %f", longitude); offset += 4; Thanks, Brian ___________________________________________________________________________ Sent via: Wireshark-dev mailing list<wireshark-dev@xxxxxxxxxxxxx> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
-- Wireshark Generic Dissector http://wsgd.free.fr
- References:
- [Wireshark-dev] time question
- From: Brian Oleksa
 
- Re: [Wireshark-dev] time question
- From: Anders Broman
 
- Re: [Wireshark-dev] time question
- From: Brian Oleksa
 
 
- [Wireshark-dev] time question
- Prev by Date: Re: [Wireshark-dev] time question
- Next by Date: Re: [Wireshark-dev] USB URB hex bytes not shown
- Previous by thread: Re: [Wireshark-dev] time question
- Next by thread: Re: [Wireshark-dev] time question
- Index(es):