On Dec 11, 2011, at 4:51 AM, Akos Vandra wrote:
> The missing wireshark error is:
>
> Invalid capture filter "" for interface trace1!
> That string isn't a valid capture filter (unknown data link type 292).
> See the User's guide for a description of the capture filter syntax.
When a new link-layer header type for capturing is added, libpcap's filter-compiling code needs to have support for it added, even if it's trivial support. See the "Currently, only raw "link[N:M]" filtering is supported." instances in gencode.c
> And here you can find my not-so-pretty code, it has to be cleaned up a
> lot, right now I am in the phase "hmm... let's see if that will
> work..." :)
> http://pastebin.com/fVnrEfpr
From that, it looks as if there are no time stamps in the data stream itself; the code is getting time stamps from gettimeofday().