Netfortius wrote:
On a MacOSX, using the latest (0.99.3a) version of wireshark, I am attempting
to run in one terminal a:
$sudo tcpreplay -i lo0 capture-file.cap (or even -R to speed up the process)
while in a wireshark *session* reading out of the same lo0 (local interface on
a MacOSX), but I am getting for all traffic IP header length = 0 (should be
at least 20), thus nothing interpreted.
The capture-file.cap was previously obtained via a wireshark capture session
of a real TCP session, produced with *against* a real network interface (en0
in the case of this specific MacOSX system I am working with).
Does tcpreplay support reading from a capture file on an Ethernet
interface (with a link-layer type of DLT_EN10MB) and sending it on a BSD
loopback interface (with a link-layer type of DLT_NULL)?
If not, that's the problem.