Wireshark-users: Re: [Wireshark-users] ring buffer ?

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Jeff Morriss <jeff.morriss@xxxxxxxxxxx>
Date: Fri, 08 Dec 2006 10:26:14 +0800

Hi Kitty,
Well, it worked for me in 0.99.2 and 0.99.4 and it works for you in 0.99.4. I didn't see any changes in this area (in source control) between those two releases, so... 

Anyway, glad it's working now.

Regards,
-Jeff

Janssens, Kitty wrote:

Hello Jeff,
We've just upgraded to version 0.99.4 and the problem is gone ! Maybe something was wrong in 0.99.3a or maybe we made an error in making 
the package ??

Regards,
Kitty

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jeff Morriss
Sent: woensdag 6 december 2006 4:02
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] ring buffer ?


Hi Kitty,
Well, I was using Linux because that's what I have at home. I tried on Solaris (not that the OS should matter) using 0.99.2 today and it worked 

fine.  E.g., this command line:


wireshark -k -w /tmp/cap -b files:10 -b filesize:10 -i bge0


created 10 files of size ~10kb.
The only way I could get files of different sizes created was to add a time limit to each file, e.g.: 


wireshark -k -w /tmp/cap -b files:10 -b filesize:10000 -b duration:10

-i bge0

In this case Wireshark was creating files smaller than 10 Mb because the

"duration" limit fired before the "filesize" limit did.

Sorry, I'm not sure what could be wrong on your system...

Regards,
-Jeff

Janssens, Kitty wrote:

By the way, if I use duration as stop condition (e.g. 10 files, switch
to the next one every minute) then it works. But when I add the "-b
files" option, it goes wrong.

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Janssens,
Kitty
Sent: donderdag 30 november 2006 14:20
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] ring buffer ?

Hello  Mr. Morriss,

I've just tried capturing (without using a named pipe or any of my
software) directly on a link, by setting the multiple files option in
the "capture options" menu.
The result is the same : 1st file is OK, the next ones are 1 message
each.
Did you do your test on solaris ? Or doesn't that have any influence ?

Kitty

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jeff

Morriss

Sent: dinsdag 28 november 2006 14:54
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] ring buffer ?

Janssens, Kitty wrote:

I'm working with version 0.99.3a on Solaris (see version.txt).
I try to tell wireshark to work with a ring buffer, like this : wireshark -k -w output -b files:10 -b filesize:10 -i /PLAT/data/ss7monitoring/online/k5_0005.pipe -o gui.window_title:"V1.0.60_ProfileID_5" --display=... But this doesn't seem to work. The first file is OK, but then wireshark creates a lot of small files : -rw------- 1 be083074 cc_users 10376 nov 23 2006 output_00001_20061123131915 -rw------- 1 be083074 cc_users 110 nov 23 2006 output_00002_20061123131935 -rw------- 1 be083074 cc_users 144 nov 23 2006 output_00003_20061123131935 -rw------- 1 be083074 cc_users 110 nov 23 2006 output_00004_20061123131935 -rw------- 1 be083074 cc_users 144 nov 23 2006 output_00005_20061123131935 -rw------- 1 be083074 cc_users 24 nov 23 2006 output_00006_20061123131935
I found Bug 895 that seems to describe this problem, but it also says 


that this is solved in version 0.99.2.
Am I doing something wrong or is this bug not fixed in the version I use ?? 
As you noted, that bug should have been fixed already.
I just tried the current SVN version and didn't see the problem: each output file is about 10k. I don't think anything has changed in this area between 0.99.3 and the current SVN version so I can't explain the 


behavior you're seeing.


_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users