Wireshark-users: Re: [Wireshark-users] Tag Mismatch in PDML export
From: "Prasad Shenoy" <prasad.shenoy@xxxxxxxxx>
Date: Fri, 25 Jan 2008 16:13:22 -0500
Jeff, Martin -
Martin - thanks for your suggestion. I will definitely open a new bug
to track this issue if need be. However, in the meantime, following
Jeff's suggestion, I installed the latest (nightly?) build (
0.99.8-SVN-24191) from the download site.
With the new import, I do not see the extra </proto> element anymore
but I noticed several <field> elements were included directly under
<packet>. See below for a snippet from my capture file...
<packet>
<proto ... ...>
<field name="tcp.checksum" .... .... >
<field name="tcp.checksum_good" ..../>
<field name="tcp.checksum_bad" .... />
</field>
</proto>
<field name="data" .... />
<field name="data.data" ... .../>
</packet>
#Second packet, third packet......
<packet>
...
</packet>
Is this valid? I tried looking up a schema doc for PDML but no luck?
Is there one available somewhere?
The following comment that I found in the notes for bug 2815 confirms
my doubt...
------- Comment #4 from [EMAIL PROTECTED] 2008-01-12 00:39 GMT -------
Change 24069 avoids closing off Data protocol nodes (even though they are
written out as field elements), since field elements are written out as simple
tags.
I don't know if having field elements immediately inside the packet element
(rather than being inside a protocol element) is allowed by the PDML schema..
--------------------------------------------End Comment
---------------------------------------------
Thanks
Prasad
On Jan 25, 2008 3:36 PM, Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> wrote:
>
> This problem was fixed after 0.99.7 was released. To get the fix you'll
> need to either wait for the next release (0.99.8, there's no plan for a
> release date that I'm aware of) or use a development version from:
>
> http://www.wireshark.org/download/automated/
>
> As noted in the bug, this problem was fixed in rev 24069 which means you
> need to choose a development version higher than that number.
>
>
> Prasad Shenoy wrote:
> > Martin -
> >
> > I should have included the details in my initial email. Sorry about that.
> >
> > I am using 0.99.7 on Win XP, the latest download from yesterday.
> >
> > I looked at bug # 2185 and even followed the command line suggestion but
> > with my own capture file instead of the one attached to the report. The
> > problem still persists.
> >
> > What is your advice in this situation?
> >
> > Thanks
> > Prasad
> >
> >
> > On Jan 25, 2008 3:11 PM, Martin Mathieson
> > <martin.r.mathieson@xxxxxxxxxxxxxx
>
> > <mailto:martin.r.mathieson@xxxxxxxxxxxxxx>> wrote:
> >
> > Hi,
> >
> > I fixed a but matching this description around 2 weeks ago (to fix
> > reported bug 2185). Could you please test with a later build?
> >
> > Hope this helps,
> > Martin
> >
> > On Jan 25, 2008 7:57 PM, Prasad Shenoy <prasad.shenoy@xxxxxxxxx
>
> > <mailto:prasad.shenoy@xxxxxxxxx>> wrote:
> >
> > Good people -
> >
> > I am new to this list so I apologize for loose etiquettes, if any.
> >
> > I would like to report a bug related to Wireshark PDML export
> > feature. While looking at a .pdml export of a recent capture, I
> > noticed a tag mismatch for element <proto> and several
> > occurrences of this mismatch in a single .pdml file.
> >
> > Has anyone noticed or run into this before?
> >
> > Any help and guidance is highly appreciated
> >
> > Thanks,
> > Prasad
> >
> >
> > _______________________________________________
> > Wireshark-users mailing list
> > Wireshark-users@xxxxxxxxxxxxx <mailto:Wireshark-users@xxxxxxxxxxxxx>
>
> > http://www.wireshark.org/mailman/listinfo/wireshark-users
> >
> >
> >
> > _______________________________________________
> > Wireshark-users mailing list
> > Wireshark-users@xxxxxxxxxxxxx <mailto:Wireshark-users@xxxxxxxxxxxxx>
>
> > http://www.wireshark.org/mailman/listinfo/wireshark-users
> >
> >
> >
> >
> > --
> > Prasad
> >
> >
> > ------------------------------------------------------------------------
>
>
>
> >
> > _______________________________________________
> > Wireshark-users mailing list
> > Wireshark-users@xxxxxxxxxxxxx
> > http://www.wireshark.org/mailman/listinfo/wireshark-users
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users
>
- References:
- [Wireshark-users] Tag Mismatch in PDML export
- From: Prasad Shenoy
- Re: [Wireshark-users] Tag Mismatch in PDML export
- From: Martin Mathieson
- Re: [Wireshark-users] Tag Mismatch in PDML export
- From: Prasad Shenoy
- Re: [Wireshark-users] Tag Mismatch in PDML export
- From: Jeff Morriss
- [Wireshark-users] Tag Mismatch in PDML export
- Prev by Date: Re: [Wireshark-users] top talkers by port usage or SYN attempts - ericsson error
- Next by Date: [Wireshark-users] Capture filter for MAC addresses
- Previous by thread: Re: [Wireshark-users] Tag Mismatch in PDML export
- Next by thread: [Wireshark-users] Resuming Circular File Buffer after a Computer Reboot
- Index(es):