Wireshark-users: [Wireshark-users] Timestamp Display - nsec Resolution
From: "Barry Constantine" <Barry.Constantine@xxxxxxxx>
Date: Thu, 31 Jul 2008 11:37:54 -0700
Principal Member of Technical Staff JDSU Communication Test (formerly Acterna) Emerging Markets and Technology Research One Milestone Center Court Germantown, MD 20876 (W) 240-404-2227 (C) 240-499-4750 -----Original Message----- From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of wireshark-users-request@xxxxxxxxxxxxx Sent: Thursday, July 31, 2008 2:30 PM To: wireshark-users@xxxxxxxxxxxxx Subject: Wireshark-users Digest, Vol 26, Issue 47 Send Wireshark-users mailing list submissions to wireshark-users@xxxxxxxxxxxxx To subscribe or unsubscribe via the World Wide Web, visit https://wireshark.org/mailman/listinfo/wireshark-users or, via email, send a message with subject or body 'help' to wireshark-users-request@xxxxxxxxxxxxx You can reach the person managing the list at wireshark-users-owner@xxxxxxxxxxxxx When replying, please edit your Subject line so it is more specific than "Re: Contents of Wireshark-users digest..." Hello Ulf, Can you give me some more details concerning the file format? Thanks, Barry Today's Topics: 1. TCP conversations (ximena cardozo) 2. Timestamp Display - nsec Resolution (Barry Constantine) 3. Re: Timestamp Display - nsec Resolution (Anders Broman) 4. IO Stat Interval with TShark (Rick Gudmundson) 5. Re: Timestamp Display - nsec Resolution (Ulf Lamping) 6. Wireshark staged in ninth art (comics) (metatech) ---------------------------------------------------------------------- Message: 1 Date: Wed, 30 Jul 2008 14:22:32 -0500 From: "ximena cardozo" <ximena.cardozo@xxxxxxxxx> Subject: [Wireshark-users] TCP conversations To: Wireshark-users@xxxxxxxxxxxxx Message-ID: <dbd2be130807301222l5969bf76m7a9bb34ace10cab3@xxxxxxxxxxxxxx> Content-Type: text/plain; charset="iso-8859-1" Hi I want to know the posibility to get the TCP conversation as statistics GUI present it but including the time "start it and finish it" and using the line command to export that to a .txt file. Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.wireshark.org/lists/wireshark-users/attachments/20080730/ce61 57a5/attachment.htm ------------------------------ Message: 2 Date: Wed, 30 Jul 2008 17:28:09 -0700 From: "Barry Constantine" <Barry.Constantine@xxxxxxxx> Subject: [Wireshark-users] Timestamp Display - nsec Resolution To: <wireshark-users@xxxxxxxxxxxxx> Message-ID: <6ECE57DF49376146B91A92A3C37EFC0E01E0F10E@xxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset="iso-8859-1" Hello, I was reading on the Wireshark wiki that pcap can support nsec timestamps (versus usec) and that Wireshark supports this time display. Can anyone comment if they have tried this out with an analyzer / capture device that supports nsec timestamps? Thanks, Barry -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.wireshark.org/lists/wireshark-users/attachments/20080730/6467 2cd4/attachment.htm ------------------------------ Message: 3 Date: Thu, 31 Jul 2008 10:39:41 +0200 From: "Anders Broman" <a.broman@xxxxxxxxx> Subject: Re: [Wireshark-users] Timestamp Display - nsec Resolution To: "'Community support list for Wireshark'" <wireshark-users@xxxxxxxxxxxxx> Message-ID: <1A5F6739823B4E59A99767B4807C7C1C@dittcb7aa3551c> Content-Type: text/plain; charset="iso-8859-1" _____ Fr?n: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] F?r Barry Constantine Skickat: den 31 juli 2008 02:28 Till: wireshark-users@xxxxxxxxxxxxx ?mne: [Wireshark-users] Timestamp Display - nsec Resolution Hello, I was reading on the Wireshark wiki that pcap can support nsec timestamps (versus usec) and that Wireshark supports this time display. Can anyone comment if they have tried this out with an analyzer / capture device that supports nsec timestamps? Thanks, Barry Did you also read http://wiki.wireshark.org/Timestamps ? Regards Anders -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.wireshark.org/lists/wireshark-users/attachments/20080731/3b8b ce12/attachment.htm ------------------------------ Message: 4 Date: Wed, 30 Jul 2008 16:34:33 -0500 From: "Rick Gudmundson" <rickg421@xxxxxxxxx> Subject: [Wireshark-users] IO Stat Interval with TShark To: Wireshark-users@xxxxxxxxxxxxx Message-ID: <7549993c0807301434y1b6e6373v23da9f60d5eec465@xxxxxxxxxxxxxx> Content-Type: text/plain; charset="iso-8859-1" I've just started scripting around tshark to pull information out of my captures. I like the io,stat flexibility. I was wondering if there was a way to run it without an interval and just against the entire capture. It doesn't like 0 (must be >= 0.001) and it needs something there. I can use a 'really big number' for the interval, but I was wondering if there was a better way. If there's not, maybe it would be useful to have the 0 value for the interval represent the entire capture. Rick -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.wireshark.org/lists/wireshark-users/attachments/20080730/59f0 3615/attachment.htm ------------------------------ Message: 5 Date: Thu, 31 Jul 2008 18:20:47 +0200 From: Ulf Lamping <ulf.lamping@xxxxxx> Subject: Re: [Wireshark-users] Timestamp Display - nsec Resolution To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx> Message-ID: <4891E65F.50000@xxxxxx> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Barry Constantine schrieb: > Hello, > > I was reading on the Wireshark wiki that pcap can support nsec > timestamps (versus usec) and that Wireshark supports this time display. > > Can anyone comment if they have tried this out with an analyzer / > capture device that supports nsec timestamps? > Hi Barry! I've introduced this file format some time ago for our "in-house" capturing device which is not publically available. I don't know of any other hard- or software that uses this file format ... Regards, ULFL ------------------------------ Message: 6 Date: Thu, 31 Jul 2008 20:15:53 +0200 From: metatech <metatech@xxxxxxxxxxxxx> Subject: [Wireshark-users] Wireshark staged in ninth art (comics) To: wireshark-users@xxxxxxxxxxxxx Message-ID: <5.1.1.6.2.20080731200414.012ad160@xxxxxxxxxxxx> Content-Type: text/plain; charset="iso-8859-1" Hello, Wireshark is staged in a comics album called Climax "Le d?sert blanc" by Brahy, Corbeyran and Braquelaire (page 26) As you can see from the attachment it is a real screenshot of a true Wireshark session. You can see that the network card name is "eth0" and that it looks like Linux KDE (which version ?) You can see that the IP address is 147.210.9.15 which resolves to raoul.labri.fr at Laboratoire Bordelais de Recherche en Informatique. It is nice to see that a hacker story contains some real tools and no Hollywood OS :-) Cheers, metatech -------------- next part -------------- A non-text attachment was scrubbed... Name: Wireshark_Climax.jpg Type: image/jpeg Size: 192224 bytes Desc: not available Url : http://www.wireshark.org/lists/wireshark-users/attachments/20080731/fa6f 0554/attachment.jpg ------------------------------ _______________________________________________ Wireshark-users mailing list Wireshark-users@xxxxxxxxxxxxx https://wireshark.org/mailman/listinfo/wireshark-users End of Wireshark-users Digest, Vol 26, Issue 47 ***********************************************
- Follow-Ups:
- Re: [Wireshark-users] Timestamp Display - nsec Resolution
- From: Ulf Lamping
- Re: [Wireshark-users] Timestamp Display - nsec Resolution
- Prev by Date: [Wireshark-users] Wireshark staged in ninth art (comics)
- Next by Date: [Wireshark-users] Can't load a MIB file
- Previous by thread: Re: [Wireshark-users] Timestamp Display - nsec Resolution
- Next by thread: Re: [Wireshark-users] Timestamp Display - nsec Resolution
- Index(es):