On Oct 15, 2012, at 9:20 PM, Guy Harris wrote:
>
> On Oct 15, 2012, at 6:41 PM, Perry Smith <pedzsan@xxxxxxxxx> wrote:
>
>> I'd be happy to supply a sample. Can you suggest a way to get it to you?
>
> The best way would probably be to file a bug at
>
> http://bugs.wireshark.org/
I can do that but wanted to point out that there are three ways to run iptrace.
One is just iptrace. Wireshark knows how to use those file just fine.
Second is iptrace with -B. This is where the problem arises. -B uses the bpf filter from tcpdump but formats the output as an iptrace file. This is where we see the problem.
Third is iptrace with -B and -T. Wireshark knows how to handle this file too.
It seems probable that this is an AIX bug. I want to investigate this a little more to make sure the three statements above are correct.
Perry