kenny <sigafoose@...> writes:
> I am using the following command:
> editcap -A 2013-06-18 11:36:48 -B 2013-06-18 11:40:48 in.pcap out.pcap
>
>
> It seems to be formatted correctly however the output of the editcap
command is complaining about the formatting of the -A option.
>
> "editcap: "2013-06-18" isn't a valid time format"
Because of the space between the date and time, you need to enclose the
timestamp witin quotes so it's read as a single string. Try:
editcap -A "2013-06-18 11:36:48" -B "2013-06-18 11:40:48" in.pcap out.pcap