Thanks Guy, I'll let you know if I work anything out here.
-Original Message-
From: wireshark-dev-boun...@wireshark.org
[mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Guy Harris
Sent: Friday, 4 December 2015 10:18 AM
To: Developer support list for Wireshark
Subject: Re: [Wires
On Dec 3, 2015, at 3:12 PM, Guy Harris wrote:
> On Dec 3, 2015, at 2:53 PM, Richard Kinder wrote:
>
>> From what I can see, peektagged has no TSF timestamp
>
> The "Peek tagged" format (to use WildPackets^WSavvius's name for it) *does*
> support TSF time stamps;
Sorry, my mistake. What we
On Dec 3, 2015, at 2:53 PM, Richard Kinder wrote:
> From what I can see, peektagged has no TSF timestamp
The "Peek tagged" format (to use WildPackets^WSavvius's name for it) *does*
support TSF time stamps; whether a given capture will have them is another
matter.
> (I've yet to . My understa
I've yet to ... finish that sentence:
I've yet to look more closely at the peektagged format and whether there are
any unparsed tags which may contain the TSF. I'll have a look at the trace
through hexdump to see if there are any other TSF like counters incrementing
appropriately.
-Origina
Sure, I appreciate this. Done for practical reasons, not as a final solution.
From what I can see, peektagged has no TSF timestamp (I've yet to . My
understanding is airopeek etc. will use hardware timestamps when available,
which have much better resolution and accuracy than the TSF.
I'll be l
On Dec 3, 2015, at 2:02 PM, Richard Kinder wrote:
> and I get something which is pcap + RT. I’m pushing the packet timestamp from
> the airopeek capture into the tsfts RT field,
"RT" as in "radiotap"?
If so, the packet timestamp should not be used as the TSF timestamp value;
instead, if the
Thanks for the pointers Guy - very useful.
-Original Message-
From: wireshark-dev-boun...@wireshark.org
[mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Guy Harris
Sent: Friday, 4 December 2015 5:53 AM
To: Tim Furlong
Cc: Developer support list for Wireshark
Subject: Re: [Wires
Hi Tim,
Appreciate you spending the time to reply.
I’ve hacked up a small change to libwiretap to insert a basic radiotap header.
It’s unclean right now but does the job.
I can now run a command such as:
editcap -F pcap -T ieee-802-11-radiotap input.pkt output.pcap
and I get something which i
On Dec 3, 2015, at 7:29 AM, Tim Furlong wrote:
> One of the biggest challenges you'll face in this is that the code to parse
> radiotap is in epan/dissectors and gets compiled into libwireshark; you won't
> want to pull libwireshark in to editcap (it'd kind of defeat the purpose of
> editcap)
Hi Richard,
Sorry for the delay in getting back to you - and I wish I had more time to
look into it before responding, but the baby will be up soon and I wanted
to follow up while I had a few minutes.
Also, quick but important caveat: I'm a dev-list lurker, as opposed to a
core Wireshark develope
2015-12-02 21:25 GMT+01:00 Pascal Quantin :
>
>
> 2015-11-30 20:15 GMT+01:00 Guy Harris :
>>
>>
>> On Nov 30, 2015, at 11:07 AM, Pascal Quantin
>> wrote:
>>
>>
>> > Yes I should have been clearer in my initial description.
>> > My suggestion with an extra parameter giving the hash table address is
On Thu, Dec 3, 2015 at 9:27 AM, wrote:
> Hello everyone,
>
> I've started cobbling together a dissector plugin for the CQL binary
> protocol used by Apache Cassandra. I'm brand new to Wireshark development,
> so I'm sure some patterns could be improved. I'm hoping to get some
> feedback on what I
Hello everyone,
I've started cobbling together a dissector plugin for the CQL binary protocol
used by Apache Cassandra. I'm brand new to Wireshark development, so I'm sure
some patterns could be improved. I'm hoping to get some feedback on what I have
so far:
https://gist.githubusercontent.com
13 matches
Mail list logo
