Which versions of pcap files accept pcap_open_offline()?

[vcarela <vcarela () ac upc edu>]

Hello list,

I'm trying to do a sniffer program with a simple structure:

int main (int argc, char **argv)
{

        pcap_t *p;
        char filename[80];      //pcap source file
        char errbuf[PCAP_ERRBUF_SIZE];
        char prestr[80];                       

        if(argc >= 1){
                strcpy(filename,argv[1]);
        }else{
                strcpy(filename, PCAP_SAVEFILE);
        }

        if(!(p=pcap_open_offline(filename, errbuf))){
                fprintf(stderr,"error abriendo el fichero, %s, en modo lectura:%s
\n",filename, errbuf);
                exit(2);
        } 

                if(pcap_compile(p, &fp, "ip", 0, net)==-1)
        {
                fprintf(stderr, "Error compilando el filtro '%s' \n",FILTER);
                exit(1);
        }

        if(pcap_setfilter(p, &fp)==-1)
        {
                fprintf(stderr, "Error aplicando el filtro '%s' \n",FILTER);
                exit(1);
        }

        if(pcap_dispatch(p, 0, &my_callback, (char *)0) < 0){
                pcap_perror(p,prestr);
                exit(4);
        }


        pcap_close(p);

        return 0;

}

The problem is that if I capture with wireshark a trace from my eth0
connection and I save it as a "Wireshark/tcpdump/...-libpcap" file. Then
when I run the sniffer with this pcap trace the sniffer runs properly. 
But if I open a .erf trace from a DAG card with wireshark and I save it
as a "Wireshark/tcpdump/...-libpcap" when I run this trace in the
sniffer no packets are dispatched. I have used different types of
wireshark conversion but none works. And the .erf trace is correct.

Any hints? 

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.