Wireshark mailing list archives
Re: Packet Size limited during capture message
From: Brian Oleksa <oleksab () darkcornersoftware com>
Date: Tue, 23 Mar 2010 22:37:13 -0400
Bill Can you collaborate on this a little more..?? Do I want to pass in my .pcap file as the <infile> to which I am having problems with..?? And I am assuming that you want me to pass in the "ballpark" number (or a range) to where I think the crash occurs. I can load about 70% of the file...which is right around frame # 16813..... For example: C:\wireshark\editcap test.pcap -r 16813-20000 is this what you do..?? Thanks, Brian Bill Meier wrote:
Brian Oleksa wrote:Guy The 70% that I can load has a bunch of helen packets in it and every one of the helen packets has the "Packet size limited during capture" message. Even the very first helen packet. I do not believe that one packet relies on one another. A packet is just a packet. I will have to use the debugger to dig deeper into this one. Thanks, BrianThe standard way I approach this type of situation is to first use editcap -r m-n (where m & n are frame numbers) repeatedly to extract a portion of the capture file and then see if I get a crash with that portion. In effect, I do a kind of binary search to get the minimum number of frames (hopefully one frame) in the capture file to cause a crash. (This is easier if the crash occurs with tshark). ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Packet Size limited during capture message, (continued)
- Re: Packet Size limited during capture message Maynard, Chris (Mar 23)
- Re: Packet Size limited during capture message Brian Oleksa (Mar 23)
- Re: Packet Size limited during capture message Maynard, Chris (Mar 24)
- Re: Packet Size limited during capture message Martin Visser (Mar 23)
- Re: Packet Size limited during capture message Brian Oleksa (Mar 23)
- Re: Packet Size limited during capture message Brian Oleksa (Mar 23)
- Re: Packet Size limited during capture message Guy Harris (Mar 23)
- Re: Packet Size limited during capture message Brian Oleksa (Mar 23)
- Re: Packet Size limited during capture message Bill Meier (Mar 23)
- Re: Packet Size limited during capture message Brian Oleksa (Mar 23)
- Re: Packet Size limited during capture message Bill Meier (Mar 23)
- Re: Packet Size limited during capture message Brian Oleksa (Mar 23)
- Re: Packet Size limited during capture message Bill Meier (Mar 23)
- Re: Packet Size limited during capture message Brian Oleksa (Mar 23)
- Re: Packet Size limited during capture message Brian Oleksa (Mar 24)
- Re: Packet Size limited during capture message Maynard, Chris (Mar 24)
- Re: Packet Size limited during capture message Brian Oleksa (Mar 25)
- Re: Packet Size limited during capture message Maynard, Chris (Mar 25)
- Re: Packet Size limited during capture message Brian Oleksa (Mar 25)