Wireshark mailing list archives
Re: Upgraded wireshark to 1.2.6 but now old pcap files cannot be read
From: Kok-Yong Tan <ktan () realityartisans com>
Date: Tue, 23 Mar 2010 22:45:35 -0400
On Mar 23, 2010, at 22:32, Guy Harris wrote:
On Mar 23, 2010, at 7:04 PM, Kok-Yong Tan wrote:I'm not sure. I wiped the entire MacPorts installation and the whole /opt/local tree and restarted from scratch by downloading the Tiger version of MacPorts, installing it, then typing "port install wireshark".If it was built with a version of libz earlier than 1.2.4, this might either be 1) a bug in libz 1.2.4 or 2) a bug in Wireshark, where it was using libz incorrectly in a fashion that happened to work with earlier versions of libz but doesn't work with libz 1.2.4 as 1) somebody else had a similar problem with Wireshark on Gentoo Linux, and Wireshark was using libz 1.2.4 there and 2) one of the changes in libz 1.2.4 was the "Wholesale replacement of gz* functions with faster versions", those being the routines Wireshark uses to read capture files when built with libz support. Those routines are used even to read *uncompressed* files (the gz* routines in libz handle figuring out whether the file is compressed or not, and hides that from the application reading the file).
Any recommendations? Can I build the version of libz that predates this wholesale replacement of gz* functions? Do you know which one that was? -- Reality Artisans, Inc. # Network Wrangling and Delousing P.O. Box 565, Gracie Station # Apple Certified Consultant New York, NY 10028-0019 # Apple Consultants Network member <http://www.realityartisans.com> # Apple Developer Connection member (212) 369-4876 (Voice) # My PGP public key can be found at <https://keyserver.pgp.com> ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Upgraded wireshark to 1.2.6 but now old pcap files cannot be read Kok-Yong Tan (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but now old pcap files cannot be read Guy Harris (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but now old pcap files cannot be read Kok-Yong Tan (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but now old pcap files cannot be read Guy Harris (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but now old pcap files cannot be read Kok-Yong Tan (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but now old pcap files cannot be read Guy Harris (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but now old pcap files cannot be read Kok-Yong Tan (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but now old pcap files cannot be read Guy Harris (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but now old pcapfiles cannot be read Jose Pedro Oliveira (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but now old pcapfiles cannot be read Kok-Yong Tan (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but nowold pcapfiles cannot be read Jose Pedro Oliveira (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but nowold pcapfiles cannot be read Kok-Yong Tan (Mar 24)
- Re: Upgraded wireshark to 1.2.6 but nowold pcapfiles cannot be read Kok-Yong Tan (Mar 25)
- Re: Upgraded wireshark to 1.2.6 but nowold pcapfiles cannot be read Kok-Yong Tan (Mar 25)
- Re: Upgraded wireshark to 1.2.6 but now old pcap files cannot be read Kok-Yong Tan (Mar 23)
- Re: Upgraded wireshark to 1.2.6 but now old pcap files cannot be read Guy Harris (Mar 23)