Wireshark mailing list archives

Re: Req: Information regarding wireshark file logging

From: Douglas Ross <doug_ross_59 () yahoo co uk>
Date: Mon, 31 May 2010 22:13:00 +0000 (GMT)

Hi,

Yes, of course - I did miss something!
And woke this morning with it in my head (it's now 0800 in Melbourne).
Apologies for my obtuse moment, and thanks for neat explanations.

As a matter of course I specified capture file location, and normally I used tethereal. Now that I'm back in the 
"frame" I've started using tshark.

Next time I'll "think before ink" :)

Cheers
Doug




________________________________
From: Guy Harris <guy () alum mit edu>
To: Community support list for Wireshark <wireshark-users () wireshark org>
Sent: Tue, 1 June, 2010 6:17:06 AM
Subject: Re: [Wireshark-users] Req: Information regarding wireshark file logging


On May 31, 2010, at 6:54 AM, Douglas Ross wrote:

I'd like to discuss a point about "temporary" files.
  
In my experience (Windows), ethereal/wireshark creates files in the location specified by the user (if not stdout).
So they are "permanent".


As Jaap noted, the user doesn't have to specify a location - and, if they don't, it doesn't get written to the standard 
output.  (In fact, Ethereal/Wireshark never allowed the capture to be written to the standard output, and never will 
allow that; the capture has to exist in some form of storage as long as it's open.)

If the user doesn't specify a location, the packets are written to a file in a temporary file directory; if the user 
closes the capture, the file is removed.  It is a named file in the file system, so it's "permanent" in that sense, but 
it's removed when the capture is closed, so it's not "permanent" in that sense.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

Req: Information regarding wireshark file logging surabhi pandey (May 30)
- Re: Req: Information regarding wireshark file logging Douglas Ross (May 31)
- Re: Req: Information regarding wireshark file logging Guy Harris (May 31)
  - Re: Req: Information regarding wireshark file logging Douglas Ross (May 31)
    - Re: Req: Information regarding wireshark file logging Jaap Keuter (May 31)
    - Re: Req: Information regarding wireshark file logging Guy Harris (May 31)
    - Re: Req: Information regarding wireshark file logging Douglas Ross (May 31)