Re: N in 1 packets

[Guy Harris <guy () alum mit edu>]

On Dec 11, 2011, at 4:51 AM, Akos Vandra wrote:

> The missing wireshark error is:
>
> Invalid capture filter "" for interface trace1!
> That string isn't a valid capture filter (unknown data link type 292).
> See the User's guide for a description of the capture filter syntax.

When a new link-layer header type for capturing is added, libpcap's filter-compiling code needs to have support for it 
added, even if it's trivial support.  See the "Currently, only raw "link[N:M]" filtering is supported." instances in 
gencode.c

> And here you can find my not-so-pretty code, it has to be cleaned up a
> lot, right now I am in the phase "hmm... let's see if that will
> work..." :)
> http://pastebin.com/fVnrEfpr

> From that, it looks as if there are no time stamps in the data stream itself; the code is getting time stamps from 
> gettimeofday().

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe