Wireshark · Wireshark-users: Re: [Wireshark-users] tshark @ linux 64

Wireshark-users: Re: [Wireshark-users] tshark @ linux 64

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Sat, 18 Apr 2009 10:08:58 -0700


On Apr 17, 2009, at 11:28 PM, Oto BREZINA wrote:

I have run into problem after some of previous update of debiantesting

tshark did not work properly. Instead of getting packet information I
get something like "malformated packet". This issue apears only on 64
bit kernel. Everything works properly on 32 bit.

Are you doing a live capture with TShark, or are you reading anexisting capture file?

Are you using the exact same TShark binary on the 64-bit kernel andthe 32-bit kernel?

Is this bug?


It sounds like a bug in *some* piece of software.

In there package for 64 bit kernel ?

There shouldn't *have* to be - at least for instruction sets wherethere are both 32-bit and 64-bit variants, most if not all of the 64-bit versions of the Linux kernel should fully support 32-bit userlandcode.

What happens if, for example, you try capturing the traffic with"tcpdump -i {interface} -s 0 -w {file}" and then read the file withTShark? If that also doesn't work, there might be a bug in the Linuxkernel, for example.

References:
- [Wireshark-users] tshark @ linux 64
  - From: Oto BREZINA

Prev by Date: [Wireshark-users] tshark @ linux 64
Next by Date: [Wireshark-users] Exporting the RTP/RTSP video stream from a dump file
Previous by thread: [Wireshark-users] tshark @ linux 64
Next by thread: [Wireshark-users] Exporting the RTP/RTSP video stream from a dump file
Index(es):
- Date
- Thread