Hi all,
I have found various posts on this, but no resolution.
I have enabled --create-other-packets and --create-suspicious-packets -
but I can't seam to decode the file with snoop, tcpdump, wire shark, or
any tool.
I though maybe last year is was to do with some libcap version - but
many releases later, I still have the same issue.
probe ntop # tcpdump -r ntop-other-pkts.eth1.pcap
reading from file ntop-other-pkts.eth1.pcap, link-type EN10MB (Ethernet)
-2:-46:-20.262146 [|ether]
tcpdump: pcap_loop: bogus savefile header
Is this a trick or conversion I should be ware of ?
Cheers,
Jason
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
