[Wireshark-dev] changing the time
Hi everybody, It's my first question so, nice to meet you! I'm writing new dissector (plugin). I want to change the time of the packet. I tried to change pinfo-fd-rel_ts.secs and pinfo-fd-rel_ts.nsecs. It looks like I did it BUT, after sorting, not all packets are in the exact place. Do you have an example, idea or any recommendation? Thanks, Natalie. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] changing the time
Hi, Those are the timestamps of packet arrival there should be no need to change them from a dissector - sounds like a bad idea to me. Regards Anders From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Natalie Shapira Sent: den 30 januari 2013 09:16 To: wireshark-dev@wireshark.org Subject: [Wireshark-dev] changing the time Hi everybody, It's my first question so, nice to meet you! I'm writing new dissector (plugin). I want to change the time of the packet. I tried to change pinfo-fd-rel_ts.secs and pinfo-fd-rel_ts.nsecs. It looks like I did it BUT, after sorting, not all packets are in the exact place. Do you have an example, idea or any recommendation? Thanks, Natalie. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] changing the time
I have no choice. It's a workaround for a hardware bug. On Wed, Jan 30, 2013 at 11:05 AM, Anders Broman anders.bro...@ericsson.comwrote: ** Hi, Those are the timestamps of packet arrival there should be no need to change them from a dissector - sounds like a bad idea to me. Regards Anders -- *From:* wireshark-dev-boun...@wireshark.org [mailto: wireshark-dev-boun...@wireshark.org] *On Behalf Of *Natalie Shapira *Sent:* den 30 januari 2013 09:16 *To:* wireshark-dev@wireshark.org *Subject:* [Wireshark-dev] changing the time Hi everybody, It's my first question so, nice to meet you! I'm writing new dissector (plugin). I want to change the time of the packet. I tried to change pinfo-fd-rel_ts.secs and pinfo-fd-rel_ts.nsecs. It looks like I did it BUT, after sorting, not all packets are in the exact place. Do you have an example, idea or any recommendation? Thanks, Natalie. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org ?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] changing the time
Anyway, you gave me other idea. What about making new column of my_timestamp and sort by that column... Do I have the ability to add a new column from a dissector? On Wed, Jan 30, 2013 at 11:46 AM, Natalie Shapira nd1...@gmail.com wrote: I have no choice. It's a workaround for a hardware bug. On Wed, Jan 30, 2013 at 11:05 AM, Anders Broman anders.bro...@ericsson.com wrote: ** Hi, Those are the timestamps of packet arrival there should be no need to change them from a dissector - sounds like a bad idea to me. Regards Anders -- *From:* wireshark-dev-boun...@wireshark.org [mailto: wireshark-dev-boun...@wireshark.org] *On Behalf Of *Natalie Shapira *Sent:* den 30 januari 2013 09:16 *To:* wireshark-dev@wireshark.org *Subject:* [Wireshark-dev] changing the time Hi everybody, It's my first question so, nice to meet you! I'm writing new dissector (plugin). I want to change the time of the packet. I tried to change pinfo-fd-rel_ts.secs and pinfo-fd-rel_ts.nsecs. It looks like I did it BUT, after sorting, not all packets are in the exact place. Do you have an example, idea or any recommendation? Thanks, Natalie. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org ?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] changing the time
You can add the new timestamp as a regular dissected field. Wireshark allows you to create columns out of arbitrary fields in dissected packets. Cheers, Evan On Wed, Jan 30, 2013 at 4:51 AM, Natalie Shapira nd1...@gmail.com wrote: Anyway, you gave me other idea. What about making new column of my_timestamp and sort by that column... Do I have the ability to add a new column from a dissector? On Wed, Jan 30, 2013 at 11:46 AM, Natalie Shapira nd1...@gmail.com wrote: I have no choice. It's a workaround for a hardware bug. On Wed, Jan 30, 2013 at 11:05 AM, Anders Broman anders.bro...@ericsson.com wrote: Hi, Those are the timestamps of packet arrival there should be no need to change them from a dissector - sounds like a bad idea to me. Regards Anders From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Natalie Shapira Sent: den 30 januari 2013 09:16 To: wireshark-dev@wireshark.org Subject: [Wireshark-dev] changing the time Hi everybody, It's my first question so, nice to meet you! I'm writing new dissector (plugin). I want to change the time of the packet. I tried to change pinfo-fd-rel_ts.secs and pinfo-fd-rel_ts.nsecs. It looks like I did it BUT, after sorting, not all packets are in the exact place. Do you have an example, idea or any recommendation? Thanks, Natalie. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Permission to use the icon
Hello We work on Windows Package Manager ( http://code.google.com/p/windows-package-manager/) released under GNU GPL license. It helps to find and install software, keep a system up-to-date and uninstall it if no longer necessary. I'd like to ask for permission to copy the 'Wireshark' icon (wireshark-1.8.5/image/wsicon32.png) to Npackd web server and use it for 'Wireshark' package identifying icon. Thank You Evgeny -- Best regards! ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Having issues with wireshark dissector installation
Hello, I am a newbie to programming. I am having issues with compiling the a basic dissector that I created as per the developer guide. I have the code but I am not able to compile it. I tried the steps to build it, but having issues with compiling it. I tried from WIndows to compile it and followed the step by step guide: http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html But I am getting error installing the SDK and it shows installation failed. A problem occurred while installing selected Windows SDK components. Installation of the Microsoft Windows SDK for Windows 7 product has reported the following error: Please refer to Samples\Setup\HTML\ConfigDetails.htm document for further information. Can I get some help in fixing it. Also I am trying it from my Ubuntu machine also. Can someone give me some guidance how to compile it from Ubuntu machine. I have the same setup inside my ubuntu VM. I have created a new directory inside the plugins folder with all the necessary files and the new plugin.c. Should I compile it in the same way I compiled wireshark or are there any other steps I need to follow? Any guidance will be appreciated. Thanks! Arshad ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Having issues with wireshark dissector installation
On 30 January 2013 17:10, Arshad heyars...@gmail.com wrote: Hello, I am a newbie to programming. I am having issues with compiling the a basic dissector that I created as per the developer guide. I have the code but I am not able to compile it. I tried the steps to build it, but having issues with compiling it. I tried from WIndows to compile it and followed the step by step guide: http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html But I am getting error installing the SDK and it shows installation failed. A problem occurred while installing selected Windows SDK components. Installation of the Microsoft Windows SDK for Windows 7 product has reported the following error: Please refer to Samples\Setup\HTML\ConfigDetails.htm document for further information. Can I get some help in fixing it. I'm guessing you are using VS 2010 Express. If so, you only need the SDK for 64 bit versions of wireshark. Unless you really need a 64 bit version, don't install the SDK. Graham ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Having issues with wireshark dissector installation
-Original Message- From: Graham Bloice graham.blo...@trihedral.com Sent: Jan 30, 2013 12:41 PM To: Developer support list for Wireshark wireshark-dev@wireshark.org Subject: Re: [Wireshark-dev] Having issues with wireshark dissector installation On 30 January 2013 17:10, Arshad heyars...@gmail.com wrote: Hello, I am a newbie to programming. I am having issues with compiling the a basic dissector that I created as per the developer guide. I have the code but I am not able to compile it. I tried the steps to build it, but having issues with compiling it. I tried from WIndows to compile it and followed the step by step guide: http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html But I am getting error installing the SDK and it shows installation failed. A problem occurred while installing selected Windows SDK components. Installation of the Microsoft Windows SDK for Windows 7 product has reported the following error: Please refer to Samples\Setup\HTML\ConfigDetails.htm document for further information. Can I get some help in fixing it. I'm guessing you are using VS 2010 Express. If so, you only need the SDK for 64 bit versions of wireshark. Unless you really need a 64 bit version, don't install the SDK. For what it's worth, I use VS 2010 Express and have it set up for either 64- or 32-bit compilation. To make it simple, I use the following batch file: @echo off if %1 == goto x86 if /i %1 == x86 goto x86 if /i %1 == x64 goto x64 goto usage :usage echo Error in script usage. The correct usage is: echo %0 [option] echo where [option] is: x86 ^| x64 echo: echo For example: echo %0 x86 goto :eof :x64 set WIRESHARK_TARGET_PLATFORM=win64 call c:\Program Files\Microsoft SDKs\Windows\v7.1\Bin\SetEnv.Cmd /Release /x64 goto :eof :x86 set WIRESHARK_TARGET_PLATFORM=win32 call c:\Program Files\Microsoft SDKs\Windows\v7.1\Bin\SetEnv.Cmd /Release /x86 goto :eof Ed ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Having issues with wireshark dissector installation
Thanks! I will try those. In the mean time can I get some information on how to implement the same in Ubuntu environment? Thanks On Wed, Jan 30, 2013 at 11:55 AM, Ed Beroset bero...@mindspring.com wrote: -Original Message- From: Graham Bloice graham.blo...@trihedral.com Sent: Jan 30, 2013 12:41 PM To: Developer support list for Wireshark wireshark-dev@wireshark.org Subject: Re: [Wireshark-dev] Having issues with wireshark dissector installation On 30 January 2013 17:10, Arshad heyars...@gmail.com wrote: Hello, I am a newbie to programming. I am having issues with compiling the a basic dissector that I created as per the developer guide. I have the code but I am not able to compile it. I tried the steps to build it, but having issues with compiling it. I tried from WIndows to compile it and followed the step by step guide: http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html But I am getting error installing the SDK and it shows installation failed. A problem occurred while installing selected Windows SDK components. Installation of the Microsoft Windows SDK for Windows 7 product has reported the following error: Please refer to Samples\Setup\HTML\ConfigDetails.htm document for further information. Can I get some help in fixing it. I'm guessing you are using VS 2010 Express. If so, you only need the SDK for 64 bit versions of wireshark. Unless you really need a 64 bit version, don't install the SDK. For what it's worth, I use VS 2010 Express and have it set up for either 64- or 32-bit compilation. To make it simple, I use the following batch file: @echo off if %1 == goto x86 if /i %1 == x86 goto x86 if /i %1 == x64 goto x64 goto usage :usage echo Error in script usage. The correct usage is: echo %0 [option] echo where [option] is: x86 ^| x64 echo: echo For example: echo %0 x86 goto :eof :x64 set WIRESHARK_TARGET_PLATFORM=win64 call c:\Program Files\Microsoft SDKs\Windows\v7.1\Bin\SetEnv.Cmd /Release /x64 goto :eof :x86 set WIRESHARK_TARGET_PLATFORM=win32 call c:\Program Files\Microsoft SDKs\Windows\v7.1\Bin\SetEnv.Cmd /Release /x86 goto :eof Ed ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org ?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Having issues with wireshark dissector installation
On 30 January 2013 18:00, Arshad heyars...@gmail.com wrote: Thanks! I will try those. In the mean time can I get some information on how to implement the same in Ubuntu environment? Thanks What doesn't work? I haven't tried it but I think you make make sure all the build requirements are there by using apt-get build-dep wireshark. Graham ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Win7 - 64 bit build
I was having issues compiling a x64 build of Wireshark on a Win7x64 bit PC. I followed the instructions to the letter as referenced in the Win build page: http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html All to no avail. After reinstalling several times and googling for most of the day, the answer was found. The referenced sugested setup batch file to build x64 Wireshark is: @echo off echo Adding things to the path... set PATH=%PATH%;. set PATH=%PATH%;c:\cygwin\bin echo Setting up Visual Studio environment... call c:\Program Files\Microsoft Visual Studio 10.0\VC\bin\vcvars32.bat amd64 title Command Prompt (VC++ 2010) The issue was that the vcvars32.bat amd64 branch is broken. The script is looking for files that don't exist. To fix this the line 'call c:\windows... line should now read: call c:\Program Files\Microsoft SDKs\Windows\v7.1\BIn\SetEnv.cmd /x64 The /x64 can be changed to set any number of different compile options. The file vcvars32.bat does exist and if you wish to compile 32 bit programs, all should be OK without this change. Thanks as always Alex Lindberg ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] A very minor Q re checkAPIs 'name for hf... has trailing space ...' error checking
I've been doing a small update to checkAPIs.pl.
Among other things: I changed the code to remove comments from the
source code string before calling check_hf_entries() since the check
doesn't detect an hf... entry if it contains a comment.
I now get:
Error: the name for hf_ppi_vector_rot_x (ppi_vector.pitch) has
trailing space in packet-ppi-vector.c
Error: the name for hf_ppi_vector_rot_y (ppi_vector.roll) has
trailing space in packet-ppi-vector.c
Error: the name for hf_ppi_vector_rot_z (ppi_vector.heading) has
trailing space in packet-ppi-vector.c
Looking at packet-ppi-vector.c, I see:
{ Pitch , ppi_vector.pitch, /*extra spaces intentional. casuses
field values to align*/
...
In fact, the field values do align when displayed.
So: What to do ?
My inclination would be just to remove the trailing spaces in the three
names (labels) since it appears that it's felt that there should not be
trailing spaces in field labels.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3548
Thoughts ?
Bill
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] A very minor Q re checkAPIs 'name for hf... has trailing space ...' error checking
On Wed, Jan 30, 2013 at 6:38 PM, Bill Meier wme...@newsguy.com wrote:
I've been doing a small update to checkAPIs.pl.
Among other things: I changed the code to remove comments from the source
code string before calling check_hf_entries() since the check doesn't detect
an hf... entry if it contains a comment.
I now get:
Error: the name for hf_ppi_vector_rot_x (ppi_vector.pitch) has
trailing space in packet-ppi-vector.c
Error: the name for hf_ppi_vector_rot_y (ppi_vector.roll) has
trailing space in packet-ppi-vector.c
Error: the name for hf_ppi_vector_rot_z (ppi_vector.heading) has
trailing space in packet-ppi-vector.c
Looking at packet-ppi-vector.c, I see:
{ Pitch , ppi_vector.pitch, /*extra spaces intentional. casuses
field values to align*/
...
In fact, the field values do align when displayed.
So: What to do ?
My inclination would be just to remove the trailing spaces in the three
names (labels) since it appears that it's felt that there should not be
trailing spaces in field labels.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3548
Thoughts ?
Agree that removing the trailing spaces is the right thing to do. If
we want fields to align (which would be nice, I admit) it should be
done in some dissector-agnostic way.
Evan
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Win7 - 64 bit build
Alex Lindberg wrote: I was having issues compiling a x64 build of Wireshark on a Win7x64 bit PC. I followed the instructions to the letter as referenced in the Win build page: http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html All to no avail. After reinstalling several times and googling for most of the day, the answer was found. The referenced sugested setup batch file to build x64 Wireshark is: @echo off echo Adding things to the path... set PATH=%PATH%;. set PATH=%PATH%;c:\cygwin\bin echo Setting up Visual Studio environment... call c:\Program Files\Microsoft Visual Studio 10.0\VC\bin\vcvars32.bat amd64 title Command Prompt (VC++ 2010) The issue was that the vcvars32.bat amd64 branch is broken. The script is looking for files that don't exist. To fix this the line 'call c:\windows... line should now read: call c:\Program Files\Microsoft SDKs\Windows\v7.1\BIn\SetEnv.cmd /x64 The /x64 can be changed to set any number of different compile options. Thanks for reporting back. I have been intending to redo the build instructions for a while and this gives me both the confirmation that the existing instructions really need revision and that the edits that I have in mind will work. Now all I need is to actually get around to doing the work! :) Thanks! Ed ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] [Wireshark-commits] rev 47381: /trunk-1.8/epan/dissectors/ /trunk-1.8/epan/dissectors/: packet-tcp.c
Two points of interest here: - The original fix in trunk was a coverity fix and wasn't backported at the time (I assume) because it wasn't known to fix an actual crash. Should we have some sort of policy to avoid this, by e.g. backporting fixes for all coverity issues when possible? - The exact check being made happens in two different places in trunk with *exactly* the same code. Is that intentional (in which case there should be an explanatory comment) or can one of them be removed? Cheers, Evan On Wed, Jan 30, 2013 at 7:41 PM, eapa...@wireshark.org wrote: http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=revrevision=47381 User: eapache Date: 2013/01/30 04:41 PM Log: Manually rediscover r43185 to fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8274 Directory: /trunk-1.8/epan/dissectors/ ChangesPathAction +1 -1 packet-tcp.cModified ___ Sent via:Wireshark-commits mailing list wireshark-comm...@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-commits Unsubscribe: https://wireshark.org/mailman/options/wireshark-commits mailto:wireshark-commits-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] changing the time
Thanks. Eventually I override pinfo-fd-rel_ts pinfo-fd-del_dis_ts It looks good. If I would have problems again, I will create separate column. BTW, can you think about dissector who did it (adding column)? so I could use it as an example.. Natalie. On Wed, Jan 30, 2013 at 2:44 PM, Evan Huus eapa...@gmail.com wrote: You can add the new timestamp as a regular dissected field. Wireshark allows you to create columns out of arbitrary fields in dissected packets. Cheers, Evan On Wed, Jan 30, 2013 at 4:51 AM, Natalie Shapira nd1...@gmail.com wrote: Anyway, you gave me other idea. What about making new column of my_timestamp and sort by that column... Do I have the ability to add a new column from a dissector? On Wed, Jan 30, 2013 at 11:46 AM, Natalie Shapira nd1...@gmail.com wrote: I have no choice. It's a workaround for a hardware bug. On Wed, Jan 30, 2013 at 11:05 AM, Anders Broman anders.bro...@ericsson.com wrote: Hi, Those are the timestamps of packet arrival there should be no need to change them from a dissector - sounds like a bad idea to me. Regards Anders From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Natalie Shapira Sent: den 30 januari 2013 09:16 To: wireshark-dev@wireshark.org Subject: [Wireshark-dev] changing the time Hi everybody, It's my first question so, nice to meet you! I'm writing new dissector (plugin). I want to change the time of the packet. I tried to change pinfo-fd-rel_ts.secs and pinfo-fd-rel_ts.nsecs. It looks like I did it BUT, after sorting, not all packets are in the exact place. Do you have an example, idea or any recommendation? Thanks, Natalie. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org ?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org ?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
