diff options
| author | Guy Harris <guy@alum.mit.edu> | 2000-07-26 06:04:34 +0000 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2000-07-26 06:04:34 +0000 |
| commit | 7de3b988bd496445c2cb4437114a88c1777fce06 (patch) | |
| tree | c544caebc0582443cae43364971ad76843dd21ba /doc | |
| parent | dd094a889110358b40081414fdde206fc2c4060d (diff) | |
In the final scene of the horror movie, just when you think the monster
is finally dead, and you're walking away, it springs up again and
attacks.
It appears that the ss990915 version of Alexey Kuznetzov's libpcap patch
has some extra stuff in the per-packet header for some sort of SMP
debugging, and that SuSE Linux 6.3 picked it up.
Thus, even if a libpcap file has the modified magic number, we *still*
have to go through the usual heuristic hell to figure out what type of
file it is.
svn path=/trunk/; revision=2164
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/editcap.pod | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/editcap.pod b/doc/editcap.pod index 41dddebdff..3eaec44515 100644 --- a/doc/editcap.pod +++ b/doc/editcap.pod @@ -38,9 +38,10 @@ all of the packets in the capture file to the output file. The B<-F> flag can be used to specify the format in which to write the capture file; it can write the file in B<libpcap> format (standard B<libpcap> format, a modified format used by some patched versions of B<libpcap>, -or the format used by Red Hat Linux 6.1), B<snoop> format, uncompressed -B<Sniffer> format, Microsoft B<Network Monitor> 1.x format, and the -format used by Windows-based versions of the B<Sniffer> software. +the format used by Red Hat Linux 6.1, or the format used by SuSE Linux +6.3), B<snoop> format, uncompressed B<Sniffer> format, Microsoft +B<Network Monitor> 1.x format, and the format used by Windows-based +versions of the B<Sniffer> software. A list of packet numbers can be specified on the command line; the packets with those numbers will I<not> be written to the capture file, |