Wireshark-users: Re: [Wireshark-users] Upgraded wireshark to 1.2.6 but now old pcap files cannot
On Mar 23, 2010, at 21:36, Guy Harris wrote:
On Mar 23, 2010, at 6:29 PM, Kok-Yong Tan wrote:
I've just upgraded wireshark via MacPorts to version 1.2.6 on a PPC
MacOS 10.4.11 system with Xcode 2.5 installed. Previous pcap files
which were readable in prior versions suddenly cannot be read. I'm
getting this error:
The capture file appears to be damaged or corrupt (pcap: File has
4294901760-byte packet, bigger than maximum of 65535)
What does "wireshark -v" print?
It prints:
wireshark 1.2.6
Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and
contributors.
This is free software; see the source for copying conditions. There
is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
Compiled with GTK+ 2.18.7, with GLib 2.22.5, with libpcap 1.0.0, with
libz
1.2.4, without POSIX capabilities, without libpcre, without SMI, with
c-ares
1.7.0, with Lua 5.1, without GnuTLS, without Gcrypt, with MIT
Kerberos, without
GeoIP, without PortAudio, without AirPcap.
Running on Darwin 8.11.0 (MacOS 10.4.11), with libpcap version 1.0.0.
Built using gcc 4.0.1 (Apple Computer, Inc. build 5370).
--
Reality Artisans, Inc. # Network Wrangling and Delousing
P.O. Box 565, Gracie Station # Apple Certified Consultant
New York, NY 10028-0019 # Apple Consultants Network member
<http://www.realityartisans.com> # Apple Developer Connection member
(212) 369-4876 (Voice) # My PGP public key can be found
at <https://keyserver.pgp.com>