[OpenWrt-Users] tcpdump-wireshark
Jeroen Lankheet
admin1 at lankheet.com
Thu Jul 26 21:52:28 CEST 2007
Munaretto, Daniele wrote:
> Hi all,
>
> I need your help for a little issue I encountered.
> I am a beginner and it's the first time I use openWRT, now on a router ASUS
> 500g Premium.
>
> The question is: I saved the data I got by using tcpdump on a file, then I
> tried to load that file on my laptop (win xp) using wireshark, but it gives
> to me this issue:
> "
> The capture file has a packet with a network type that Wireshark doesn't
> support.
> (erf: unknown record encapsulation 46)
> "
>
> What should I do to avoid this problem? I really need to sniff packets by
> using my router and then check them on this ethereal tool.
> Hoping someone can help me, it's really urgent!
> Daniele
>
> Daniele Munaretto
> Researcher
>
> DoCoMo Communications Laboratories Europe GmbH
> Landsbergerstraße 312 80687 Munich Germany
>
> Mobile : +49- 162- 2919-218
> Office : +49- 89- 56824-218
> Fax : +49- 89- 56824-300
>
> munaretto at docomolab-euro.com
> visit us in http://www.docomolab-euro.com
>
> Managing Directors (Geschäftsführer):
> Dr. Toru Otsu, Dr. Narumi Umeda, Kazushige Yoshida
> Amtsgericht München, HRB 132967
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> openwrt-users mailing list
> openwrt-users at lists.openwrt.org
> http://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users
>
Hi Daniele,
I think the format of tcpdump is incompatible with wireshark's capture
format. Wireshark puts lots of additional information in the capture
files and saves it as binary files.
tcpdump on the other hand just creates readable text and it also depends
on the command line switches you set. So you should be able to read the
tcpdump file with a normal text editor on Windows.
Regards,
Jeroen.
More information about the openwrt-users
mailing list