[Winpcap-users] The capture file appears to be damaged or corrupt. (pcap: Files has 109736-byte packet, bigger than maximum of 65535)

[Joseph Laibach]

WinPcap Version 4.1.1
Windows 2003 Server R2 64bit
Intel(R) PRO/1000 PT Dual Port Server Adapter

I'm running into an issues when I analyze the captured traffic. I'm using Wireshark to read the files. It seems that the capture length is set to a smaller number of bytes than is on the wire. If I use a hex-editor to fix the "capture length" the file is readable until I hit the next occurrence. Is there anything that I can use at the command line to correct this issue or is there something that I'm doing wrong with the syntax

Here is the syntax of the capture that I am running:

C:\"Program Files"\Wireshark\dumpcap.exe -i \Device\NPF_{21741AFC-E45E-46A6-9740-9E233E4FF91D} -w d:\SFTI_capture -b files:20000 -b filesize:8192 -B 256

Thanks

Joe



This communication is for informational purposes only.  It is not intended as an offer or solicitation or as an official confirmation.  Market prices and other information are not guaranteed as to completeness or accuracy and are subject to change without notice.  Schonfeld Group reserves the right to monitor and review the content of all messages sent to or from this e-mail address.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winpcap.org/pipermail/winpcap-users/attachments/20100517/ac480be9/attachment.htm