Home > Others

Wireshark Usage Experience

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

File parsing on Pcap file There's a lot of information on the web, and I don't know it here.

Experience One: Wireshark Runtime Error

In general, Wireshark is not suitable for long-time capture packages, that is, over time, will always report the above errors, generally as follows:

Because Wireshark data is kept in memory, so as the capture time increases, it will be reported memory overflow error, it seems that the memory is not freed ... This is a bug in Wireshark.

Experience Two: Multi-file capture

With this in mind, it's easy to think of saving the captured data into multiple files, so you'll use the following settings:

Refer to the blog http://www.cnblogs.com/caoguoping100/p/3658792.html for specific actions

In addition to the last command I think the wrong thing to say, the other blog is very clear about the story.

However, it did not solve the problem because ... Wireshark still does not release memory.

Interested can be read carefully under: https://wiki.wireshark.org/KnownBugs/OutOfMemory

Experience Three: the use of windump

Since the above are not feasible, then use tcpdump this good tool, but because the server is Windows, so you can only choose to have windows under the tcpdump of the windump, however, I found lost packets ... and particularly serious. Well, you ask me how I know that in

, there is a capture length, which is significantly smaller than the length of the package.

I don't know why .... So you don't have to use this tool.

Experience Four: dumpcap command use

Solve the problem is seen from this, https://blog.packet-foo.com/2013/05/the-notorious-wireshark-out-of-memory-problem/, Of course, the link to the blog Park mentioned earlier is also written.

Wireshark actually call is the Dumpcap command, and this default in the Wireshark installation time exists, so very convenient, specific use can

dumpcap -h #帮助命令


It is worth mentioning that the default Dumpcap default save is the pcapng format, unlike the PCAP format, if you want to save the file is Pcap format, you need to specify the-p parameter.

Above, the last one dumpcap solve the problem.

Wireshark Usage Experience

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
nfr experience whatsyourprice experience samsung experience 8 1 step 2 ck experience senior user experience designer flex experience run 4 user experience best practices

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More