Hi Alexander, I should have mentioned I didn't actually use Wireshark, I used tcpdump but labeled it pcap so its just plain text. Will this be ok? This was the command I used: tcpdump -i eth0 -xn not arp and not rarp and src 10.140.1.34 or dst 10.140.1.34 > formattest.pcap Regards, Doug On May 14, 2013, at 12:33 PM, Alexander Nezhinsky <nezhinsky@xxxxxxxxx> wrote: > Doug, > > There is a problem with the file. Wireshark refuses to open it complaining about "a format it can't understand" > and even tcpdump itself says this: > > $ tcpdump -qns 0 -X -r formattest.pcap > tcpdump: unknown file format > > > On Tue, May 14, 2013 at 9:57 PM, Doug Clow <doug.clow@xxxxxxxxxxx> wrote: > Alexander, > > Here is the tcpdump you requested. I start by connecting to the disk and then immediately attempt a quick format from Windows. That produced a huge file so I uploaded it to Yousendit. This is the download link: > > https://www.yousendit.com/download/UVJnNHAzTkE4aVBtcXRVag > > > -- To unsubscribe from this list: send the line "unsubscribe stgt" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
