Re: [Wireshark-dev] [Bug 6086] How does it work?

Well, I guess your expectations are a bit off.

> 1. It would work on all protocols that had a FT_ABSOLUTE_TIME item (satisfying most of bug 1381)

It changed the date parser. It should work on any FT_ABSOLUTE_TIME item.

> 2. Missing date/time fields in the filter would be set to 0 and considered "don't care" (ie "frame.time == 2011-08-02" would filter all frames received on Aug 2, 2011, regardless of hour/minute/second values)

missing fields are set to 0, but you still get a timestamp, meaning a point in
time. If you want to display all frames captures today, you'll write a filter as

"frame.time>='2011-08-02 00:00:00' && frame.time<='2011-08-02 23:59:59'"

-- ---> Dirk Jagdmann ----> http://cubic.org/~doj -----> http://llg.cubic.org ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe

• This message: [ Message body ]
• Next message: Jeff Morriss: "Re: [Wireshark-dev] [Wireshark-commits] rev 38304: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-snmp.c"
• Previous message: Bill Meier: "Re: [Wireshark-dev] Latest SVN (r38309) doesn't compile (packet-6lowpan.c)"
• In reply to: mmann78_at_nospam: "[Wireshark-dev] [Bug 6086] How does it work?"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]