This is our old Q&A Site. Please post any new questions and answers at


i am trying to generate pcap files from a collection of packet data. I put the global header and packet data correctly and it appeared correctly in wireshark. But the problem is with the arrival time of the packet, which is not getting as expected;

Can someone please describe how to create the first 8 bytes in the pcap header ?

I give the first 4 byte as seconds from 1970/1/1 till now and next 4 byte as 00 00 00 05.

asked 15 Jan '14, 22:44

Binu%20Babu's gravatar image

Binu Babu
accept rate: 33%

edited 16 Jan '14, 00:09

which is not getting as expected

What are you expecting, and what are you getting?

(16 Jan '14, 18:22) Guy Harris ♦♦

I need to see the arrival time as 2013-01-15 02:00:00.000000000 in pcap file with wireshark. For this i took the seconds since 1970/1/1 till the same datetime as mentioned above and put in the pcap header(as first 4 byte). But its getting as wrong date in wireshark.

(16 Jan '14, 22:04) Binu Babu

What date do you get in Wireshark?

(16 Jan '14, 22:42) Guy Harris ♦♦

It is showing in date field as 'Not representable'.

Edit: Hi Guy Harris, I could trace the mistake ,that was in the magic number order. I used it as "D4 C3 B2 A1" and didn't swap the timestamp.Now its working fine by swapping the seconds in the pcap header.

permanent link

answered 16 Jan '14, 22:52

Binu%20Babu's gravatar image

Binu Babu
accept rate: 33%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 15 Jan '14, 22:44

question was seen: 1,819 times

last updated: 17 Jan '14, 00:28

p​o​w​e​r​e​d by O​S​Q​A