Hi to all, I am using whireshark wireshark 1.8.10 on centos 6.3 . I have a pcap trace that packet are not in chronological order. I want to reorder packet chronologically. Mergecap work only with ordered trace. How can I do that? Thanks in advanced, Diana asked 29 Sep '14, 02:30  Dianalab9 |
One Answer:
If you mean that the absolute time stamps of the frames are not in chronological order you can use "reordercap" to do that. Reordercap should be available in the same directory as Wireshark and mergecap. answered 29 Sep '14, 02:33  Jasper ♦♦ showing 5 of 6 show 1 more comments |
I am using version 1.8.7 (windows) and there is no reordercap; can you advice?
My advice would be to upgrade to 1.12.1
OK, I will try. Thank you!
If we are using Wireshark on Linux, to which version should we upgrade? We just did the update and the latest version we are using is 1.8.10. Maybe it is available only in developer version? can you advice?
In general it is always a good idea to upgrade to the latest stable version, which is 1.12.1 right now. Depending on your Linux distribution the package management may not have that version yet, so you can either live with the one provided by your distribution, or you try to compile/install the latest stable build manually.
OK, Thank you very much!