THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

wireshark didn't follow the timezone of my system

  • retag add tags

my timezone is UTC+08:00 https://i.imgur.com/gAUPVni.png

but wireshark didn't follow the timezone of my system,just display time of utc https://i.imgur.com/CA58mEo.gif

https://www.makemusic-asia.com/c.pcap

walkerxk's avatar
1
walkerxk
asked 2022-12-13 04:18:37 +0000
edit flag offensive 0 remove flag close merge delete

Comments

How about just a screenshot, rather than a movie, so we don't have to pause the movie to see what's happening?

Guy Harris's avatar Guy Harris (2022-12-13 22:55:53 +0000) edit
more
  • delete

image description

TZ is Asia/Shanghai

image description

timestamp is 1671250750 time should be 2022-12-17 12:19:10 not 2022-12-17 04:19:10

image description

walkerxk's avatar walkerxk (2022-12-17 04:39:21 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

Wireshark looks for the TZ environment variable to use as a timezone, this will overrule the system setting. Do you by any chance have a TZ variable on your system?

sake@MacAir13:~/_tmp$ tshark -ta -c 1 -r c.pcap 
    1 04:46:52.951583 117.149.20.209 → 124.239.228.16 TCP 68 61042 → 80 [SYN] Seq=0 Win=42340 Len=0 MSS=1460 SACK_PERM=1 WS=2048
sake@MacAir13:~/_tmp$ TZ=Europe/Dublin tshark -ta -c 1 -r c.pcap 
    1 03:46:52.951583 117.149.20.209 → 124.239.228.16 TCP 68 61042 → 80 [SYN] Seq=0 Win=42340 Len=0 MSS=1460 SACK_PERM=1 WS=2048
sake@MacAir13:~/_tmp$ TZ=Europe/Athens tshark -ta -c 1 -r c.pcap 
    1 05:46:52.951583 117.149.20.209 → 124.239.228.16 TCP 68 61042 → 80 [SYN] Seq=0 Win=42340 Len=0 MSS=1460 SACK_PERM=1 WS=2048
sake@MacAir13:~/_tmp$
SYN-bit's avatar
18.5k
SYN-bit
answered 2022-12-13 09:40:54 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Also: if the TZ is set to a value that is not understood or invalid, the system will treat this as it was set to UTC.

André's avatar André (2022-12-13 21:40:06 +0000) edit
more
  • delete

TIL!

Hmmm... I would expected it to default back to the timezone from the system settings. Good to know, thanks!

SYN-bit's avatar SYN-bit (2022-12-14 14:04:11 +0000) edit
more
  • delete

6@18:48:22#xiakai1@tp/download> /cygdrive/d/program/wireshark/tshark -ta -c1 -r 21478.pcap 1 10:13:10.592133 10.21.239.12 → 10.21.239.12 TCP 68 21478 → 800 [SYN] Seq=0 Win=43690 Len=0 MSS=65495 SACK_PERM WS=2048 6@18:48:36#xiakai1@tp/download> TZ=ASIA/Shanghai /cygdrive/d/program/wireshark/tshark -ta -c1 -r 21478.pcap 1 10:13:10.592133 10.21.239.12 → 10.21.239.12 TCP 68 21478 → 800 [SYN] Seq=0 Win=43690 Len=0 MSS=65495 SACK_PERM WS=2048 6@18:48:57#xiakai1@tp/download> TZ=Europe/Dublin /cygdrive/d/program/wireshark/tshark -ta -c1 -r 21478.pcap 1 10:13:10.592133 10.21.239.12 → 10.21.239.12 TCP 68 21478 → 800 [SYN] Seq=0 Win=43690 Len=0 MSS=65495 SACK_PERM WS=2048 6@18:49:19#xiakai1@tp ... (more)

walkerxk's avatar walkerxk (2023-04-23 10:50:43 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer