Hi, I have captured the DAP protocol messages in a file Dumpfile.pcap. I opened the file with Wireshark & used the following filter to filter DAP protocol messages: tcp.srcport == 16602 || tcp.srcport == 16614 || tcp.dstport == 16602 || tcp.dstport == 16614 Where 16602 & 16614 are the TCP ports used for DAP protocol. Then I went to wiresharks "Analyze" menu & selected the Option "Decode As". In this "Transport" TAB I have choosen TCP "both" ports & tried to select the "DAP" protocol. But there is no DAP protocol available. only LDAP was available. Please suggest how can I decode DAP protocol messages using wireshark? Additional Info: When I select the "Follow TCP stream" option in Analyze menu I was able to see contents of DAP query. But it is not clear. asked 02 May '12, 03:19  Ramakrishna |
One Answer:
The DAP dissector has a preference (Edit->Preferences->Protocols->OSI->X.500->DAP, yikes that was hard to find!) where you can set the TCP port used for this protocol. Setting that also has the advantage that the setting is persistent. answered 02 May '12, 05:49  JeffMorriss ♦ |
