 | 1 | initial version |
Wireshark will automatically dissect traffic for the appropriate protocol as long as the traffic is running on the expected, or configured, port (for traffic over TCP, UDP) or (for some subset of prootcols) if the type can be heuristically determined by inspecting the traffic.
DNP3 is normally run over port 20000, if your traffic is not using this port, then you can use "Decode As ..." to set DNP3 as the dissector for the port(s) actually in use. There are also DNP3 protocol preferences for TCP and UDP to allow port to be specified.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
