Ask Your Question

SIP packets are decoded in 1.12.3 but not in 2.2.0

asked 2019-06-28 20:04:38 +0000

skang gravatar image

updated 2019-06-28 22:37:34 +0000

Guy Harris gravatar image

I am currently using an older version of wireshark to support something for work. Version 1.12.3 (v1.12.3-0-gbb3e9a0 from master-1.12) I created a capture of a call scenario and I can see the entire call flow but my co-worker reviews the same file with the different version of wireshark(newer version) , the same SIP packets are not being decoded as SIP. What can be done so that they can see this SIP messaging decoded.

wireshark 2.2.0

edit retag flag offensive close merge delete


Note that 2.2.0 is newer than 1.12.3, but it's far from the latest version - the latest version is 3.0.

Guy Harris gravatar imageGuy Harris ( 2019-06-28 22:38:06 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted

answered 2019-06-28 20:26:50 +0000

Jaap gravatar image

Have the co-worker very carefully review the dissector settings of the dissectors involved. Since it's known which frames do contain SIP packets, the settings have to be adjusted accordingly.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools


Asked: 2019-06-28 20:04:38 +0000

Seen: 238 times

Last updated: Jun 28 '19