unicast / broadcast instead of NGAP

asked 2019-10-14 14:46:21 +0000

angeliki gravatar image

I use latest developers version of wireshark. I see messages of various protocols appearing as packets , but with empty src, dst IPs plus they look like Unicast/Broadcast , and with unknown protocol types . Is there a way to decode those ?

edit retag flag offensive close merge delete


Packet dissection:

Frame 88439: 164 bytes on wire (1312 bits), 164 bytes captured (1312 bits)
    Encapsulation type: Linux cooked-mode capture (25)
    Arrival Time: Oct 14, 2019 14:48:55.636812000 GTB Summer Time
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1571053735.636812000 seconds
    [Time delta from previous captured frame: 0.011979000 seconds]
    [Time delta from previous displayed frame: 0.011979000 seconds]
    [Time since reference or first frame: 72.555949000 seconds]
    Frame Number: 88439
    Frame Length: 164 bytes (1312 bits)
    Capture Length: 164 bytes (1312 bits)
    [Frame is marked: True]
    [Frame is ignored: False]
    [Protocols in frame: sll:ethertype:data]
Linux cooked capture
    Packet type: Unicast to us (0)
    Link-layer address type: 1
    Link-layer address length: 0
    Unused: 0000000000000000
    Protocol: Unknown (0x4010)
Data (148 bytes)
    Data: 454a0094000340003584881e0a50bfc60a5ee806960c960c…
    Text: EJ
        [Expert Info (Warning/Undecoded): Trailing stray characters]
            [Trailing stray characters]
            [Severity level: Warning]
            [Group: Undecoded]
    [Length: 148]
angeliki gravatar imageangeliki ( 2019-10-14 14:50:38 +0000 )edit