How to make Wireshark GUI reload ikev2_decryption_table without restarting?

asked 2019-11-09 05:52:24 +0000

hgl
1 ●1

updated 2019-11-09 05:57:14 +0000

I'm trying to analyze a IKEv2 connection, but I won't be able to create the ikev2_decryption_table file until I've started connecting, but I have start Wireshark GUI before I make the connection to capture all packets.

After I update the ikev2_decryption_table file, how do I ask Wireshark to reload the file and start decrypting the traffic?

edit retag flag offensive close merge delete

add a comment

1 Answer

Sort by » oldest newest most voted

answered 2022-11-03 20:28:34 +0000

daniele de matteis
1

Ctrl+Shift+L (or Analyze > Reload Lua Plugins)

This makes wireshark reload the file <user>/.config/wireshark/ikev2_decryption_table, like it usually does at startup.

This may be useful if you edited such file by yourself, for ex. by a script that automatically reads all parameters from your ipsec log (SPI's, SK's, encryption and integrity algorithms) and formats them into a proper wireshark/ikev2_decryption_table entry.

But the usual way is to add all parameters from GUI: Edit > Preferences > Protocols > ISAKMP > IKEv2 Decryption Table Edit

edit flag offensive delete link

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2019-11-09 05:52:24 +0000

Seen: 246 times

Last updated: Nov 09 '19

How to make Wireshark GUI reload ikev2_decryption_table without restarting? edit

1 Answer