SML dissector doesn't work

answered 2019-11-14 11:19:17 +0000

flag of United Kingdom of Great Britain and Northern Ireland

23790 ●4 ●950 ●227 https://www.wireshark.org

updated 2019-11-14 11:19:27 +0000

You need to set the dissector port (defaults to 0), either by editing the dissector preferences (Edit -> Preferences -> Protocols -> SML) or by right clicking any packet in the list and selecting "Decode As..." (or from the menu Analyze -> Decode As...) and choosing TCP port 7259 (for the example capture).

edit flag offensive delete link

Comments

Thank you for the fast reply.

Now that works for me. But how do I act in case of an offline file without a tcp frame?

Michael ( 2019-11-14 11:59:18 +0000 )edit

The SML dissector only dissects traffic over UDP or TCP.

You can use text2pcap to create a pcap file. By using the option -T along with suitable source and destination ports, e.g. -T 3293,7259 to match that in the sample file.

grahamb ( 2019-11-14 12:16:20 +0000 )edit

works also great. Big thanks to you, for supporting me.

Michael

Michael ( 2019-11-14 13:03:24 +0000 )edit

But how do I act in case of an offline file without a tcp frame?

Do you mean an offline file whose contents are as shown in the Wireshark Wiki SML page, with the first four bytes being 0x1b, followed by 4 bytes of version number, followed by a sequence of messages?

Guy Harris ( 2019-11-14 19:28:49 +0000 )edit

yes, that's exactly what I mean.

Michael ( 2019-11-15 07:06:28 +0000 )edit

add a comment

SML dissector doesn't work

1 Answer

Comments

Your Answer

Question Tools

Stats

SML dissector doesn't work edit

1 Answer

Comments

Your Answer

Question Tools

Stats

SML dissector doesn't work