Ask Your Question
0

Is there an openwire dissector

asked 2020-08-20 10:34:24 +0000

Nader gravatar image

Hello

I am using Wireshark Version 3.2.6 (v3.2.6-0-g4f9257fb8ccc) on Windows 10.

It seems there is no dissector for OpenWire protocol. It says: "openwire tight encoding not supported by wireshark"

Is there a dissector for OpenWire and how can I add it to Wireshark plugin?

Thanks in advance

/Nader

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2020-08-20 10:50:19 +0000

grahamb gravatar image

A dissector for OpenWire was added to Wireshark in 2012, the Bugzilla entry is here and was released with Wireshark 1.8.

There is a comment in the dissector source about what the dissector can handle that may be relevant:

OpenWire has two wire formats :
- "loose" : more verbose, less CPU-intensive, less network-intensive (1-pass)
- "tight" : more compact, more CPU-intensive, more network-intensive (2-pass)
This dissector only supports the "loose" syntax, which is not the default.
This dissector only supports version 6 of the protocol.
It can be changed on the broker in the activemq.xml file by specifying "tightEncodingEnabled=false" :

<transportConnectors>
    <transportConnector name="tcp-connector" uri="tcp://0.0.0.0:61616?wireFormat.tightEncodingEnabled=false&amp;wireFormat.cacheEnabled=false"/>
</transportConnectors>

Note : The WIREFORMAT_INFO command is always sent in "loose" format.
edit flag offensive delete link more

Comments

Thanks for answer, but is there a dissector for handling "tight" format?

Nader gravatar imageNader ( 2020-08-20 11:10:26 +0000 )edit

No there isn't within the Wireshark project.

grahamb gravatar imagegrahamb ( 2020-08-20 11:58:03 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2020-08-20 10:34:24 +0000

Seen: 1,279 times

Last updated: Aug 20 '20