Ask Your Question
0

Manually configuring Service Port names on Windows?

asked 2021-03-10 19:23:58 +0000

TallGuyNYC gravatar image

According to the documentation: https://www.wireshark.org/docs/wsug_h...

"The personal configuration folder for Wireshark is the Wireshark sub-folder of that folder, i.e. %APPDATA%\Wireshark."

which resolves to: C:\Users\tallguy\AppData\Roaming\Wireshark

I created a file 'services' with the following content in that folder:

afs-fileserver      7000/udp     # AFS File Server
afs-callback        7001/udp     # AFS Cache manager

But it this has no affect on the Source Port or Destination Port columns. They are still displaying 7000 & 7001

NOTE: Explicitly specifiying names for 7000/udp and 7001/udp wasn't necessary with Wireshark on CENTOS/Gnome. Apparently these were already configured out of the box (these are AFS RX protocol ports)

So.... how would I either manually configure the names of these service ports OR have Wireshark on Windows pick up the defaults that are correctly being shipped with Wireshark on CENTOS/Gnome. - Thanks

edit retag flag offensive close merge delete

Comments

You've to enable the transport addresses name resolution (View -> Name Resolution -> Resolve Transport addresses) to take effect of the service name resolution. Have you did this?

JasMan gravatar imageJasMan ( 2021-03-13 14:08:45 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2021-03-13 16:35:25 +0000

TallGuyNYC gravatar image

updated 2021-03-13 16:39:12 +0000

@JasMan: Thanks for pointing out where that was in the menus. It did the trick.

What I learned: Apparently the installed default values for "View->Name Resolution" for WireShark/Gnome are different than for WireShark Windows. Enabling "Resolve Transport Address" achieved what I was trying to do

I posted a screenshot of the menu for both Gnome and Windows here: http://iamx.com/posted/WireShark-Name...

@"Wireshark team": Note that the menu text is different from the Gnome to the Windows version. I'm not sure if that was intentional or not

edit flag offensive delete link more

Comments

@TallGuyNYC

  1. The Wireshark team doesn't build or distribute the Linux distribution versions, those packages and their contents are the responsibility of the distribution packagers.
  2. The differences in menus between your "Gnome" (is that really a long obsolete GTK version?) and Windows versions are likely to be version differences. What are the versions of your Wireshark packages?
grahamb gravatar imagegrahamb ( 2021-03-13 18:02:59 +0000 )edit

Yep. You were right about the Gnome version being an older version using GTK

The Windows version:

Version 3.4.3 (v3.4.3-0-g6ae6cd335aa9) 

Compiled (64-bit) with Qt 5.15.1, with libpcap, with GLib 2.52.3, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4, with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.39.2, with brotli, with LZ4, with Zstandard, with Snappy, with libxml2 2.9.9, with QtMultimedia, with automatic updates using WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled resampler), with Minizip. 

Running on 64-bit Windows 10 (1909), build 18363, with Intel(R) Core(TM) i7-7600U CPU @ 2.80GHz (with SSE4.2), with 16259 MB of physical memory, with locale English_United States.utf8, with light display ...
(more)
TallGuyNYC gravatar imageTallGuyNYC ( 2021-03-13 19:47:13 +0000 )edit

Welcome to the world of Linux distributions and their geologically ancient versions.

The Wireshark project's support of 1.10 ended in June 2015. See the Lifecycle Wiki page for more info.

grahamb gravatar imagegrahamb ( 2021-03-14 10:58:36 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2021-03-10 19:23:58 +0000

Seen: 92 times

Last updated: Mar 13