Wireshark map/resolve ip & ports combination to different service names

edit

Where would the "service name" be displayed or how would it be used?

A sip server is having multiple logical application servers. All these logical application servers have same IP address but different ports. During a call traffic flows from logical server 1 with port 5060 then goes out to another sip server which then sends call towards logical server 2 with port 5070.

You can set coloring rules for conversations but that would only be available in the packet list.
Did you want "service name" to be displayed in the Packet Details or searchable with a Display Filter?

Problem is I am not able to identify (unless I remember all ports used by different logical servers) which logical server is being used by checking the pcap trace. Currently I am using host file to resolve ip address but as host file can't have port details it becomes difficult to troubleshoot issues in the network.

The documentation could be a little clearer. You can have a services file per profile.
Would mapping the port number to a service name help?
It would require maintaining and switching to a profile based on which server the pcap is for.

I had tried adding ports in services file earlier but it didn't worked. It would be good if some examples and troubleshooting steps can be added to the documentation. If it works I hope it would solve my problem.

I think there is a bug in that services is only read once, on startup.
It does work with custom services files if you change profiles, close Wireshark application then restart Wireshark application. Or if starting Wireshark from the command line, specify a profile to use with -C option.
(I'll look at the code later this evening to see how to change to profile services file on profile changes.)

I tried using services. Restarted wireshark. I can't see any changes. Where in wireshark I can see the service name which I provided for the port?

Also 1 problem in using services is that if other ip address have that port then services name will show there as well even if that service is not associated with that IP.

What version of Wireshark are you using?
Which services file was modified - global, personal config, or in a profile directory?

In the other question about Packet Detail colors, Lua was mentioned. If that is an option I think a custom dissector that provides a new field(s) with the service information would be a better solution. Then it can be customized/tweaked to include the specific information required.

Wireshark version 3.5.0.4706 Initially there was no services file. I have added a services file in personal (appdata\roaming\wireshark) directory.

Regarding the other question about Packet Detail colors, I think if coloring can be done then it is the best solution. Your suggestion custom dissector is also good. But the problem is that I don't have any knowledge of lua :(

View -> Name Resolution -> Resolve Transport Addresses is enabled?

I just enabled it and I can see services names now instead of ports. But it is also resolving other well known ports which I don't want. For example 5082 port is resolved to qcp protocol but in my case it is being used for sip protocol.