how to dissect X711 CMIP traffic ?

asked 2022-12-15 09:19:57 +0000

kiwi123 gravatar image

updated 2022-12-23 09:39:19 +0000

Hi, i'm using wireshark version 3.4.10 on debian 11 and i don't manage to decode traffic as X711 CMIP traffic. I've checked in Analyze->Protocol->Activated Protocols, and CMIP is activated, so i suppose Wireshark should be able to decode my traffic as CMIP traffic.

I thought maybe this traffic requires another dissector to be activated therefore i activated all the dissectors. Even with that, when i right click on a packet, the "decode as" menu doesn't propose CMIP protocol.

It seems that X711/CMIP protocol is transported by ACSE or ROSE protocol (which are in their turn over TCP), but it doesn't seem to exist dissector for such protocol in wireshark.

Am i missing something ?

link to pcap

edit retag flag offensive close merge delete

Comments

Can you share a capture file?

Chuckc gravatar imageChuckc ( 2022-12-15 13:20:28 +0000 )edit

This trace https://wiki.wireshark.org/uploads/__... shows some of those transport layers.

Anders gravatar imageAnders ( 2022-12-15 14:43:45 +0000 )edit

So maybe decode as TPKT on TCP level?

Anders gravatar imageAnders ( 2022-12-15 14:45:16 +0000 )edit

Hi, thx for your anwser, unfortunately i can't upload any capture (my karma is too low !).

kiwi123 gravatar imagekiwi123 ( 2022-12-20 10:22:08 +0000 )edit

Place it on public file share (Dropbox, Google, OneDrive) then update the question with a link to it.

Chuckc gravatar imageChuckc ( 2022-12-20 20:47:20 +0000 )edit
see more comments