How do I decode the packets using ip.addr == and data.len > 0? Capturing packets from a building automation controller and want to see the values captured such as point ID and value (space temperature). Packets are already captured.
Decoding is by protocol, but no idea what building automation protocol you are actually using. If one exists, you might be in good shape.
But, unfortunately, if Wireshark does support the protocol, but isn't recognizing those packets as being packets for that protocol, there's no way to say "decode all packets to or from this IP address as being for that protocol". You could do it based on the TCP or UDP port, however, using the "Decode As" menu item.
Asked: Jun 11 '18
Seen: 346 times
Last updated: Jun 12 '18
