Revision history [back]

Using a vlans file in profile

Problem

I am trying to get VLAN resolution to work in both wireshark and tshark using a SampleCaptures vlan pcap. This pcap contains all sorts of vlans, including a vlan 7.

Description

Tested on Macos (v3.0.3), Linux (v2.6.8).

I have a vlan_profile folder in ~/.config/wireshark/profiles that contains this vlans file:

7 native

Using tshark, the name resolution is to "<7>".

bash$ tshark -r vlan.cap -Nv -C vlan_profile -T fields -e vlan.id_name -Y "vlan.id==7" -2
<7>
<7>
<7>
<7>
<7>

Using Wireshark configured with the vlan_profile profile, I get no packet results when filtering by not vlan.id_name matches "<[0-9]+>" and vlan.id_name. When using Wireshark, I have the "Resolve VLAN IDs" checkmark checked in Preferences.

Question

How is the vlans file used for vlan resolution?

Using a vlans file in profile

Problem

I am trying to get VLAN resolution to work in both wireshark and tshark using a SampleCaptures vlan pcap. This pcap contains all sorts of vlans, including a vlan 7.

Description

Tested on Macos (v3.0.3), Linux (v2.6.8).

I have a vlan_profile folder in ~/.config/wireshark/profiles that contains this vlans file:

7 native

Using tshark, the name resolution is to "<7>".

bash$ tshark -r vlan.cap -Nv -C vlan_profile -T fields -e vlan.id_name -Y "vlan.id==7" -2
-2 -o "nameres.vlan_name:true"
<7>
<7>
<7>
<7>
<7>

Using Wireshark configured with the vlan_profile profile, I get no packet results when filtering by not vlan.id_name matches "<[0-9]+>" and vlan.id_name. When using Wireshark, I have the "Resolve VLAN IDs" checkmark checked in Preferences.

Question

How is the vlans file used for vlan resolution?

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.

Powered by Askbot version 0.10.2