Hi, I'm new to WireShark but I have a Windows host with WireShark running and on this host a customised application sending data to another host on port 5000. I can filter the data and use Follow TCP Stream fine and see the applications network data.
However the frames are displayed as
[Malformed Packet: GSM over IP]
I assume that WireShark is inspecting the frame data and that WireShark thinks that the data inside is a GSM over IP formatted data while it isn't.
Anyway to 'disable' this misleading matching to GSM over IP?
Any help would be greatly appreciated!
asked 31 Jan '11, 04:07
Goto the menu Analyze|Protocols. This open a dialog with all protocol dissectors. Look for 'GSM over IP' and remove the check mark. Click apply to see what happens.
answered 31 Jan '11, 04:32
Edit->preferences->protocols->GSM over IP change the TC/UDP ports to 0 or dissable the protocol.
answered 31 Jan '11, 04:31