This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to display some UDP missing packets?

0

Hello, I want to watch some packets of an unknown protocol which relies on UDP, but Wireshark doesn't display these packets. Why does Wireshark do this? What can I do? I can't believe I must write a dissector to display it. Wireshark should at least display the payload under UDP protocol.

asked 03 Jun '13, 09:08

anon321123's gravatar image

anon321123
1111
accept rate: 0%


One Answer:

1

You do not need to write a dissector to display packets for an unknown protocol. It will just be displayed as UDP.

What is your capture setup? Are you capturing on the sending or receiving host? Are you capturing in the same network of the sending or receiving host? Are you capturing somewhere in the middle? Did you use port mirroring?

Have a look at http://wiki.wireshark.org/CaptureSetup and http://wiki.wireshark.org/CaptureSetup/Ethernet

answered 03 Jun '13, 09:55

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%