Hi, When Wireshark tries to dissect sliced packets it displays errors/warnings for various protocol types for example SSL, SSH, OTV etc. Is there a way to suppress dissector errors/warning when packets is sliced/trimmed? If not can this be added as option? Thank you
asked 16 Mar, 11:55
Codewise it's not easy to suppress the warnings, a dissector shouldn't try to check the packet length, just try to dissect it and get the malformed exception if it's too short.
What you can do though, is create a profile and disable all dissectors except the one up to where you sliced, i.e. Ethernet, ip, tcp so that other dissectors aren't called.
answered 16 Mar, 12:07