Anders's profile - activity

https://launchpad.net/~wireshark-dev/+archive/ubuntu/stable

I'd look at how the vm nic is connected to the physical nic connecting to the switch span port.

Can you open an issue and share a trace?

That should be working. Do you see the http2 messages decoded properly?

Hi, I think your timestamp is in UNIX epoch,The Unix epoch (or Unix time or POSIX time or Unix timestamp) is the number

If you plan to make the code public why not work with the Wireshark developers and offer your code as a MR instead?

So maybe decode as TPKT on TCP level?

This trace https://wiki.wireshark.org/uploads/__moin_import__/attachments/SampleCaptures/p772-transfer-success.pcap show

This trace https://wiki.wireshark.org/uploads/__moin_import__/attachments/SampleCaptures/p772-transfer-success.pcap show

Possibly the if("tree") should be removed as we have other optimizations now.

Not that I know of.

Hi, I think th eproblem is if we have a tree or not, there is plenty of if( c->tree). In th esecond example no tree i

If it's centos7 I think the original cmake may be to old and you need cmake3

Perhaps the dependencies do not have the correct versions?

https://wiki.wireshark.org/Development/LifeCycle it vent eol 2018...

Hi, More context is needed. Which AVP and what values?

If you want to report it as an issue/enhancment request https://gitlab.com/wireshark/wireshark/-/issues?sort=created_dat

Hi, As goose is a dissector generated from the asn1 description you will have to add code on the .cnf file. If you can s

Hi, As goose is a dissector generated from the asn1 description you will have to add code on the .cnf file. If you can s

Hi, No one has written code to dissect https://datatracker.ietf.org/doc/html/draft-alvestrand-rmcat-remb-03#page-3 so an

The traffic may be encrypted.

If you download the development version i think it has a dissector.

Yes, top of trunk is based on TS 129 171 V16.2.0 (2020-12).

You may still have a problem with the system connected to the tap, as seen here.

Hi, I think there is several settings to tune. https://blog.securityonion.net/2011/10/when-is-full-packet-capture-not-fu

Then we need to see the packet in guestion. Please raise a bug report including a pcap with the failing packet.

Explore the exported pdu functionality. It should work with tshark.

Explore the exported pdu functionality. It should work with tshark.

Hi, The protocol sholuld be enabled by default but I think it's on of the decoders tha needs information on the channel

Talk to their support?

Try the development version.

Why do you need to have the stream analysed/displayed by wireshark in real time? Either have your capture program write

VLANs may cause problems for capture filters. I don't fully remember the sytax but something like "vlan and udp port..."

Hi, I think that as paload type 96 is dynamic meaning that the actual payload type is signaled in the set up protocol SI

Sounds odd looking at the current code Wireshark places the hex data in the tree. proto_tree_add_item(tree, hf_ieee80

If you read the indicated row in proto.c it will give a clue to what the problem is.

Sligth change of subject; but on the same vein. Recently python stopped working eventhough it was on the path. Typing py

You may have to include the qt debug info in your qt setup. Has to be explisitly downloaded if I remember correctly.

Perhaps you need to run tshark with the two pass parameter.

I doubt a user would be able to decrypt a packet trace of an MS teams session as it being private is sort of the point

I would assume all communication from teams would be encrypted and there is mo guarantee any standard protocols are used