Anders's profile - activity

What do you mean,? Wireshark has many dependencies if all features is to be used.

Your question is unclear. You can see the source code in your browser here https://code.wireshark.org/review/gitweb?p=wi

Check tcp preferences on both machines.

Not enough context to answer.

Add the ports used to the diameter preferences.

You should use FT_STRING for the hf. If you need the value internaly in your dissector you have to convert the string to

Wireshark does not yet dissect this IE.

I think you ought to report this to Nordic. I would guess it has to do with writing new file headers when switching file

Do you have the qt version corresponding to your msvc version?

I don't think a date has been set but it can be a while, like mid 2020.

libwireshark isb't really built to be a standalone library so you are probably on your own figuring out how to use it. N

You are probably better off by editing the list of dissectors then.

Why would you want to do that? Building the project creates executables that makes it possible to deploy tshark only.

Not sure I get it. Wireshark has dissectors for enip and cip I think. Can't you use/extend them?

Open a bug report with an enhancement request and attach a sample pcap.

You would have to run a tshark process per capture filter. Not sure how feasible that would be.

Yes you need to provide a pcap, preferably in a bug report.

Hi, You should get it from here or build from source to have the latest as this is ongoing development. As Jaap says nex

Hi, You should get it from here or build from source to have the latest as this is ongoing development. As Jaap says nex

You need to use the development version where the 5G protocol decoding is updated.

Ok, I have checked in the patch now.

Added https://code.wireshark.org/review/#/c/34270/ but without a trace it can't be verified.

Does Wireshak keep a matrix compliance list with all media-types supported? No Is Wireshark able to decode a a

That version is using 3GPP TS 38.413 V15.4.0 (2019-07) but that should work. Can you raise a bug report with a small pca

You need to use the development version https://www.wireshark.org/download/automated/

Seems like the vendor flag is not set.

No one has commited code to Wireshark to read this DLT so you would have to wrire it in that case.

If this is over TCP it means reassembly failed. Do you have out-of-order or duplicated packets? What version of Wireshar

Bug opened here

Open a bug report and attach a pcap.

Why not just add the missing enums to dictionary.xml?

If you have packets out of order or duplicated packets it's possible the calculation get starnge results.

It's not so easy some structures are handled by the protocol dissectors them selfs and may or may not be possible to tur

If the exercise is just to determin boot time and uptime and the host is Linux based I would design a process polling th

Check which ssn:s are defined in GSM MAP prefernces.

Check which ssn:s are defined in GSM MAP prefrences.

Yes, but the encapsulated ngap is not dissected. Nas 5gs is.

At work we had similar problem some one suggested https://sourceforge.net/projects/vcxsrv/

Wireshark reads various file types like pcap. If you create a pcap file with a user dlt and the rest diameter packet dat

Not that I know of. Looking at the data part I couldn't see any length octets that would be part of an ie.

As far as I can see the message header is malformed, the protocol has provissions for private IEs and the dissector shou