| 2025-06-26 17:16:48 +0000 | commented question | IPv4 follow ip stream available on Windows 11 machine but not on Linux machine The ip.stream field was added in Wireshark version 4.4.0 (see here), what version are you using? |
| 2025-06-23 16:47:10 +0000 | commented question | cant get other packets The info you posted above in your question was using tshark. If using the GUI version, i.e. actual Wireshark, then it's |
| 2025-06-23 16:44:05 +0000 | commented question | cant get other packets For tshark use: tshark -z io,phs -r <path\to\capture file> |
| 2025-06-23 16:40:16 +0000 | commented question | cant get other packets From the menu options. |
| 2025-06-23 16:08:12 +0000 | commented question | cant get other packets What does the Statistics -> Protocol Hierarchy dialog show? I assume you can see web sites if you open a browser? |
| 2025-06-23 15:06:57 +0000 | commented question | cant get other packets If you capture on interface eth0 do you see packets other than UDP? |
| 2025-06-23 14:34:33 +0000 | edited question | cant get other packets cant get other packets im on debian and i cant get other packets other than udp and the udp packets are just my packets |
| 2025-06-23 08:38:02 +0000 | commented question | cant get other packets Can you explain your capture environment? Do you see any packets other than UDP? |
| 2025-06-17 12:10:33 +0000 | edited question | I'm getting Malformed packet when I see wireshark Log I'm getting Malformed packet when I see wireshark Log Here is the message I got 12082 208.239790000 100.64.10.6 10 |
| 2025-06-17 08:20:00 +0000 | commented question | He instalado wireshark preo no puedo abrirlo. If the issue is a DLL not found, either the DLL isn't present, e.g. check in the Wireshark install directory, or there's |
| 2025-06-17 08:13:48 +0000 | commented question | He instalado wireshark preo no puedo abrirlo. All depends on what info you're looking for. systeminfo.exe gets some info, including NICs as text and msinfo32.exe get |
| 2025-06-09 15:28:40 +0000 | commented question | Two TTL values seen when using ip.ttl Is the traffic encapsulated, e.g. IP over something over IP? |
| 2025-06-09 15:26:14 +0000 | commented answer | Why would I be getting "LEN 1 (Malformed Packet)"... "(Malformed Packet: RTCP)" on UDP Packets Does RFC 5761 have any bearing here? |
| 2025-06-06 09:43:36 +0000 | edited question | I have problems with DNCP and have breakdowns on internet-conection. I have problems with DNCP and have breakdowns on internet-conection. Please could you help how to solve this problems: |
| 2025-06-04 18:42:43 +0000 | answered a question | Certification Voucher You would probably need to contact the Wireshark Foundation about that. There has been testing on the questions and pro |
| 2025-06-04 18:42:43 +0000 | received badge | ● Rapid Responder (source) |
| 2025-05-28 11:27:13 +0000 | commented question | Enable Search by Subtree in LUA Script Code excerpt: type_field = ProtoField.uint8("myProtocol.type", "type", DEC) myField1 = ProtoField.uint8("myProtocol |
| 2025-05-19 11:38:30 +0000 | edited question | DissectorTable.get("mpls.label"):get_dissector(2097) returns nil DissectorTable.get("mpls.label"):get_dissector(2097) returns nil I'm attempting to build my first LUA dissector. Specifi |
| 2025-05-13 08:16:36 +0000 | commented answer | Any reason Wireshark cannot decrypt local https server http-server from node js uses openssl not SChannel so should be able to send keying material to the log file. |
| 2025-05-13 08:16:13 +0000 | commented answer | Any reason Wireshark cannot decrypt local https server httpserver from node js uses openssl not SChannel so should be able to send keying material to the log file. |
| 2025-05-12 14:14:35 +0000 | edited question | Support for CHACHA20-POLY1305[RFC7634] is missing in ESP encryption algorithm list Support for CHACHA20-POLY1305[RFC7634] is missing in ESP encryption algorithm list In the drop down menu of ESP preferen |
| 2025-05-12 13:45:28 +0000 | edited answer | Any reason Wireshark cannot decrypt local https server all entries in the local https trace is of type tcp like 17 2.328392 10.0.0.12 10.0.0.32 tcp 74 4250 |
| 2025-05-12 08:09:28 +0000 | commented question | Unable to capture from VPN network on Windows after updating to Npcap 1.82 Can you supply more info about the VPN and the vendor? |
| 2025-05-12 08:02:50 +0000 | commented answer | Any reason Wireshark cannot decrypt local https server Or the application is using SChannel for TLS and that does not emit to SSLKEYLOGFILE |
| 2025-05-07 18:31:06 +0000 | edited question | How to decrypt ISAKMP / IKEv2 traffic by using tshark? How to decrypt ISAKMP / IKEv2 traffic by using tshark? Hi all, I want to decrypt a .pcap which has an IPsec communicati |
| 2025-04-22 09:44:23 +0000 | commented question | damaged or corrupted pcapng needs recovery You can try loading the capture as a file, View -> Reload as File Format/Capture (Ctrl + Shift + F) to examine the pc |
| 2025-04-22 09:16:30 +0000 | commented question | damaged or corrupted pcapng needs recovery That version of Wireshark is obsolete, EOL was May 2024. Unlikely to help if the capture file is really damaged, but ca |
| 2025-04-22 07:33:40 +0000 | commented answer | Export each DNS Host name along with its consumed Traffic "Answer" moved to a question comment. |
| 2025-04-22 07:32:59 +0000 | commented question | On exporting data using export data dissection as CSV from wireshark file, correct data is not saving in CSV file. How can we get data byte in CSV file. Does the User Guide chapter on Exporting Data help? Section 5.7.2 discusses CSV as an option. |
| 2025-04-18 14:32:06 +0000 | commented question | zigbee zcl payload field Sample Start Time doe not get decoded I do not have enough points to upload a file. Here it is the all frame hex dump of for a ZCL GetSampledData pkt 0000 |
| 2025-04-18 07:36:07 +0000 | edited question | zigbee zcl payload field Sample Start Time doe not get decoded zigbee zcl payload filed Sample Start Time doe not get decoded The payload field Sample Start Time for Zigbee pkt GetSam |
| 2025-04-18 07:35:25 +0000 | edited question | Exporting to CSV synphasor (PMU) data Exporting to CSV synphasor (PMU) data Hello, I'm trying to export to CSV some data from PMU (synphasor). When I chose sy |
| 2025-04-17 13:04:57 +0000 | edited question | zigbee zcl payload field Sample Start Time doe not get decoded zigbee zcl payload filed Sample Start Time doe not get decoded The payload field Sample Start Time for Zigbee pkt GetSam |
| 2025-04-15 12:03:31 +0000 | edited question | piping Arista tcpdump to Wireshark fails Error message from child: "File type is neither a supported pcap nor pcapng format. (magic = 0x333a3930)", "Please repor |
| 2025-04-15 10:51:04 +0000 | commented answer | piping Arista tcpdump to Wireshark fails Noted, I have tried using multiple permutation/combinations of cmd syntax including without plink, however I was getting |
| 2025-04-15 09:42:29 +0000 | commented answer | piping Arista tcpdump to Wireshark fails Noted, I have tried using multiple permutation/combinations of cmd syntax including without plink, however I was getting |
| 2025-04-15 09:41:54 +0000 | commented answer | piping Arista tcpdump to Wireshark fails Noted, I have tried using multiple permutation/combinations of cmd syntax including without plink, however I was getting |
| 2025-04-08 14:02:35 +0000 | edited question | SSL connection failing SSL connection failing Help! We converted to a new IBM iSeries (AS400). Since the conversion I can't connect to our EDI |
| 2025-04-02 14:02:06 +0000 | commented question | Simple WSL Network Issue Not really a Wireshark question, you'll need to look for a WSL support service. |
| 2025-03-10 11:16:18 +0000 | commented answer | I Need a M.2 WiFi card with monitor mode in Windows 10 Many thanks for that very useful information, will look at it in detail. Perhaps I should be more specific about what |
| 2025-03-10 11:16:06 +0000 | commented answer | I Need a M.2 WiFi card with monitor mode in Windows 10 Many thanks for that very useful information, will look at it in detail. Perhaps I should be more specific about what |
| 2025-03-10 11:14:55 +0000 | commented answer | I Need a M.2 WiFi card with monitor mode in Windows 10 Many thanks for that very useful information, will look at it in detail. Perhaps I should be more specific about what |
| 2025-03-08 15:55:54 +0000 | commented question | I Need a M.2 WiFi card with monitor mode in Windows 10 I think the Pi's are limited to WiFi 5, (IEEE 802.11.ac). |
| 2025-03-08 12:07:51 +0000 | answered a question | How to get list of all IP addresses on my network Wireshark can't really help here, as not all LAN traffic may be passing the capture point. There are various network mo |
| 2025-03-08 12:07:51 +0000 | received badge | ● Rapid Responder (source) |
| 2025-03-04 18:06:59 +0000 | commented question | How to find which processes have initiated a connection Are you able to name the VPN service? |
| 2025-02-27 16:09:11 +0000 | commented answer | create a dissector for protobuf Is the problem in the "In some tool that I'm using" element rather than Wireshark? Wireshark needs two things here; the |
| 2025-02-27 15:13:49 +0000 | received badge | ● Rapid Responder (source) |
| 2025-02-27 15:13:49 +0000 | answered a question | create a dissector for protobuf Does the Wireshark Wiki page on Protobuf help? |
| 2025-02-26 11:49:30 +0000 | edited question | Wireshark 4.4.5 hang - is this known? Wireshark 4.4.5.0 Crash is this known Hello I've just upgraded to Wireshark 4.4.5.0, the application starts ok, howev |