Ask Your Question

Pascal Quantin's profile - activity

2020-03-05 13:40:51 +0000 received badge  Rapid Responder (source)
2020-03-05 13:40:51 +0000 answered a question npcap package with wireshark installer encounter Unknown error! 800f0203 during installation

Hi Dan, better report this and ask for help on the Npcap bug tracker: https://github.com/nmap/nmap/issues Best regards

2020-02-27 09:59:43 +0000 received badge  Rapid Responder (source)
2020-02-27 09:59:43 +0000 answered a question use multiple ports for HTTP2

You can use the Analyze -> Decode As to add extra TCP ports for HTTP2 decoding.

2020-02-12 19:48:21 +0000 commented answer is it possible to call rrc dissector to decode rrc containers in F1AP?

Thiss is now implemented in https://code.wireshark.org/review/#/c/36084/

2020-02-12 07:03:49 +0000 commented answer is it possible to call rrc dissector to decode rrc containers in F1AP?

Create an enhancement bug on bugs.wireshark.org and attach the pcap

2020-02-11 17:15:27 +0000 edited answer is it possible to call rrc dissector to decode rrc containers in F1AP?

The F1AP dissector should already handle UL CCCH messages. For DCCH messages, what you have is NR PDCP PDUs and not RRC

2020-02-11 17:13:13 +0000 edited answer is it possible to call rrc dissector to decode rrc containers in F1AP?

The F1AP dissector should already handle DL and UL CCCH messages. For DCCH messages, what you have is NR PDCP PDUs and n

2020-02-11 17:13:00 +0000 answered a question is it possible to call rrc dissector to decode rrc containers in F1AP?

The F1AP dissector should already handled DL and UL CCCH messages. For DCCH messages, what you have is NR PDCP PDUs and

2020-02-11 17:13:00 +0000 received badge  Rapid Responder (source)
2020-02-01 10:02:40 +0000 commented answer why nr-rrc dissectors are not called in pdcp-nr

And calling NR RRC dissector is now implemented in Wireshark v3.3.0rc0-479-g4ef8ace610

2020-02-01 08:13:24 +0000 edited answer why nr-rrc dissectors are not called in pdcp-nr

Hi, 1/ the code is ready to call the NR-RRC disssector but the lookup_rrc_dissector_handle() was never finished. I'm go

2020-02-01 08:13:11 +0000 received badge  Rapid Responder (source)
2020-02-01 08:13:11 +0000 answered a question why nr-rrc dissectors are not called in pdcp-nr

Hi, 1/ the code is ready to call the NR-RRC disssector but the lookup_rrc_dissector_handle() was never finished. I'm go

2020-01-29 06:14:33 +0000 commented answer How to decode rlc-nr package

The framing protocol should be in the UDP payload. You must also activate the rlc_nr_udp heuristic dissector in the Anal

2020-01-27 08:51:19 +0000 commented answer How to decode rlc-nr package

The framing is explained in the header file link I shared, which should be self explanatory. Do you have any specific qu

2020-01-27 08:27:02 +0000 edited answer How to decode rlc-nr package

Hi, you need to use the UDP framing protocol described here so as to provide the dissector all the per-frame info. It me

2020-01-27 08:26:38 +0000 received badge  Rapid Responder (source)
2020-01-27 08:26:38 +0000 answered a question How to decode rlc-nr package

Hi, you need to use the UDP framing protocol described here so as to provide the dissector all the per-frame info.

2020-01-06 14:12:16 +0000 commented question lte_rrc ue capability not getting decoded though this is decoded in s1ap

Hi Akhila, There is no known issue with S1AP decoding in Wireshark. So what is supposed to be this payload? This is no

2019-12-11 18:09:17 +0000 commented answer Wireshark crashes in the “Enabled Protocols” dialog box

Thanks for the report, we are currently working on a fix.

2019-12-11 18:09:07 +0000 commented answer Wireshark crashes in the “Enabled Protocols” dialog box

THanks for the report, we are currently working on a fix.

2019-11-18 12:19:07 +0000 commented answer How to find mapping for dissector?

And to complete @grahamb answer, there is no registered dissector for the RadioBearerConfig IE: instead where needed in

2019-10-30 09:06:54 +0000 answered a question how to generate c code from asn1?

The template and conformation files are written by hand. You can find some basic documentation here and by looking at t

2019-10-30 09:06:54 +0000 received badge  Rapid Responder (source)
2019-10-16 15:39:51 +0000 edited answer How to increase the USB snap/buffer length to capture bigger packages?

This sounds like the issue fixed in USBPcap 1.5.3.0 (see https://github.com/desowin/usbpcap/releases). To use this vers

2019-10-16 15:39:39 +0000 answered a question How to increase the USB snap/buffer length to capture bigger packages?

This sounds like the issue fixed in USBPcap 1.5.3.0 (see https://github.com/desowin/usbpcap/releases). To use this vers

2019-10-16 15:39:39 +0000 received badge  Rapid Responder (source)
2019-10-15 18:48:17 +0000 answered a question TLS\SSL pcap with key - save decrypted output to pcap file without the attach key

You can also save the decrypted packets starting from Wireshark 2.0 (if I remember correctly) by clicking on File ->

2019-10-15 18:48:17 +0000 received badge  Rapid Responder (source)
2019-09-06 07:23:32 +0000 commented answer LoRaWan PCAP, wireshark not able to interpret

At the beginning of your file you should have a pcap_hdr_t structure. Then for each packet you should have a pcaprec_hdr

2019-09-05 14:04:58 +0000 answered a question LoRaWan PCAP, wireshark not able to interpret

Hi, your libpcap header format seems wrong (for example fields like major and minor versions are 2 bytes long, not 1, t

2019-09-05 14:04:58 +0000 received badge  Rapid Responder (source)
2019-08-30 10:41:44 +0000 commented answer 5G SM OTA message decodes fail

The fix is now merged you can pick a new development build.

2019-08-30 06:49:56 +0000 commented answer 5G SM OTA message decodes fail

Hi Jouman, Thanks for the report, the fix for the IE decoding is under review here: https://code.wireshark.org/review/#

2019-08-29 17:24:34 +0000 answered a question Pcap files are opening very slow

This behavior is often seen when you have a big (Pre)-Master-Secret log file (in TLS/SSL preferences) and you have TLS/S

2019-08-29 17:24:34 +0000 received badge  Rapid Responder (source)
2019-08-21 15:38:36 +0000 commented answer Can Wireshark parse and decode LPPe?

You are welcome. Please consider accepting my answer by clicking on the green check mark.

2019-08-21 15:37:23 +0000 commented answer wireshark not dissecting the entire context of mac-nr sent over udp

You are welcome. Please consider accepting my answer.

2019-08-19 18:02:59 +0000 edited answer Can Wireshark parse and decode LPPe?

Indeed LPP decoding from a NAS 5GS PDU was not implemented yet. I added it in https://code.wireshark.org/review/#/c/3432

2019-08-19 18:02:46 +0000 edited answer Can Wireshark parse and decode LPPe?

Indeed LPP decoding from a NAS 5GS PDU was not implemented yet. I added it in https://code.wireshark.org/review/#/c/3432

2019-08-19 17:22:51 +0000 received badge  Rapid Responder (source)
2019-08-19 17:22:51 +0000 answered a question Can Wireshark parse and decode LPPe?

Indeed LPP decoding from a NAS 5GS PDU was not implemented yet. I added it in https://code.wireshark.org/review/#/c/3432

2019-08-17 17:17:19 +0000 edited answer wireshark not dissecting the entire context of mac-nr sent over udp

Starting from Wireshark v3.1.1rc0-156-gb709c7ccc7d3 nightly build, the time information is now present in the MAC NR con

2019-08-17 17:16:54 +0000 answered a question wireshark not dissecting the entire context of mac-nr sent over udp

Starting from Wireshark v3.1.1rc0-156-gb709c7ccc7d3 nightly build, the time information is now present in the MAC NR con

2019-07-29 07:13:47 +0000 commented answer wireshark not dissecting the entire context of mac-nr sent over udp

It seems like we forgot to add the field when decoding any PDU other than RAR. I will double check this when I'm back fr

2019-07-27 17:00:19 +0000 commented answer wireshark not dissecting the entire context of mac-nr sent over udp

In most cases they are not part of the UDP payload, but come from the DCT2000 dissector. The framing is a convenience fo

2019-07-27 16:54:12 +0000 commented answer wireshark not dissecting the entire context of mac-nr sent over udp

In most cases they are not part of the UDP payload, but come from the DCT2000 dissector. The framing is a convenience fo

2019-07-27 16:51:59 +0000 commented answer wireshark not dissecting the entire context of mac-nr sent over udp

In most cases they are not part of the UDP payload, but come from the DCT2000 dissector. The framing is a convenience fo

2019-07-27 16:49:34 +0000 commented answer wireshark not dissecting the entire context of mac-nr sent over udp

In most cases they are not part of the UDP payload, but come from the DCT2000 dissector. The framing is a convenience fo