Display Filter Reference

Wireshark's most powerful feature is its vast array of display filters (over 141000 fields in 1000 protocols as of version 1.10.6). They let you drill down to the exact traffic you want to see and are the basis of many of Wireshark's other features, such as the coloring rules.

This is a reference. For general help using display filters, please see the wireshark-filter manual page or the User's Guide.

Index

1 · 2 · 3 · 6 · 9 · A · B · C · D · E · F · G · H · I · J · K · L · M · N · O · P · Q · R · S · T · U · V · W · X · Y · Z

1

104apci: IEC 60870-5-104-Apci (1.2.0 to 1.10.6, 6 fields)
104asdu: IEC 60870-5-104-Asdu (1.2.0 to 1.10.6, 57 fields)

2

2dparityfec: Pro-MPEG Code of Practice #3 release 2 FEC Protocol (1.0.0 to 1.10.6, 14 fields)

3

3comxns: 3Com XNS Encapsulation (1.0.0 to 1.10.6, 1 field)

6

6lowpan: IPv6 over IEEE 802.15.4 (1.4.0 to 1.10.6, 68 fields)

9

9p: Plan 9 9P (1.0.0 to 1.10.6, 60 fields)

A

a11: 3GPP2 A11 (1.0.0 to 1.10.6, 121 fields)
aarp: Appletalk Address Resolution Protocol (1.0.0 to 1.10.6, 13 fields)
aasp: Aastra Signalling Protocol (1.8.0 to 1.10.6, 18 fields)
acap: Application Configuration Access Protocol (1.0.0 to 1.10.6, 2 fields)
acn: Architecture for Control Networks (1.0.0 to 1.10.6, 68 fields)
acp133: ACP133 Attribute Syntaxes (1.0.0 to 1.10.6, 88 fields)
acse: ISO 8650-1 OSI Association Control Service (1.0.0 to 1.10.6, 96 fields)
actrace: AudioCodes Trunk Trace (1.0.0 to 1.10.6, 15 fields)
adp: Aruba Discovery Protocol (1.0.0 to 1.10.6, 5 fields)
adwin: ADwin communication protocol (1.6.0 to 1.10.6, 44 fields)
adwin_config: ADwin configuration protocol (1.6.0 to 1.10.6, 43 fields)
afp: Apple Filing Protocol (1.0.0 to 1.10.6, 305 fields)
afs: Andrew File System (AFS) (1.0.0 to 1.10.6, 244 fields)
agentx: AgentX (1.0.0 to 1.10.6, 36 fields)
ah: Authentication Header (1.0.0 to 1.10.6, 3 fields)
aim: AOL Instant Messenger (1.0.0 to 1.10.6, 65 fields)
aim_admin: AIM Administrative (1.0.0 to 1.10.6, 3 fields)
aim_bos: AIM Privacy Management Service (1.0.0 to 1.10.6, 2 fields)
aim_buddylist: AIM Buddylist Service (1.0.0 to 1.10.6, 1 field)
aim_generic: AIM Generic Service (1.0.0 to 1.10.6, 30 fields)
aim_icq: AIM ICQ (1.0.0 to 1.10.6, 6 fields)
aim_location: AIM Location (1.0.0 to 1.10.6, 4 fields)
aim_lookup: AIM User Lookup (1.0.0 to 1.10.6, 1 field)
aim_messaging: AIM Messaging (1.0.0 to 1.10.6, 33 fields)
aim_signon: AIM Signon (1.0.0 to 1.10.6, 3 fields)
aim_ssi: AIM Server Side Info (1.0.0 to 1.10.6, 15 fields)
aim_sst: AIM Server Side Themes (1.0.0 to 1.10.6, 6 fields)
airopeek: AiroPeek 802.11 radio information (1.0.0 to 1.10.6, 10 fields)
ajp13: Apache JServ Protocol v1.3 (1.0.0 to 1.10.6, 58 fields)
alc: Asynchronous Layered Coding (1.0.0 to 1.10.6, 33 fields)
alcap: AAL type 2 signalling protocol (Q.2630) (1.0.0 to 1.10.6, 151 fields)
amf: Action Message Format (1.10.0 to 1.10.6, 38 fields)
amqp: Advanced Message Queueing Protocol (1.0.0 to 1.10.6, 289 fields)
amr: Adaptive Multi-Rate (1.0.0 to 1.10.6, 22 fields)
ams: AMS (1.0.0 to 1.10.6, 65 fields)
ancp: Access Node Control Protocol (1.4.0 to 1.10.6, 36 fields)
ans: Intel ANS probe (1.0.0 to 1.10.6, 5 fields)
ansi_637_tele: ANSI IS-637-A (SMS) Teleservice Layer (1.0.0 to 1.10.6, 8 fields)
ansi_637_trans: ANSI IS-637-A (SMS) Transport Layer (1.0.0 to 1.10.6, 4 fields)
ansi_683: ANSI IS-683 (OTA (Mobile)) (1.0.0 to 1.10.6, 4 fields)
ansi_801: ANSI IS-801 (Location Services (PLD)) (1.0.0 to 1.10.6, 36 fields)
ansi_a_bsmap: ANSI A-I/F BSMAP (1.0.0 to 1.10.6, 27 fields)
ansi_map: ANSI Mobile Application Part (1.0.0 to 1.10.6, 750 fields)
ansi_tcap: ANSI Transaction Capabilities Application Part (1.0.0 to 1.10.6, 51 fields)
aodv: Ad hoc On-demand Distance Vector Routing Protocol (1.0.0 to 1.10.6, 28 fields)
aoe: ATAoverEthernet (1.0.0 to 1.10.6, 20 fields)
aol: America Online (1.10.0 to 1.10.6, 36 fields)
ap1394: Apple IP-over-IEEE 1394 (1.0.0 to 1.10.6, 3 fields)
apap: Printer Access Protocol (1.0.0 to 1.8.13, 11 fields)
applemidi: Apple Network-MIDI Session Protocol (1.4.0 to 1.10.6, 16 fields)
aprs: Automatic Position Reporting System (1.10.0 to 1.10.6, 79 fields)
ar_drone: AR Drone Packet (1.10.0 to 1.10.6, 28 fields)
arcnet: ARCNET (1.0.0 to 1.10.6, 7 fields)
armagetronad: The Armagetron Advanced OpenGL Tron clone (1.0.0 to 1.10.6, 6 fields)
arp: Address Resolution Protocol (1.0.0 to 1.10.6, 37 fields)
artnet: Art-Net (1.0.0 to 1.10.6, 193 fields)
aruba_erm: ARUBA encapsulated remote mirroring (1.4.0 to 1.10.6, 3 fields)
asap: Aggregate Server Access Protocol (1.0.0 to 1.10.6, 54 fields)
ascend: Lucent/Ascend debug output (1.0.0 to 1.10.6, 6 fields)
asf: Alert Standard Forum (1.0.0 to 1.10.6, 14 fields)
asp: AppleTalk Session Protocol (1.0.0 to 1.10.6, 34 fields)
at: AT Command (1.6.0 to 1.10.6, 1 field)
atm: Asynchronous Transfer Mode (1.0.0 to 1.10.6, 68 fields)
atmtcp: ATM over TCP (1.6.0 to 1.10.6, 3 fields)
atp: AppleTalk Transaction Protocol packet (1.0.0 to 1.10.6, 19 fields)
atsvc: Microsoft AT-Scheduler Service (1.0.0 to 1.10.6, 66 fields)
auto_rp: Cisco Auto-RP (1.0.0 to 1.10.6, 9 fields)
ax25: Amateur Radio AX.25 (1.10.0 to 1.10.6, 21 fields)
ax25_kiss: AX.25 KISS (1.10.0 to 1.10.6, 8 fields)
ax4000: AX/4000 Test Block (1.0.0 to 1.10.6, 7 fields)
ayiya: Anything in Anything Protocol (1.2.0 to 1.10.6, 10 fields)

B

babel: Babel Routing Protocol (1.6.0 to 1.10.6, 18 fields)
bacapp: Building Automation and Control Network APDU (1.0.0 to 1.10.6, 49 fields)
bacnet: Building Automation and Control Network NPDU (1.0.0 to 1.10.6, 29 fields)
banana: Twisted Banana (1.4.0 to 1.10.6, 8 fields)
basicxid: Logical-Link Control Basic Format XID (1.0.0 to 1.10.6, 3 fields)
bat: B.A.T.M.A.N. Layer 3 Protocol (1.2.0 to 1.10.6, 24 fields)
batadv: B.A.T.M.A.N. Advanced Protocol (1.4.0 to 1.10.6, 96 fields)
bcp: PPP Bridging Control Protocol (1.0.0 to 1.10.6, 6 fields)
bctp: BCTP Q.1990 (1.0.0 to 1.10.6, 4 fields)
beep: Blocks Extensible Exchange Protocol (1.0.0 to 1.10.6, 25 fields)
ber: Basic Encoding Rules (ASN.1 X.690) (1.0.0 to 1.10.6, 48 fields)
bfcp: Binary Floor Control Protocol (1.8.0 to 1.10.6, 28 fields)
bfd: Bidirectional Forwarding Detection Control Message (1.0.0 to 1.10.6, 45 fields)
bgp: Border Gateway Protocol (1.0.0 to 1.10.6, 121 fields)
bicc: Bearer Independent Call Control (1.0.0 to 1.10.6, 1 field)
bitcoin: Bitcoin protocol (1.10.0 to 1.10.6, 61 fields)
bittorrent: BitTorrent (1.0.0 to 1.10.6, 30 fields)
bjnp: Canon BJNP (1.2.0 to 1.10.6, 7 fields)
bmc: Broadcast/Multicast Control (1.6.0 to 1.10.6, 15 fields)
bofl: Wellfleet Breath of Life (1.0.0 to 1.10.6, 2 fields)
bootp: Bootstrap Protocol (1.0.0 to 1.10.6, 299 fields)
bootparams: Boot Parameters (1.0.0 to 1.10.6, 8 fields)
bossvr: DCE DFS Basic Overseer Server (1.0.0 to 1.10.6, 1 field)
bpq: Amateur Radio BPQ (1.10.0 to 1.10.6, 1 field)
brdwlk: Boardwalk (1.0.0 to 1.10.6, 15 fields)
browser: Microsoft Windows Browser Protocol (1.0.0 to 1.10.6, 62 fields)
brp: BRP Protocol (1.8.0 to 1.10.6, 13 fields)
bssap: BSSAP/BSAP (1.0.0 to 1.10.6, 66 fields)
bssgp: Base Station Subsystem GPRS Protocol (1.0.0 to 1.10.6, 109 fields)
bsslap: BSS LCS Assistance Protocol (1.2.0 to 1.10.6, 11 fields)
bt-dht: BitTorrent DHT Protocol (1.8.0 to 1.10.6, 14 fields)
bt-utp: uTorrent Transport Protocol (1.6.0 to 1.10.6, 16 fields)
btamp: Bluetooth AMP Packet (1.4.0 to 1.10.6, 26 fields)
btatt: Bluetooth Attribute Protocol (1.10.0 to 1.10.6, 19 fields)
btavctp: Bluetooth AVCTP Protocol (1.10.0 to 1.10.6, 7 fields)
btavdtp: Bluetooth AVDTP Protocol (1.10.0 to 1.10.6, 114 fields)
btavrcp: Bluetooth AVRCP Profile (1.10.0 to 1.10.6, 139 fields)
btbnep: Bluetooth BNEP Protocol (1.10.0 to 1.10.6, 23 fields)
btdun: Bluetooth DUN Packet (1.6.0 to 1.10.6, 1 field)
btgnss: Bluetooth GNSS Profile (1.10.0 to 1.10.6, 1 field)
bthci_acl: Bluetooth HCI ACL Packet (1.0.0 to 1.10.6, 14 fields)
bthci_cmd: Bluetooth HCI Command (1.0.0 to 1.10.6, 275 fields)
bthci_evt: Bluetooth HCI Event (1.0.0 to 1.10.6, 234 fields)
bthci_sco: Bluetooth HCI SCO Packet (1.0.0 to 1.10.6, 6 fields)
bthcrp: Bluetooth HCRP Profile (1.10.0 to 1.10.6, 24 fields)
bthf: Bluetooth Handsfree Packet (1.6.0 to 1.8.13, 2 fields)
bthfp: Bluetooth Handsfree Profile (1.10.0 to 1.10.6, 1 field)
bthid: Bluetooth HID Profile (1.10.0 to 1.10.6, 48 fields)
btl2cap: Bluetooth L2CAP Protocol (1.0.0 to 1.10.6, 81 fields)
btmcap: Bluetooth MCAP Protocol (1.10.0 to 1.10.6, 16 fields)
btobex: Bluetooth OBEX Protocol (1.4.0 to 1.10.6, 133 fields)
btrfcomm: Bluetooth RFCOMM Protocol (1.0.0 to 1.10.6, 30 fields)
btsap: Bluetooth SAP Profile (1.10.0 to 1.10.6, 20 fields)
btsdp: Bluetooth SDP Protocol (1.0.0 to 1.10.6, 204 fields)
btsmp: Bluetooth Security Manager Protocol (1.10.0 to 1.10.6, 16 fields)
btspp: Bluetooth SPP Packet (1.6.0 to 1.10.6, 1 field)
budb: DCE/DFS BUDB (1.0.0 to 1.10.6, 214 fields)
bundle: Bundle Protocol (1.4.0 to 1.10.6, 100 fields)
butc: DCE/RPC BUTC (1.0.0 to 1.10.6, 122 fields)
bvlc: BACnet Virtual Link Control (1.0.0 to 1.10.6, 14 fields)
bzr: Bazaar Smart Protocol (1.8.0 to 1.10.6, 9 fields)

C

c1222: ANSI C12.22 (1.8.0 to 1.10.6, 59 fields)
calcappprotocol: Calculation Application Protocol (1.0.0 to 1.10.6, 6 fields)
camel: Camel (1.0.0 to 1.10.6, 489 fields)
can: Controller Area Network (1.4.0 to 1.10.6, 5 fields)
canopen: CANopen (1.8.0 to 1.10.6, 17 fields)
capwap: Control And Provisioning of Wireless Access Points (1.4.0 to 1.10.6, 160 fields)
cast: Cast Client Control Protocol (1.0.0 to 1.10.6, 100 fields)
cba_acco_cb: ICBAAccoCallback (1.0.0 to 1.10.6, 14 fields)
cba_acco_mgt: ICBAAccoMgt (1.0.0 to 1.10.6, 44 fields)
cba_acco_server: ICBAAccoServer (1.0.0 to 1.10.6, 14 fields)
cba_browse: ICBABrowse (1.0.0 to 1.10.6, 20 fields)
cba_pdev: ICBAPhysicalDevice (1.0.0 to 1.10.6, 17 fields)
ccp: PPP Compression Control Protocol (1.0.0 to 1.10.6, 34 fields)
ccsds: CCSDS (1.0.0 to 1.10.6, 28 fields)
ccsrl: H.324/CCSRL (1.0.0 to 1.10.6, 1 field)
cdp: Cisco Discovery Protocol (1.0.0 to 1.10.6, 23 fields)
cds_clerkserver: CDS Clerk Server Calls (1.0.0 to 1.10.6, 1 field)
cds_solicit: DCE/RPC CDS Solicitation (1.0.0 to 1.10.6, 1 field)
cdt: Compressed Data Type (1.0.0 to 1.10.6, 9 fields)
cflow: Cisco NetFlow/IPFIX (1.0.0 to 1.10.6, 466 fields)
cfm: CFM EOAM 802.1ag/ITU Protocol (1.0.0 to 1.10.6, 128 fields)
cfp: Cisco FabricPath (1.8.0 to 1.10.6, 11 fields)
cgmp: Cisco Group Management Protocol (1.0.0 to 1.10.6, 5 fields)
chap: PPP Challenge Handshake Authentication Protocol (1.0.0 to 1.10.6, 8 fields)
chargingase: Charging ASE (1.2.0 to 1.10.6, 58 fields)
chdlc: Cisco HDLC (1.0.0 to 1.10.6, 2 fields)
cigi: Common Image Generator Interface (1.0.0 to 1.10.6, 825 fields)
cimd: Computer Interface to Message Distribution (1.0.0 to 1.10.6, 48 fields)
cimetrics: Cimetrics MS/TP (1.2.0 to 1.10.6, 4 fields)
cip: Common Industrial Protocol (1.0.0 to 1.10.6, 228 fields)
cipcco: CIP Connection Configuration Object (1.4.0 to 1.10.6, 47 fields)
cipcm: CIP Connection Manager (1.4.0 to 1.10.6, 55 fields)
cipm: Common Industrial Protocol, Motion (1.8.0 to 1.10.6, 187 fields)
cipmb: CIP Modbus Object (1.8.0 to 1.10.6, 22 fields)
cipsafety: Common Industrial Protocol, Safety (1.8.0 to 1.10.6, 43 fields)
cipssupervisor: CIP Safety Supervisor (1.8.0 to 1.10.6, 114 fields)
cipsvalidator: CIP Safety Validator (1.8.0 to 1.10.6, 23 fields)
classicstun: Simple Traversal of UDP Through NAT (1.4.0 to 1.10.6, 29 fields)
clearcase: Clearcase NFS (1.0.0 to 1.10.6, 1 field)
clique-rm: Clique Reliable Multicast Protocol (1.10.0 to 1.10.6, 22 fields)
clnp: ISO 8473/X.233 CLNP ConnectionLess Network Protocol (1.0.0 to 1.10.6, 27 fields)
cltp: ISO 8602/X.234 CLTP ConnectionLess Transport Protocol (1.0.0 to 1.10.6, 2 fields)
cmctrl_tlv: DOCSIS CM-CTRL TLV's (1.6.0 to 1.10.6, 11 fields)
cmip: X711 CMIP (1.0.0 to 1.10.6, 261 fields)
cmp: Certificate Management Protocol (1.0.0 to 1.10.6, 176 fields)
cmpp: China Mobile Point to Point Protocol (1.0.0 to 1.10.6, 47 fields)
cms: Cryptographic Message Syntax (1.0.0 to 1.10.6, 123 fields)
cnip: Component Network over IP (1.8.0 to 1.10.6, 11 fields)
coap: Constrained Application Protocol (1.6.0 to 1.10.6, 33 fields)
collectd: collectd network data (1.4.0 to 1.10.6, 24 fields)
componentstatusprotocol: Component Status Protocol (1.0.0 to 1.10.6, 18 fields)
conv: DCE/RPC Conversation Manager (1.0.0 to 1.10.6, 9 fields)
cops: Common Open Policy Service (1.0.0 to 1.10.6, 182 fields)
cosine: CoSine IPNOS L2 debug output (1.0.0 to 1.10.6, 5 fields)
cotp: ISO 8073/X.224 COTP Connection-Oriented Transport Protocol (1.0.0 to 1.10.6, 24 fields)
cpfi: Cross Point Frame Injector (1.0.0 to 1.10.6, 21 fields)
cpha: Check Point High Availability Protocol (1.0.0 to 1.10.6, 33 fields)
cprpc_server: DNS Control Program Server (1.0.0 to 1.10.6, 1 field)
credssp: Credential Security Support Provider (1.8.0 to 1.10.6, 24 fields)
crmf: Certificate Request Message Format (1.0.0 to 1.10.6, 81 fields)
crtp: CRTP (1.0.0 to 1.10.6, 8 fields)
csm_encaps: CSM_ENCAPS (1.0.0 to 1.10.6, 54 fields)
ctdb: Cluster TDB (1.0.0 to 1.10.6, 38 fields)
cups: Common Unix Printing System (CUPS) Browsing Protocol (1.0.0 to 1.10.6, 20 fields)
cwids: Cisco Wireless IDS Captures (1.0.0 to 1.10.6, 7 fields)

D

daap: Digital Audio Access Protocol (1.0.0 to 1.10.6, 2 fields)
dap: X.519 Directory Access Protocol (1.0.0 to 1.10.6, 356 fields)
data: Data (1.0.0 to 1.10.6, 4 fields)
daytime: Daytime Protocol (1.0.0 to 1.10.6, 1 field)
db-lsp: Dropbox LAN sync Protocol (1.4.0 to 1.10.6, 7 fields)
dbus: D-Bus (1.10.0 to 1.10.6, 17 fields)
dc: Dublin Core Metadata (DC) (1.0.0 to 1.10.6, 16 fields)
dcc: Distributed Checksum Clearinghouse protocol (1.0.0 to 1.10.6, 28 fields)
dccp: Datagram Congestion Control Protocol (1.0.0 to 1.10.6, 29 fields)
dce_update: DCE/RPC UpServer (1.0.0 to 1.10.6, 1 field)
dcerpc: Distributed Computing Environment / Remote Procedure Call (DCE/RPC) (1.0.0 to 1.10.6, 187 fields)
dcm: DICOM (1.0.0 to 1.0.16, 16 fields)
dcom: DCOM (1.0.0 to 1.10.6, 89 fields)
dcp-af: DCP Application Framing Layer (1.0.0 to 1.10.6, 8 fields)
dcp-etsi: ETSI Distribution & Communication Protocol (for DRM) (1.0.0 to 1.10.6, 1 field)
dcp-pft: DCP Protection, Fragmentation & Transport Layer (1.0.0 to 1.10.6, 28 fields)
dcp-tpl: DCP Tag Packet Layer (1.0.0 to 1.10.6, 2 fields)
dct2000: Catapult DCT2000 packet (1.0.0 to 1.10.6, 68 fields)
ddp: Datagram Delivery Protocol (1.0.0 to 1.10.6, 12 fields)
ddtp: Dynamic DNS Tools Protocol (1.0.0 to 1.10.6, 7 fields)
dec_dna: DEC DNA Routing Protocol (1.0.0 to 1.10.6, 58 fields)
dec_stp: DEC Spanning Tree Protocol (1.0.0 to 1.10.6, 17 fields)
dect: DECT Protocol (1.2.0 to 1.10.6, 126 fields)
dhcpfo: DHCP Failover (1.0.0 to 1.10.6, 37 fields)
dhcpv6: DHCPv6 (1.0.0 to 1.10.6, 125 fields)
dhcpv6.bulk_leasequery: DHCPv6 Bulk Leasequery (1.10.0 to 1.10.6, 4 fields)
diameter: Diameter Protocol (1.0.0 to 1.10.6, 1606 fields)
diameter.3gpp: Diameter 3GPP (1.10.0 to 1.10.6, 67 fields)
diameter3gpp: Diameter 3GPP (1.0.0 to 1.8.13, 63 fields)
dicom: DICOM (1.2.0 to 1.10.6, 61 fields)
dis: Distributed Interactive Simulation (1.0.0 to 1.10.6, 67 fields)
disp: X.519 Directory Information Shadowing Protocol (1.0.0 to 1.10.6, 109 fields)
dispatch: DCOM IDispatch (1.0.0 to 1.10.6, 64 fields)
distcc: Distcc Distributed Compiler (1.0.0 to 1.10.6, 8 fields)
dlm3: Distributed Lock Manager (1.0.0 to 1.10.6, 127 fields)
dlr: Device Level Ring (1.4.0 to 1.10.6, 32 fields)
dlsw: Data Link SWitching (1.0.0 to 1.10.6, 4 fields)
dmp: Direct Message Profile (1.0.0 to 1.10.6, 172 fields)
dmx: DMX (1.8.0 to 1.10.6, 2 fields)
dmx-chan: DMX Channels (1.8.0 to 1.10.6, 2 fields)
dmx-sip: DMX SIP (1.8.0 to 1.10.6, 19 fields)
dmx-test: DMX Test Frame (1.8.0 to 1.10.6, 3 fields)
dmx-text: DMX Text Frame (1.8.0 to 1.10.6, 3 fields)
dnp3: Distributed Network Protocol 3.0 (1.0.0 to 1.10.6, 131 fields)
dns: Domain Name Service (1.0.0 to 1.10.6, 133 fields)
dnsserver: DNS Server (1.0.0 to 1.10.6, 141 fields)
docsis: DOCSIS 1.1 (1.0.0 to 1.10.6, 24 fields)
docsis_bintrngreq: DOCSIS Bonded Initial Ranging Message (1.4.0 to 1.10.6, 6 fields)
docsis_bpkmattr: DOCSIS Baseline Privacy Key Management Attributes (1.0.0 to 1.10.6, 28 fields)
docsis_bpkmreq: DOCSIS Baseline Privacy Key Management Request (1.0.0 to 1.10.6, 3 fields)
docsis_bpkmrsp: DOCSIS Baseline Privacy Key Management Response (1.0.0 to 1.10.6, 3 fields)
docsis_cmctrlreq: DOCSIS CM Control Request (1.6.0 to 1.10.6, 1 field)
docsis_cmctrlrsp: DOCSIS CM Control Response (1.6.0 to 1.10.6, 1 field)
docsis_cmstatus: DOCSIS CM-STATUS Report (1.6.0 to 1.10.6, 15 fields)
docsis_dbcack: DOCSIS Dynamic Bonding Change Acknowledge (1.6.0 to 1.10.6, 1 field)
docsis_dbcreq: DOCSIS Dynamic Bonding Change Request (1.6.0 to 1.10.6, 3 fields)
docsis_dbcrsp: DOCSIS Dynamic Bonding Change Response (1.6.0 to 1.10.6, 2 fields)
docsis_dccack: DOCSIS Downstream Channel Change Acknowledge (1.0.0 to 1.10.6, 3 fields)
docsis_dccreq: DOCSIS Downstream Channel Change Request (1.0.0 to 1.10.6, 21 fields)
docsis_dccrsp: DOCSIS Downstream Channel Change Response (1.0.0 to 1.10.6, 6 fields)
docsis_dcd: DOCSIS Downstream Channel Descriptor (1.0.0 to 1.10.6, 29 fields)
docsis_dpvreq: DOCSIS Path Verify Request (1.6.0 to 1.10.6, 9 fields)
docsis_dpvrsp: DOCSIS Path Verify Response (1.6.0 to 1.10.6, 9 fields)
docsis_dsaack: DOCSIS Dynamic Service Addition Acknowledge (1.0.0 to 1.10.6, 2 fields)
docsis_dsareq: DOCSIS Dynamic Service Addition Request (1.0.0 to 1.10.6, 1 field)
docsis_dsarsp: DOCSIS Dynamic Service Addition Response (1.0.0 to 1.10.6, 2 fields)
docsis_dscack: DOCSIS Dynamic Service Change Acknowledgement (1.0.0 to 1.10.6, 2 fields)
docsis_dscreq: DOCSIS Dynamic Service Change Request (1.0.0 to 1.10.6, 1 field)
docsis_dscrsp: DOCSIS Dynamic Service Change Response (1.0.0 to 1.10.6, 2 fields)
docsis_dsdreq: DOCSIS Dynamic Service Delete Request (1.0.0 to 1.10.6, 3 fields)
docsis_dsdrsp: DOCSIS Dynamic Service Delete Response (1.0.0 to 1.10.6, 3 fields)
docsis_intrngreq: DOCSIS Initial Ranging Message (1.0.0 to 1.10.6, 3 fields)
docsis_map: DOCSIS Upstream Bandwidth Allocation (1.0.0 to 1.10.6, 14 fields)
docsis_mdd: DOCSIS Mac Domain Description (1.2.0 to 1.10.6, 37 fields)
docsis_mgmt: DOCSIS Mac Management (1.0.0 to 1.10.6, 9 fields)
docsis_regack: DOCSIS Registration Acknowledge (1.0.0 to 1.10.6, 2 fields)
docsis_regreq: DOCSIS Registration Requests (1.0.0 to 1.10.6, 1 field)
docsis_regreqmp: DOCSIS Registration Request Multipart (1.2.0 to 1.10.6, 3 fields)
docsis_regrsp: DOCSIS Registration Responses (1.0.0 to 1.10.6, 2 fields)
docsis_regrspmp: DOCSIS Registration Response Multipart (1.2.0 to 1.10.6, 4 fields)
docsis_rngreq: DOCSIS Range Request Message (1.0.0 to 1.10.6, 3 fields)
docsis_rngrsp: DOCSIS Ranging Response (1.0.0 to 1.10.6, 9 fields)
docsis_sync: DOCSIS Synchronisation Message (1.2.0 to 1.10.6, 1 field)
docsis_tlv: DOCSIS Appendix C TLV's (1.0.0 to 1.10.6, 297 fields)
docsis_type29ucd: DOCSIS Upstream Channel Descriptor Type 29 (1.0.0 to 1.10.6, 37 fields)
docsis_uccreq: DOCSIS Upstream Channel Change Request (1.0.0 to 1.10.6, 1 field)
docsis_uccrsp: DOCSIS Upstream Channel Change Response (1.0.0 to 1.10.6, 1 field)
docsis_ucd: DOCSIS Upstream Channel Descriptor (1.0.0 to 1.10.6, 28 fields)
docsis_vsif: DOCSIS Vendor Specific Encodings (1.0.0 to 1.10.6, 7 fields)
dop: X.501 Directory Operational Binding Management Protocol (1.0.0 to 1.10.6, 185 fields)
dplay: DirectPlay Protocol (1.0.0 to 1.10.6, 164 fields)
dpnss: Digital Private Signalling System No 1 (1.0.0 to 1.10.6, 25 fields)
dpnss_link: Digital Private Signalling System No 1 Link Layer (1.2.0 to 1.10.6, 8 fields)
drda: DRDA (1.0.0 to 1.10.6, 17 fields)
drsuapi: DRSUAPI (1.0.0 to 1.10.6, 415 fields)
dsi: Data Stream Interface (1.0.0 to 1.10.6, 45 fields)
dsp: X.519 Directory System Protocol (1.0.0 to 1.10.6, 139 fields)
dssetup: Active Directory Setup (1.0.0 to 1.10.6, 20 fields)
dtcp-ip: Digital Transmission Content Protection over IP (1.10.0 to 1.10.6, 15 fields)
dtls: Datagram Transport Layer Security (1.0.0 to 1.10.6, 69 fields)
dtp: Dynamic Trunking Protocol (1.0.0 to 1.10.6, 4 fields)
dtpt: DeskTop PassThrough Protocol (1.0.0 to 1.10.6, 73 fields)
dtsprovider: DCE Distributed Time Service Provider (1.0.0 to 1.10.6, 2 fields)
dtsstime_req: DCE Distributed Time Service Local Server (1.0.0 to 1.10.6, 1 field)
dua: DPNSS/DASS2-User Adaptation Layer (1.0.0 to 1.10.6, 30 fields)
dvb-ci: DVB Common Interface (1.6.0 to 1.10.6, 251 fields)
dvb-s2_bb: DVB-S2 Baseband Frame (1.10.0 to 1.10.6, 13 fields)
dvb-s2_gse: DVB-S2 GSE Packet (1.10.0 to 1.10.6, 12 fields)
dvb-s2_modeadapt: DVB-S2 Modeadaption Header (1.10.0 to 1.10.6, 7 fields)
dvb_ait: DVB Application Information Table (1.8.0 to 1.10.6, 27 fields)
dvb_bat: DVB Bouquet Association Table (1.8.0 to 1.10.6, 15 fields)
dvb_data_mpe: DVB-DATA MultiProtocol Encapsulation (1.8.0 to 1.10.6, 8 fields)
dvb_eit: DVB Event Information Table (1.8.0 to 1.10.6, 16 fields)
dvb_ipdc: ETSI IPDC Bootstrap (1.8.0 to 1.10.6, 1 field)
dvb_nit: DVB Network Information Table (1.8.0 to 1.10.6, 14 fields)
dvb_sdt: DVB Service Description Table (1.8.0 to 1.10.6, 15 fields)
dvb_tdt: DVB Time and Date Table (1.8.0 to 1.10.6, 1 field)
dvb_tot: DVB Time Offset Table (1.8.0 to 1.10.6, 3 fields)
dvmrp: Distance Vector Multicast Routing Protocol (1.0.0 to 1.10.6, 42 fields)
dx: DX cluster (1.10.0 to 1.10.6, 1 field)

E

e.212: ITU-T E.212 number (1.0.0 to 1.0.16, 3 fields)
e100: E100 Encapsulation (1.2.0 to 1.10.6, 8 fields)
e164: ITU-T E.164 number (1.0.0 to 1.10.6, 2 fields)
e212: ITU-T E.212 number (1.2.0 to 1.10.6, 3 fields)
eap: Extensible Authentication Protocol (1.0.0 to 1.10.6, 68 fields)
eapol: 802.1X Authentication (1.0.0 to 1.10.6, 36 fields)
ecat: EtherCAT datagram(s) (1.0.0 to 1.10.6, 180 fields)
ecat_mailbox: EtherCAT Mailbox Protocol (1.0.0 to 1.10.6, 143 fields)
echo: Echo (1.0.0 to 1.10.6, 3 fields)
ecp: ECP Protocol (1.8.0 to 1.10.6, 13 fields)
edonkey: eDonkey Protocol (1.0.0 to 1.10.6, 73 fields)
edp: Extreme Discovery Protocol (1.0.0 to 1.10.6, 83 fields)
efs: EFS (pidl) (1.0.0 to 1.10.6, 32 fields)
egd: Ethernet Global Data (1.2.0 to 1.10.6, 10 fields)
ehdlc: Ericsson HDLC (1.8.0 to 1.10.6, 14 fields)
ehs: EHS (1.2.0 to 1.10.6, 142 fields)
eigrp: Enhanced Interior Gateway Routing Protocol (1.0.0 to 1.10.6, 223 fields)
eiss: ETV-AM EISS Section (1.8.0 to 1.10.6, 34 fields)
elcom: ELCOM Communication Protocol (1.8.0 to 1.10.6, 33 fields)
enc: OpenBSD Encapsulating device (1.0.0 to 1.10.6, 3 fields)
enip: EtherNet/IP (Industrial Protocol) (1.0.0 to 1.10.6, 173 fields)
enrp: Endpoint Handlespace Redundancy Protocol (1.0.0 to 1.10.6, 50 fields)
enttec: ENTTEC (1.0.0 to 1.10.6, 17 fields)
epl: Ethernet POWERLINK (1.0.0 to 1.10.6, 121 fields)
epl_v1: ETHERNET Powerlink V1.0 (1.0.0 to 1.10.6, 33 fields)
epm: DCE/RPC Endpoint Mapper (1.0.0 to 1.10.6, 30 fields)
epmd: Erlang Port Mapper Daemon (1.0.0 to 1.10.6, 15 fields)
erf: Extensible Record Format (1.0.0 to 1.10.6, 122 fields)
erldp: Erlang Distribution Protocol (1.6.0 to 1.10.6, 12 fields)
erspan: Encapsulated Remote Switch Packet ANalysis (1.0.0 to 1.10.6, 15 fields)
esio: SAIA Ether-S-I/O protocol (1.6.0 to 1.10.6, 18 fields)
esis: ISO 9542 ESIS Routeing Information Exchange Protocol (1.0.0 to 1.10.6, 7 fields)
esl: EtherCAT Switch Link (1.4.0 to 1.10.6, 4 fields)
esp: Encapsulating Security Payload (1.0.0 to 1.10.6, 7 fields)
ess: Extended Security Services (1.0.0 to 1.10.6, 73 fields)
etch: Apache Etch Protocol (1.6.0 to 1.10.6, 20 fields)
eth: Ethernet (1.0.0 to 1.10.6, 17 fields)
ethercat: EtherCAT frame header (1.0.0 to 1.10.6, 3 fields)
etheric: Etheric (1.0.0 to 1.2.18, 27 fields)
etherip: Ethernet over IP (1.0.0 to 1.10.6, 2 fields)
etsi_cat: Card Application Tookit ETSI TS 102.223 (1.8.0 to 1.10.6, 100 fields)
etv-ddb: ETV-AM DDB Section (1.8.0 to 1.10.6, 2 fields)
etv-dii: ETV-AM DII Section (1.8.0 to 1.10.6, 2 fields)
eventlog: Event Logger (1.0.0 to 1.10.6, 96 fields)
evrc: Enhanced Variable Rate Codec (1.2.0 to 1.10.6, 16 fields)
exec: Remote Process Execution (1.0.0 to 1.10.6, 4 fields)
expert: Expert Info (1.2.0 to 1.10.6, 3 fields)

F

fc: Fibre Channel (1.0.0 to 1.10.6, 49 fields)
fcct: Fibre Channel Common Transport (1.0.0 to 1.10.6, 11 fields)
fcdns: Fibre Channel Name Server (1.0.0 to 1.10.6, 62 fields)
fcels: FC Extended Link Svc (1.0.0 to 1.10.6, 130 fields)
fcfzs: Fibre Channel Fabric Zone Server (1.0.0 to 1.10.6, 27 fields)
fcgi: FastCGI (1.6.0 to 1.10.6, 12 fields)
fcip: FCIP (1.0.0 to 1.10.6, 26 fields)
fcoe: Fibre Channel over Ethernet (1.0.0 to 1.10.6, 7 fields)
fcoib: Fibre Channel over Infiniband (1.6.0 to 1.10.6, 7 fields)
fcp: Fibre Channel Protocol for SCSI (1.0.0 to 1.10.6, 43 fields)
fcs: FC Fabric Configuration Server (1.0.0 to 1.10.6, 31 fields)
fcsb3: Fibre Channel Single Byte Command (1.10.0 to 1.10.6, 68 fields)
fcsof: Fibre Channel Delimiters (1.4.0 to 1.10.6, 3 fields)
fcsp: Fibre Channel Security Protocol (1.0.0 to 1.10.6, 30 fields)
fddi: Fiber Distributed Data Interface (1.0.0 to 1.10.6, 8 fields)
fdp: Foundry Discovery Protocol (1.10.0 to 1.10.6, 20 fields)
fefd: Far End Failure Detection (1.2.0 to 1.10.6, 8 fields)
felica: Sony FeliCa (1.8.0 to 1.10.6, 14 fields)
ff: FOUNDATION Fieldbus (1.0.0 to 1.10.6, 672 fields)
fileexp: DCE DFS File Exporter (1.0.0 to 1.10.6, 160 fields)
fip: FCoE Initialization Protocol (1.2.0 to 1.10.6, 41 fields)
fix: Financial Information eXchange Protocol (1.0.0 to 1.10.6, 1634 fields)
fldb: DCE DFS Fileset Location Server (1.0.0 to 1.10.6, 123 fields)
flexnet: FlexNet (1.10.0 to 1.10.6, 3 fields)
flip: NSN FLIP (1.4.0 to 1.10.6, 9 fields)
fmp: File Mapping Protocol (1.0.0 to 1.10.6, 57 fields)
fmp_notify: File Mapping Protocol Nofity (1.0.0 to 1.10.6, 18 fields)
fmtp: Flight Message Transfer Protocol (FMTP) (1.8.0 to 1.10.6, 4 fields)
forces: Forwarding and Control Element Separation Protocol (1.10.0 to 1.10.6, 38 fields)
fp: FP (1.0.0 to 1.10.6, 135 fields)
fp_hint: FP Hint (1.4.0 to 1.10.6, 22 fields)
fr: Frame Relay (1.0.0 to 1.10.6, 26 fields)
fractalgeneratorprotocol: Fractal Generator Protocol (1.0.0 to 1.10.6, 16 fields)
frame: Frame (1.0.0 to 1.10.6, 40 fields)
frsapi: Microsoft File Replication Service API (1.0.0 to 1.10.6, 1 field)
frsrpc: File Replication Service (1.0.0 to 1.10.6, 181 fields)
frstrans: File Replication Service DFS-R (1.4.0 to 1.10.6, 98 fields)
ftam: ISO 8571 FTAM (1.0.0 to 1.10.6, 378 fields)
ftp: File Transfer Protocol (FTP) (1.0.0 to 1.10.6, 19 fields)
ftserver: FTServer Operations (1.0.0 to 1.10.6, 1 field)
fw1: Checkpoint FW-1 (1.0.0 to 1.10.6, 6 fields)

G

g723: G.723 (1.0.0 to 1.10.6, 2 fields)
gadu-gadu: Gadu-Gadu Protocol (1.8.0 to 1.10.6, 58 fields)
gdsdb: Firebird SQL Database Remote Protocol (1.0.0 to 1.10.6, 102 fields)
gearman: Gearman Protocol (1.10.0 to 1.10.6, 25 fields)
ged125: Cisco GED-125 Protocol (1.10.0 to 1.10.6, 80 fields)
gift: giFT Internet File Transfer (1.0.0 to 1.10.6, 2 fields)
giop: General Inter-ORB Protocol (1.0.0 to 1.10.6, 80 fields)
giop-coseventcomm: Coseventcomm Dissector Using GIOP API (1.0.0 to 1.10.6, 3 fields)
giop-cosnaming: Cosnaming Dissector Using GIOP API (1.0.0 to 1.10.6, 22 fields)
giop-parlay: Parlay Dissector Using GIOP API (1.0.0 to 1.10.6, 2375 fields)
giop-tango: Tango Dissector Using GIOP API (1.0.0 to 1.10.6, 168 fields)
git: Git Smart Protocol (1.4.0 to 1.10.6, 3 fields)
glbp: Gateway Load Balancing Protocol (1.4.0 to 1.10.6, 38 fields)
gluster.cli: Gluster CLI (1.8.0 to 1.10.6, 11 fields)
gluster.dump: Gluster Dump (1.8.0 to 1.10.6, 5 fields)
gluster.pmap: Gluster Portmap (1.8.0 to 1.10.6, 4 fields)
glusterd: Gluster Daemon (1.8.0 to 1.10.6, 12 fields)
glusterfs: GlusterFS (1.8.0 to 1.10.6, 125 fields)
glusterfs.cbk: GlusterFS Callback (1.8.0 to 1.10.6, 1 field)
glusterfs.hndsk: GlusterFS Handshake (1.8.0 to 1.10.6, 8 fields)
gmhdr: Gigamon Header (1.4.0 to 1.10.6, 18 fields)
gmr1.bcch: GEO-Mobile Radio (1) BCCH (1.10.0 to 1.10.6, 66 fields)
gmr1.common: GEO-Mobile Radio (1) Common (1.10.0 to 1.10.6, 18 fields)
gmr1.rach: GEO-Mobile Radio (1) RACH (1.10.0 to 1.10.6, 29 fields)
gmr1.rr: GEO-Mobile Radio (1) RR (1.10.0 to 1.10.6, 99 fields)
gmr1_bcch: GEO-Mobile Radio (1) BCCH (1.8.0 to 1.8.13, 66 fields)
gmr1_ccch: GEO-Mobile Radio (1) CCCH (1.8.0 to 1.8.13, 99 fields)
gmr1_common: GEO-Mobile Radio (1) Common (1.8.0 to 1.8.13, 18 fields)
gmrp: GARP Multicast Registration Protocol (1.0.0 to 1.10.6, 6 fields)
gmtrailer: Gigamon Trailer (1.10.0 to 1.10.6, 3 fields)
gnm: ITU M.3100 Generic Network Information Model (1.0.0 to 1.10.6, 180 fields)
gnutella: Gnutella Protocol (1.0.0 to 1.10.6, 32 fields)
goose: GOOSE (1.2.0 to 1.10.6, 56 fields)
gopher: Gopher (1.6.0 to 1.10.6, 8 fields)
gpef: GPEF (1.2.0 to 1.10.6, 8 fields)
gprs-ns: GPRS Network Service (1.4.0 to 1.10.6, 26 fields)
gprs_ns: GPRS Network service (1.0.0 to 1.2.18, 8 fields)
gprscdr: GPRS CDR (1.6.0 to 1.10.6, 256 fields)
gre: Generic Routing Encapsulation (1.0.0 to 1.10.6, 37 fields)
gryphon: DG Gryphon Protocol (1.0.0 to 1.10.6, 175 fields)
gsm-sms-ud: GSM Short Message Service User Data (1.0.0 to 1.8.13, 19 fields)
gsm_a: GSM A-I/F COMMON (1.10.0 to 1.10.6, 164 fields)
gsm_a.bssmap: GSM A-I/F BSSMAP (1.10.0 to 1.10.6, 131 fields)
gsm_a.dtap: GSM A-I/F DTAP (1.10.0 to 1.10.6, 94 fields)
gsm_a.gm: GSM A-I/F GPRS Mobility and Session Management (1.10.0 to 1.10.6, 210 fields)
gsm_a.rp: GSM A-I/F RP (1.10.0 to 1.10.6, 2 fields)
gsm_a.rr: GSM A-I/F Radio Resource Management (1.8.5 to 1.10.6, 358 fields)
gsm_a.sacch: GSM SACCH (1.8.5 to 1.10.6, 3 fields)
gsm_a_bssmap: GSM A-I/F BSSMAP (1.0.0 to 1.8.13, 225 fields)
gsm_a_ccch: GSM CCCH (1.0.0 to 1.8.4, 351 fields)
gsm_a_common: GSM A-I/F COMMON (1.2.0 to 1.8.13, 157 fields)
gsm_a_dtap: GSM A-I/F DTAP (1.0.0 to 1.8.13, 87 fields)
gsm_a_gm: GSM A-I/F GPRS Mobility and Session Management (1.2.0 to 1.8.13, 205 fields)
gsm_a_rp: GSM A-I/F RP (1.0.0 to 1.8.13, 3 fields)
gsm_a_sacch: GSM SACCH (1.2.0 to 1.8.4, 4 fields)
gsm_abis_om2000: Ericsson A-bis OML (1.8.0 to 1.10.6, 141 fields)
gsm_abis_oml: GSM A-bis OML (1.8.0 to 1.10.6, 126 fields)
gsm_abis_rsl: Radio Signalling Link (RSL) (1.10.0 to 1.10.6, 85 fields)
gsm_bssmap_le: Lb-I/F BSSMAP LE (1.2.0 to 1.10.6, 43 fields)
gsm_cbch: GSM Cell Broadcast Channel (1.8.0 to 1.10.6, 23 fields)
gsm_cbs: GSM Cell Broadcast Service (1.10.0 to 1.10.6, 19 fields)
gsm_cell_broadcast: GSM Cell Broadcast Service (1.8.0 to 1.8.13, 19 fields)
gsm_ipa: GSM over IP protocol as used by ip.access (1.4.0 to 1.10.6, 10 fields)
gsm_map: GSM Mobile Application (1.0.0 to 1.10.6, 1595 fields)
gsm_rlcmac: Radio Link Control, Medium Access Control, 3GPP TS44.060 (1.6.0 to 1.10.6, 1674 fields)
gsm_sim: GSM SIM 11.11 (1.8.0 to 1.10.6, 345 fields)
gsm_sms: GSM SMS TPDU (GSM 03.40) (1.0.0 to 1.10.6, 44 fields)
gsm_sms_ud: GSM Short Message Service User Data (1.10.0 to 1.10.6, 17 fields)
gsm_um: GSM Um Interface (1.2.0 to 1.10.6, 8 fields)
gsmtap: GSM Radiotap (1.4.0 to 1.10.6, 18 fields)
gss-api: GSS-API Generic Security Service Application Program Interface (1.0.0 to 1.10.6, 11 fields)
gtp: GPRS Tunneling Protocol (1.0.0 to 1.10.6, 200 fields)
gtpv2: GPRS Tunneling Protocol V2 (1.2.0 to 1.10.6, 324 fields)
gvcp: GigE Vision Control Protocol (1.4.0 to 1.10.6, 17 fields)
gvrp: GARP VLAN Registration Protocol (1.0.0 to 1.10.6, 5 fields)

H

h1: Sinec H1 Protocol (1.0.0 to 1.10.6, 16 fields)
h223: ITU-T Recommendation H.223 (1.0.0 to 1.10.6, 41 fields)
h225: H323-MESSAGES (1.0.0 to 1.10.6, 721 fields)
h235: H235-SECURITY-MESSAGES (1.0.0 to 1.10.6, 108 fields)
h245: MULTIMEDIA-SYSTEM-CONTROL (1.0.0 to 1.10.6, 1234 fields)
h248: H.248 MEGACO (1.0.0 to 1.10.6, 315 fields)
h248.2: H.248.2 (1.10.0 to 1.10.6, 2 fields)
h248.3gpp: H.248 3GPP (1.10.0 to 1.10.6, 24 fields)
h248.an: H.248.7 (1.10.0 to 1.10.6, 13 fields)
h248.chp: H.248.10 (1.10.0 to 1.10.6, 2 fields)
h2483gpp: H.248 3GPP (1.0.0 to 1.8.13, 24 fields)
h248_2: H.248.2 (1.8.0 to 1.8.13, 2 fields)
h248an: H.248.7 (1.0.0 to 1.8.13, 13 fields)
h248c: H.248 Annex C (1.0.0 to 1.10.6, 123 fields)
h248chp: H.248.10 (1.0.0 to 1.8.13, 2 fields)
h248e: H.248 Annex E (1.0.0 to 1.10.6, 79 fields)
h248q1950: H.248 Q.1950 Annex A (1.0.0 to 1.10.6, 29 fields)
h261: ITU-T Recommendation H.261 (1.0.0 to 1.10.6, 10 fields)
h263: ITU-T Recommendation H.263 (1.0.0 to 1.10.6, 45 fields)
h263p: ITU-T Recommendation H.263 RTP Payload header (RFC4629) (1.0.0 to 1.10.6, 12 fields)
h264: H.264 (1.0.0 to 1.10.6, 128 fields)
h323: H.323 (1.0.0 to 1.10.6, 27 fields)
h450: H.450 Supplementary Services (1.0.0 to 1.10.6, 294 fields)
h450.ros: H.450 Remote Operations Apdus (1.0.0 to 1.10.6, 15 fields)
h460: H.460 Supplementary Services (1.0.0 to 1.10.6, 178 fields)
h501: H.501 Mobility (1.0.0 to 1.10.6, 244 fields)
hart_ip: HART_IP Protocol (1.8.0 to 1.10.6, 101 fields)
hci_h1: Bluetooth HCI H1 (1.0.0 to 1.10.6, 2 fields)
hci_h4: Bluetooth HCI H4 (1.0.0 to 1.10.6, 2 fields)
hci_usb: Bluetooth HCI USB Transport (1.10.0 to 1.10.6, 11 fields)
hclnfsd: Hummingbird NFS Daemon (1.0.0 to 1.10.6, 36 fields)
hdcp: High bandwidth Digital Content Protection (1.8.0 to 1.10.6, 35 fields)
hdcp2: High bandwidth Digital Content Protection version 2 (1.8.0 to 1.10.6, 16 fields)
hdfs: HDFS Protocol (1.8.0 to 1.10.6, 52 fields)
hdfsdata: HDFSDATA Protocol (1.8.0 to 1.10.6, 34 fields)
hi2operations: HI2Operations (1.4.0 to 1.10.6, 299 fields)
hilscher: Hilscher analyzer dissector (1.0.0 to 1.6.16, 3 fields)
hip: Host Identity Protocol (1.4.0 to 1.10.6, 96 fields)
hnbap: UTRAN Iuh interface HNBAP signalling (1.4.0 to 1.10.6, 119 fields)
homeplug: HomePlug protocol (1.0.0 to 1.10.6, 149 fields)
homeplug-av: HomePlug AV protocol (1.8.0 to 1.10.6, 344 fields)
hp_erm: HP encapsulated remote mirroring (1.4.0 to 1.10.6, 7 fields)
hpext: HP Extended Local-Link Control (1.0.0 to 1.10.6, 2 fields)
hpfeeds: HPFEEDS HoneyPot Feeds Protocol (1.10.0 to 1.10.6, 12 fields)
hpsw: HP Switch Protocol (1.0.0 to 1.10.6, 4 fields)
hpteam: HP NIC Teaming Heartbeat (1.4.0 to 1.10.6, 1 field)
hsr: High-availability Seamless Redundancy (IEC62439 Part 3 Chapter 5) (1.8.0 to 1.10.6, 7 fields)
hsr_prp_supervision: HSR/PRP Supervision (IEC62439 Part 3) (1.8.0 to 1.10.6, 10 fields)
hsrp: Cisco Hot Standby Router Protocol (1.0.0 to 1.10.6, 42 fields)
http: Hypertext Transfer Protocol (1.0.0 to 1.10.6, 49 fields)
hyperscsi: HyperSCSI (1.0.0 to 1.10.6, 6 fields)
hzlcst: Hazelcast Wire Protocol (1.8.0 to 1.10.6, 33 fields)

I

i2c: Inter-Integrated Circuit (1.2.0 to 1.10.6, 4 fields)
iap: Information Access Protocol (1.0.0 to 1.10.6, 18 fields)
iapp: Inter-Access-Point Protocol (1.0.0 to 1.10.6, 2 fields)
iax2: Inter-Asterisk eXchange v2 (1.0.0 to 1.10.6, 121 fields)
ib_sdp: Infiniband Sockets Direct Protocol (1.6.0 to 1.8.13, 36 fields)
icap: Internet Content Adaptation Protocol (1.0.0 to 1.10.6, 5 fields)
icep: Internet Communications Engine Protocol (1.0.0 to 1.10.6, 21 fields)
icl_rpc: DCE DFS ICL RPC (1.0.0 to 1.10.6, 1 field)
icmp: Internet Control Message Protocol (1.0.0 to 1.10.6, 64 fields)
icmpv6: Internet Control Message Protocol v6 (1.0.0 to 1.10.6, 368 fields)
icp: Internet Cache Protocol (1.0.0 to 1.10.6, 4 fields)
icq: ICQ Protocol (1.0.0 to 1.10.6, 7 fields)
idmp: X.519 Internet Directly Mapped Protocol (1.6.0 to 1.10.6, 39 fields)
idp: Internetwork Datagram Protocol (1.0.0 to 1.10.6, 12 fields)
ieee1722: IEEE 1722 Protocol (1.4.0 to 1.10.6, 29 fields)
ieee17221: IEEE 1722.1 Protocol (1.8.0 to 1.10.6, 504 fields)
ieee8021ad: IEEE 802.1ad (1.0.0 to 1.10.6, 5 fields)
ieee8021ah: IEEE 802.1ah (1.0.0 to 1.10.6, 11 fields)
ieee802a: IEEE802a OUI Extended Ethertype (1.0.0 to 1.10.6, 3 fields)
ifcp: iFCP (1.0.0 to 1.10.6, 30 fields)
igap: Internet Group membership Authentication Protocol (1.0.0 to 1.10.6, 11 fields)
igmp: Internet Group Management Protocol (1.0.0 to 1.10.6, 41 fields)
igrp: Cisco Interior Gateway Routing Protocol (1.0.0 to 1.10.6, 2 fields)
image-gif: Compuserve GIF (1.0.0 to 1.10.6, 24 fields)
image-jfif: JPEG File Interchange Format (1.0.0 to 1.10.6, 33 fields)
imap: Internet Message Access Protocol (1.0.0 to 1.10.6, 10 fields)
imf: Internet Message Format (1.0.0 to 1.10.6, 83 fields)
inap: Intelligent Network Application Protocol (1.0.0 to 1.10.6, 569 fields)
infiniband: InfiniBand (1.0.0 to 1.10.6, 492 fields)
infiniband_link: InfiniBand Link (1.4.0 to 1.10.6, 5 fields)
infiniband_sdp: Infiniband Sockets Direct Protocol (1.10.0 to 1.10.6, 34 fields)
initshutdown: Init shutdown service (1.0.0 to 1.10.6, 19 fields)
interlink: Interlink Protocol (1.4.0 to 1.6.16, 1.8.3 to 1.10.6, 10 fields)
ioraw: TwinCAT IO-RAW (1.0.0 to 1.10.6, 3 fields)
ip: Internet Protocol Version 4 (1.0.0 to 1.10.6, 109 fields)
ipaccess: GSM over IP ip.access CCM sub-protocol (1.4.0 to 1.10.6, 3 fields)
ipcomp: IP Payload Compression (1.0.0 to 1.10.6, 2 fields)
ipcp: PPP IP Control Protocol (1.0.0 to 1.10.6, 27 fields)
ipdc: IP Device Control (SS7 over IP) (1.0.0 to 1.10.6, 7 fields)
ipfc: IP Over FC (1.0.0 to 1.10.6, 2 fields)
ipmi: Intelligent Platform Management Interface (1.0.0 to 1.10.6, 1314 fields)
ipmi-session: Intelligent Platform Management Interface (Session Wrapper) (1.2.0 to 1.8.13, 11 fields)
ipmi_session: Intelligent Platform Management Interface (Session Wrapper) (1.10.0 to 1.10.6, 11 fields)
ipnet: Solaris IPNET (1.4.0 to 1.10.6, 8 fields)
ipoib: IP over Infiniband (1.8.0 to 1.10.6, 2 fields)
ipp: Internet Printing Protocol (1.0.0 to 1.10.6, 1 field)
ipsictl: IPSICTL (1.2.0 to 1.10.6, 7 fields)
ipv6: Internet Protocol Version 6 (1.0.0 to 1.10.6, 155 fields)
ipvs: IP Virtual Services Sync Daemon (1.0.0 to 1.10.6, 26 fields)
ipx: Internetwork Packet eXchange (1.0.0 to 1.10.6, 16 fields)
ipxmsg: IPX Message (1.0.0 to 1.10.6, 2 fields)
ipxrip: IPX Routing Information Protocol (1.0.0 to 1.10.6, 2 fields)
ipxsap: Service Advertisement Protocol (1.0.0 to 1.10.6, 2 fields)
ipxwan: IPX WAN (1.0.0 to 1.10.6, 24 fields)
irc: Internet Relay Chat (1.0.0 to 1.10.6, 12 fields)
ircomm: IrCOMM Protocol (1.0.0 to 1.10.6, 6 fields)
irlap: IrDA Link Access Protocol (1.0.0 to 1.10.6, 30 fields)
irlmp: IrDA Link Management Protocol (1.0.0 to 1.10.6, 14 fields)
isakmp: Internet Security Association and Key Management Protocol (1.0.0 to 1.10.6, 262 fields)
iscsi: iSCSI (1.0.0 to 1.10.6, 104 fields)
isdn: ISDN (1.0.0 to 1.10.6, 1 field)
isis: ISO 10589 ISIS InTRA Domain Routeing Information Exchange Protocol (1.0.0 to 1.10.6, 49 fields)
isl: Cisco ISL (1.0.0 to 1.10.6, 19 fields)
ismacryp: ISMACryp Protocol (1.2.0 to 1.10.6, 31 fields)
ismp: InterSwitch Message Protocol (1.0.0 to 1.10.6, 58 fields)
isns: iSNS (1.0.0 to 1.10.6, 103 fields)
iso7816: ISO/IEC 7816 (1.8.0 to 1.10.6, 30 fields)
isup: ISDN User Part (1.0.0 to 1.10.6, 269 fields)
isup_thin: ISUP Thin Protocol (1.0.0 to 1.2.18, 15 fields)
isystemactivator: ISystemActivator ISystemActivator Resolver (1.0.0 to 1.10.6, 61 fields)
itdm: Internal TDM (1.2.0 to 1.10.6, 23 fields)
itunes: iTunes podCast rss elements (1.0.0 to 1.10.6, 10 fields)
iua: ISDN Q.921-User Adaptation Layer (1.0.0 to 1.10.6, 30 fields)
iuup: IuUP (1.0.0 to 1.10.6, 1325 fields)
iwarp_ddp_rdmap: iWARP Direct Data Placement and Remote Direct Memory Access Protocol (1.2.0 to 1.10.6, 47 fields)
iwarp_mpa: iWARP Marker Protocol data unit Aligned framing (1.2.0 to 1.10.6, 19 fields)
ixiatrailer: Ixia Trailer (1.10.0 to 1.10.6, 2 fields)
ixveriwave: ixveriwave (1.8.0 to 1.10.6, 72 fields)

J

jabber: Jabber XML Messaging (1.0.0 to 1.6.16, 2 fields)
jmirror: Juniper Packet Mirror (1.4.0 to 1.10.6, 2 fields)
jpeg: RFC 2435 JPEG (1.0.0 to 1.10.6, 18 fields)
json: JavaScript Object Notation (1.6.0 to 1.10.6, 8 fields)
juniper: Juniper (1.0.0 to 1.10.6, 18 fields)
jxta: JXTA P2P (1.0.0 to 1.10.6, 52 fields)

K

k12: K12xx (1.0.0 to 1.10.6, 6 fields)
kadm5: Kerberos Administration (1.0.0 to 1.10.6, 1 field)
kdp: Kontiki Delivery Protocol (1.2.0 to 1.10.6, 31 fields)
kdsp: Kismet Drone/Server Protocol (1.8.0 to 1.10.6, 85 fields)
kerberos: Kerberos (1.0.0 to 1.10.6, 182 fields)
kf: Kingfisher (1.0.0 to 1.10.6, 9 fields)
kink: Kerberized Internet Negotiation of Key (1.0.0 to 1.10.6, 17 fields)
kismet: Kismet Client/Server Protocol (1.0.0 to 1.10.6, 2 fields)
klm: Kernel Lock Manager (1.0.0 to 1.10.6, 10 fields)
kpasswd: MS Kpasswd (1.0.0 to 1.10.6, 9 fields)
krb4: Kerberos v4 (1.0.0 to 1.10.6, 21 fields)
krb5rpc: DCE/RPC Kerberos V (1.0.0 to 1.10.6, 18 fields)

L

l2tp: Layer 2 Tunneling Protocol (1.0.0 to 1.10.6, 54 fields)
lanforge: LANforge Traffic Generator (1.2.0 to 1.10.6, 12 fields)
lanman: Microsoft Windows Lanman Remote API Protocol (1.0.0 to 1.10.6, 80 fields)
lapb: Link Access Procedure Balanced (LAPB) (1.0.0 to 1.10.6, 10 fields)
lapbether: Link Access Procedure Balanced Ethernet (LAPBETHER) (1.0.0 to 1.10.6, 1 field)
lapd: Link Access Procedure, Channel D (LAPD) (1.0.0 to 1.10.6, 20 fields)
lapdm: Link Access Procedure, Channel Dm (LAPDm) (1.2.0 to 1.10.6, 28 fields)
laplink: Laplink (1.0.0 to 1.10.6, 5 fields)
lapsat: Link Access Procedure, Satellite channel (LAPSat) (1.8.0 to 1.10.6, 29 fields)
lcp: PPP Link Control Protocol (1.0.0 to 1.10.6, 78 fields)
lcsap: LCS Application Protocol (1.8.0 to 1.10.6, 108 fields)
lct: H.283 Logical Channel Transport (1.0.0 to 1.10.6, 33 fields)
ldap: Lightweight Directory Access Protocol (1.0.0 to 1.10.6, 211 fields)
ldp: Label Distribution Protocol (1.0.0 to 1.10.6, 226 fields)
ldss: Local Download Sharing Service (1.2.0 to 1.10.6, 22 fields)
lge_monitor: LGE Monitor (1.0.0 to 1.10.6, 3 fields)
linx: ENEA LINX (1.0.0 to 1.10.6, 46 fields)
linxtcp: ENEA LINX over TCP (1.8.0 to 1.10.6, 32 fields)
lisp: Locator/ID Separation Protocol (1.6.0 to 1.10.6, 76 fields)
lisp-data: Locator/ID Separation Protocol (Data) (1.6.0 to 1.10.6, 14 fields)
list: Event Notification for Resource Lists (RFC 4662) (1.0.0 to 1.10.6, 21 fields)
llap: LocalTalk Link Access Protocol (1.0.0 to 1.10.6, 3 fields)
llb: DCE/RPC NCS 1.5.1 Local Location Broker (1.0.0 to 1.10.6, 1 field)
llc: Logical-Link Control (1.0.0 to 1.10.6, 26 fields)
llcgprs: Logical Link Control GPRS (1.0.0 to 1.10.6, 45 fields)
lldp: Link Layer Discovery Protocol (1.0.0 to 1.10.6, 141 fields)
llrp: Low Level Reader Protocol (1.8.0 to 1.10.6, 258 fields)
llt: Veritas Low Latency Transport (LLT) (1.0.0 to 1.10.6, 5 fields)
lmi: Local Management Interface (1.0.0 to 1.10.6, 11 fields)
lmp: Link Management Protocol (LMP) (1.0.0 to 1.10.6, 173 fields)
log: Log Message (1.0.0 to 1.10.6, 2 fields)
logotypecertextn: Logotype Certificate Extensions (1.0.0 to 1.10.6, 46 fields)
lon: Local Operating Network (1.8.0 to 1.10.6, 39 fields)
loop: Configuration Test Protocol (loopback) (1.0.0 to 1.10.6, 4 fields)
lpd: Line Printer Daemon Protocol (1.0.0 to 1.10.6, 2 fields)
lpp: LTE Positioning Protocol (LLP) (1.8.0 to 1.10.6, 735 fields)
lppa: LTE Positioning Protocol A (LPPa) (1.8.0 to 1.10.6, 97 fields)
lppe: LTE Positioning Protocol Extensions (LLPe) (1.10.0 to 1.10.6, 1235 fields)
lsa: Microsoft Local Security Architecture (1.0.0 to 1.0.16, 93 fields)
lsarpc: Local Security Authority (1.2.0 to 1.10.6, 418 fields)
lsc: Pegasus Lightweight Stream Control (1.0.0 to 1.10.6, 11 fields)
lte_rrc: LTE Radio Resource Control (RRC) protocol (1.2.0 to 1.10.6, 2122 fields)
ltp: Licklider Transmission Protocol (1.4.0 to 1.10.6, 38 fields)
lwapp: LWAPP Encapsulated Packet (1.0.0 to 1.10.6, 14 fields)
lwres: Light Weight DNS RESolver (BIND9) (1.0.0 to 1.10.6, 35 fields)

M

m2m: WiMax Mac to Mac Packet (1.0.0 to 1.10.6, 22 fields)
m2pa: MTP2 Peer Adaptation Layer (1.0.0 to 1.10.6, 24 fields)
m2tp: MTP 2 Transparent Proxy (1.0.0 to 1.10.6, 17 fields)
m2ua: MTP 2 User Adaptation Layer (1.0.0 to 1.10.6, 37 fields)
m3ap: M3 Application Protocol (1.8.0 to 1.10.6, 89 fields)
m3ua: MTP 3 User Adaptation Layer (1.0.0 to 1.10.6, 60 fields)
maap: IEEE 1722 MAAP Protocol (1.8.0 to 1.10.6, 8 fields)
mac: MAC (1.4.0 to 1.10.6, 14 fields)
mac-lte: MAC-LTE (1.2.0 to 1.10.6, 171 fields)
macc: MAC Control (1.0.0 to 1.10.6, 40 fields)
mactelnet: MikroTik MAC-Telnet Protocol (1.6.0 to 1.10.6, 17 fields)
mailslot: SMB MailSlot Protocol (1.0.0 to 1.10.6, 5 fields)
manolito: Blubster/Piolet MANOLITO Protocol (1.0.0 to 1.10.6, 5 fields)
mapi: Exchange 5.5 EMSMDB (1.0.0 to 1.10.6, 105 fields)
mbrtu: Modbus RTU (1.10.0 to 1.10.6, 2 fields)
mbtcp: Modbus/TCP (1.0.0 to 1.10.6, 64 fields)
mdshdr: MDS Header (1.0.0 to 1.10.6, 8 fields)
megaco: MEGACO (1.0.0 to 1.10.6, 48 fields)
memcache: Memcache Protocol (1.2.0 to 1.10.6, 33 fields)
mesh: Mesh Header (1.2.0 to 1.10.6, 2 fields)
messenger: Microsoft Messenger Service (1.0.0 to 1.10.6, 5 fields)
meta: Metadata (1.4.0 to 1.10.6, 32 fields)
mgcp: Media Gateway Control Protocol (1.0.0 to 1.10.6, 82 fields)
mgmt: DCE/RPC Remote Management (1.0.0 to 1.10.6, 5 fields)
mibs: MIBs (1.0.3 to 1.0.5, 1.0.9 to 1.0.16, 1.2.1 to 1.2.18, 759 fields)
mifare: NXP MiFare (1.8.0 to 1.10.6, 6 fields)
mih: Media-Independent Handover (1.10.0 to 1.10.6, 200 fields)
mikey: Multimedia Internet KEYing (1.0.0 to 1.10.6, 106 fields)
mime_multipart: MIME Multipart Media Encapsulation (1.0.0 to 1.10.6, 9 fields)
miop: Unreliable Multicast Inter-ORB Protocol (1.2.0 to 1.10.6, 8 fields)
mip: Mobile IP (1.0.0 to 1.10.6, 82 fields)
mipv6: Mobile IPv6 / Network Mobility (1.0.0 to 1.10.6, 157 fields)
mms: MMS (1.0.0 to 1.10.6, 446 fields)
mmse: MMS Message Encapsulation (1.0.0 to 1.10.6, 43 fields)
mndp: Mikrotik Neighbor Discovery Protocol (1.6.0 to 1.10.6, 14 fields)
modbus: Modbus (1.8.0 to 1.10.6, 56 fields)
mojito: Mojito DHT (1.10.0 to 1.10.6, 38 fields)
moldudp: MoldUDP (1.8.0 to 1.10.6, 7 fields)
moldudp64: MoldUDP64 (1.8.0 to 1.10.6, 7 fields)
mongo: Mongo Wire Protocol (1.6.0 to 1.10.6, 66 fields)
mount: Mount Service (1.0.0 to 1.10.6, 54 fields)
mp: PPP Multilink Protocol (1.0.0 to 1.10.6, 6 fields)
mp2t: ISO/IEC 13818-1 (1.0.0 to 1.10.6, 69 fields)
mp4v-es: MP4V-ES (1.2.0 to 1.10.6, 15 fields)
mpeg-audio: Moving Picture Experts Group Audio (1.10.0 to 1.10.6, 26 fields)
mpeg-dsmcc: MPEG DSM-CC (1.8.0 to 1.8.13, 55 fields)
mpeg-pes: Packetized Elementary Stream (1.0.0 to 1.10.6, 82 fields)
mpeg.audio: Moving Picture Experts Group Audio (1.0.0 to 1.8.13, 26 fields)
mpeg1: RFC 2250 MPEG1 (1.0.0 to 1.10.6, 13 fields)
mpeg_ca: MPEG2 Conditional Access Table (1.8.0 to 1.10.6, 5 fields)
mpeg_descr: MPEG2 Descriptors (1.8.0 to 1.10.6, 272 fields)
mpeg_dsmcc: MPEG DSM-CC (1.10.0 to 1.10.6, 55 fields)
mpeg_pat: MPEG2 Program Association Table (1.8.0 to 1.10.6, 9 fields)
mpeg_pmt: MPEG2 Program Map Table (1.8.0 to 1.10.6, 15 fields)
mpeg_sect: MPEG2 Section (1.8.0 to 1.10.6, 3 fields)
mpls: MultiProtocol Label Switching Header (1.0.0 to 1.10.6, 19 fields)
mpls-echo: Multiprotocol Label Switching Echo (1.0.0 to 1.10.6, 182 fields)
mpls_psc: PSC (1.10.0 to 1.10.6, 7 fields)
mpls_y1711: MPLS ITU-T Y.1711 OAM (1.10.0 to 1.10.6, 5 fields)
mplspmdlm: MPLS Direct Loss Measurement (DLM) (1.8.0 to 1.10.6, 84 fields)
mplspsc: PSC (1.8.0 to 1.8.13, 7 fields)
mplspwatm11_or_aal5pdu: MPLS PW ATM One-to-One or AAL5 PDU encapsulation (1.4.0 to 1.10.6, 3 fields)
mplspwatmaal5sdu: MPLS PW ATM AAL5 CPCS-SDU mode encapsulation (1.4.0 to 1.10.6, 1 field)
mplspwatmcell: ATM Cell (1.4.0 to 1.10.6, 1 field)
mplspwatmcellheader: MPLS PW ATM Cell Header (1.4.0 to 1.10.6, 7 fields)
mplspwatmcontrolword: MPLS PW ATM Control Word (1.4.0 to 1.10.6, 9 fields)
mplspwatmn1cw: MPLS PW ATM N-to-One encapsulation, with CW (1.4.0 to 1.10.6, 1 field)
mplspwatmn1nocw: MPLS PW ATM N-to-One encapsulation, no CW (1.4.0 to 1.10.6, 2 fields)
mplstp_fm: MPLS-TP Fault-Management (1.10.0 to 1.10.6, 14 fields)
mplstp_lock: MPLS-TP Lock-Instruct (1.10.0 to 1.10.6, 3 fields)
mplsy1711: MPLS ITU-T Y.1711 OAM (1.8.0 to 1.8.13, 6 fields)
mq: WebSphere MQ (1.0.0 to 1.10.6, 246 fields)
mqpcf: WebSphere MQ Programmable Command Formats (1.0.0 to 1.10.6, 9 fields)
mrcpv2: Media Resource Control Protocol Version 2 (MRCPv2) (1.10.0 to 1.10.6, 104 fields)
mrdisc: Multicast Router DISCovery protocol (1.0.0 to 1.10.6, 11 fields)
mrp-mmrp: Multiple Mac Registration Protocol (1.6.0 to 1.10.6, 12 fields)
mrp-msrp: Multiple Stream Reservation Protocol (1.4.0 to 1.10.6, 29 fields)
mrp-mvrp: Multiple VLAN Registration Protocol (1.8.0 to 1.10.6, 12 fields)
mscml: Media Server Control Markup Language - draft 07 (1.0.0 to 1.10.6, 719 fields)
msdp: Multicast Source Discovery Protocol (1.0.0 to 1.10.6, 17 fields)
msmms: Microsoft Media Server (1.0.0 to 1.10.6, 57 fields)
msnip: MSNIP: Multicast Source Notification of Interest Protocol (1.0.0 to 1.10.6, 11 fields)
msnlb: MS Network Load Balancing (1.0.0 to 1.10.6, 6 fields)
msproxy: MS Proxy Protocol (1.0.0 to 1.10.6, 24 fields)
msrp: Message Session Relay Protocol (1.0.0 to 1.10.6, 27 fields)
mstp: BACnet MS/TP (1.2.0 to 1.10.6, 11 fields)
mtp2: Message Transfer Part Level 2 (1.0.0 to 1.10.6, 9 fields)
mtp3: Message Transfer Part Level 3 (1.0.0 to 1.10.6, 16 fields)
mtp3mg: Message Transfer Part Level 3 Management (1.0.0 to 1.10.6, 26 fields)
mux27010: MUX27010 Protocol (1.6.0 to 1.10.6, 78 fields)
mysql: MySQL Protocol (1.0.0 to 1.10.6, 138 fields)

N

nas-eps: Non-Access-Stratum (NAS)PDU (1.2.0 to 1.10.6, 153 fields)
nasdaq_itch: Nasdaq TotalView-ITCH (1.2.0 to 1.10.6, 25 fields)
nasdaq_soup: Nasdaq-SoupTCP version 2.0 (1.2.0 to 1.10.6, 9 fields)
nat-pmp: NAT Port Mapping Protocol (1.2.0 to 1.10.6, 9 fields)
nb_rtpmux: 3GPP Nb Interface RTP Multiplex (1.4.0 to 1.10.6, 9 fields)
nbap: UTRAN Iub interface NBAP signalling (1.0.0 to 1.10.6, 3199 fields)
nbd: Network Block Device (1.0.0 to 1.10.6, 10 fields)
nbdgm: NetBIOS Datagram Service (1.0.0 to 1.10.6, 7 fields)
nbipx: NetBIOS over IPX (1.0.0 to 1.10.6, 21 fields)
nbns: NetBIOS Name Service (1.0.0 to 1.10.6, 24 fields)
nbp: Name Binding Protocol (1.0.0 to 1.10.6, 11 fields)
nbss: NetBIOS Session Service (1.0.0 to 1.10.6, 4 fields)
ncp: NetWare Core Protocol (1.0.0 to 1.10.6, 2307 fields)
ncs: Novell Cluster Services (1.0.0 to 1.10.6, 2 fields)
ndmp: Network Data Management Protocol (1.0.0 to 1.10.6, 185 fields)
ndp: Nortel Discovery Protocol (1.6.0 to 1.10.6, 6 fields)
ndps: Novell Distributed Print System (1.0.0 to 1.10.6, 373 fields)
negoex: SPNEGO Extended Negotiation Security Mechanism (1.10.0 to 1.10.6, 27 fields)
netanalyzer: netANALYZER (1.8.0 to 1.10.6, 13 fields)
netbios: NetBIOS (1.0.0 to 1.10.6, 46 fields)
netdfs: Settings for Microsoft Distributed File System (1.0.0 to 1.10.6, 169 fields)
netdump: Netdump Protocol (1.2.0 to 1.10.6, 9 fields)
netmon_802_11: NetMon 802.11 capture header (1.4.0 to 1.10.6, 14 fields)
netrom: Amateur Radio NET/ROM (1.10.0 to 1.10.6, 19 fields)
netsync: Monotone Netsync (1.0.0 to 1.10.6, 39 fields)
nettl: HP-UX Network Tracing and Logging (1.0.0 to 1.10.6, 5 fields)
newmail: Microsoft Exchange New Mail Notification (1.0.0 to 1.10.6, 1 field)
nflog: Linux Netfilter NFLOG (1.8.0 to 1.10.6, 12 fields)
nfs: Network File System (1.0.0 to 1.10.6, 496 fields)
nfsacl: NFSACL (1.0.0 to 1.10.6, 19 fields)
nfsauth: NFSAUTH (1.0.0 to 1.10.6, 1 field)
nhrp: NBMA Next Hop Resolution Protocol (1.0.0 to 1.10.6, 67 fields)
nisplus: NIS+ (1.0.0 to 1.10.6, 118 fields)
nispluscb: NIS+ Callback (1.0.0 to 1.10.6, 3 fields)
njack: 3com Network Jack (1.0.0 to 1.10.6, 23 fields)
nlm: Network Lock Manager Protocol (1.0.0 to 1.10.6, 27 fields)
nlsp: NetWare Link Services Protocol (1.0.0 to 1.10.6, 21 fields)
nmas: Novell Modular Authentication Service (1.0.0 to 1.10.6, 30 fields)
nntp: Network News Transfer Protocol (1.0.0 to 1.10.6, 2 fields)
noe: NOE Protocol (1.8.0 to 1.10.6, 19 fields)
norm: Negative-acknowledgment Oriented Reliable Multicast (1.0.0 to 1.10.6, 63 fields)
npmp: NetPerfMeter Protocol (1.4.0 to 1.10.6, 56 fields)
ns: NetScaler Trace (1.4.0 to 1.10.6, 18 fields)
ns_cert_exts: NetScape Certificate Extensions (1.0.0 to 1.10.6, 19 fields)
nsip: Network Service Over IP (1.0.0 to 1.2.18, 21 fields)
nspi: Exchange 5.5 Name Service Provider (1.0.0 to 1.10.6, 110 fields)
nsrp: Juniper Netscreen Redundant Protocol (1.0.0 to 1.10.6, 26 fields)
ntlmssp: NTLM Secure Service Provider (1.0.0 to 1.10.6, 150 fields)
ntp: Network Time Protocol (1.0.0 to 1.10.6, 100 fields)
null: Null/Loopback (1.0.0 to 1.10.6, 2 fields)
nw_mtp: NexusWare C7 MTP (1.4.0 to 1.10.6, 5 fields)

O

ocsp: Online Certificate Status Protocol (1.0.0 to 1.10.6, 55 fields)
oicq: OICQ - IM software, popular in China (1.0.0 to 1.10.6, 6 fields)
oipf.ciplus: Open IPTV Forum CSPG-CI+ (1.8.0 to 1.10.6, 7 fields)
olsr: Optimized Link State Routing Protocol (1.0.0 to 1.10.6, 39 fields)
omapi: ISC Object Management API (1.0.0 to 1.10.6, 17 fields)
omron: OMRON FINS Protocol (1.4.0 to 1.10.6, 306 fields)
opcua: OpcUa Binary Protocol (1.0.0 to 1.10.6, 499 fields)
opensafety: openSAFETY (1.6.0 to 1.10.6, 78 fields)
openvpn: OpenVPN Protocol (1.10.0 to 1.10.6, 24 fields)
openwire: OpenWire (1.8.0 to 1.10.6, 181 fields)
opsi: Open Policy Service Interface (1.0.0 to 1.10.6, 41 fields)
osinlcp: PPP OSI Network Layer Control Protocol (1.8.0 to 1.10.6, 3 fields)
ospf: Open Shortest Path First (1.0.0 to 1.10.6, 125 fields)
ouch: OUCH (1.10.0 to 1.10.6, 34 fields)
oxid: DCOM OXID Resolver (1.0.0 to 1.10.6, 30 fields)

P

p1: X.411 Message Transfer Service (1.6.0 to 1.10.6, 491 fields)
p22: X.420 Information Object (1.6.0 to 1.10.6, 327 fields)
p7: X.413 Message Store Service (1.0.0 to 1.10.6, 342 fields)
p772: STANAG 4406 Message (1.6.0 to 1.10.6, 73 fields)
p_mul: P_Mul (ACP142) (1.0.0 to 1.10.6, 63 fields)
packetbb: PacketBB Protocol (1.4.0 to 1.10.6, 57 fields)
packetcable_avps: PacketCable AVPs (1.10.0 to 1.10.6, 66 fields)
packetlogger: PacketLogger (1.2.0 to 1.10.6, 2 fields)
pagp: Port Aggregation Protocol (1.0.0 to 1.10.6, 26 fields)
paketcable_avps: PacketCable AVPs (1.0.0 to 1.8.13, 66 fields)
paltalk: Paltalk Messenger Protocol (1.2.0 to 1.10.6, 4 fields)
pana: Protocol for carrying Authentication for Network Access (1.0.0 to 1.10.6, 30 fields)
pap: PPP Password Authentication Protocol (1.0.0 to 1.10.6, 11 fields)
papi: Aruba PAPI (1.6.0 to 1.10.6, 20 fields)
pcap: UTRAN Iupc interface Positioning Calculation Application Part (PCAP) (1.0.0 to 1.10.6, 1069 fields)
pcep: Path Computation Element communication Protocol (1.0.0 to 1.10.6, 103 fields)
pcli: Packet Cable Lawful Intercept (1.0.0 to 1.10.6, 1 field)
pcnfsd: PC NFS (1.0.0 to 1.10.6, 15 fields)
pcp: Performance Co-Pilot (1.8.0 to 1.10.6, 90 fields)
pdcp-lte: PDCP-LTE (1.2.0 to 1.10.6, 117 fields)
peekremote: AiroPeek/OmniPeek encapsulated IEEE 802.11 (1.8.0 to 1.10.6, 8 fields)
per: Packed Encoding Rules (ASN.1 X.691) (1.0.0 to 1.10.6, 28 fields)
pflog: OpenBSD Packet Filter log file (1.0.0 to 1.10.6, 14 fields)
pflog-old: OpenBSD Packet Filter log file, pre 3.4 (1.0.0 to 1.10.6, 6 fields)
pgm: Pragmatic General Multicast (1.0.0 to 1.10.6, 75 fields)
pgsql: PostgreSQL (1.0.0 to 1.10.6, 39 fields)
pim: Protocol Independent Multicast (1.0.0 to 1.10.6, 52 fields)
pingpongprotocol: Ping Pong Protocol (1.0.0 to 1.10.6, 8 fields)
pipe: SMB Pipe Protocol (1.0.0 to 1.10.6, 23 fields)
pkcs-1: PKCS#1 (1.0.0 to 1.10.6, 30 fields)
pkcs12: PKCS#12: Personal Information Exchange (1.0.0 to 1.10.6, 57 fields)
pkinit: PKINIT (1.0.0 to 1.10.6, 25 fields)
pkix-cert: PKIX CERT File Format (1.0.0 to 1.10.6, 2 fields)
pkix1explicit: PKIX1Explicit (1.0.0 to 1.10.6, 46 fields)
pkix1implicit: PKIX1Implitit (1.0.0 to 1.10.6, 18 fields)
pkixac: PKIX Attribute Certificate (1.4.0 to 1.10.6, 49 fields)
pkixproxy: PKIXProxy (RFC3820) (1.0.0 to 1.10.6, 5 fields)
pkixqualified: PKIX Qualified (1.0.0 to 1.10.6, 23 fields)
pkixtsp: PKIX Time Stamp Protocol (1.0.0 to 1.10.6, 29 fields)
pkt_ccc: PacketCable Call Content Connection (1.0.0 to 1.10.6, 2 fields)
pktc: PacketCable (1.0.0 to 1.10.6, 34 fields)
pktgen: Linux Kernel Packet Generator (1.0.0 to 1.10.6, 5 fields)
pn532: NXP PN532 (1.8.0 to 1.10.6, 21 fields)
pn_dcp: PROFINET DCP (1.0.0 to 1.10.6, 36 fields)
pn_io: PROFINET IO (1.0.0 to 1.10.6, 454 fields)
pn_mrp: PROFINET MRP (1.0.0 to 1.10.6, 16 fields)
pn_mrrt: PROFINET MRRT (1.0.0 to 1.10.6, 6 fields)
pn_ptcp: PROFINET PTCP (1.0.0 to 1.10.6, 35 fields)
pn_rt: PROFINET Real-Time Protocol (1.0.0 to 1.10.6, 36 fields)
png: Portable Network Graphics (1.0.0 to 1.10.6, 31 fields)
pnp: Microsoft Plug and Play service (1.0.0 to 1.10.6, 1 field)
pnrp: Peer Network Resolution Protocol (1.4.0 to 1.10.6, 77 fields)
poc-settings: poc-settings XML doc (RFC 4354) (1.0.0 to 1.10.6, 32 fields)
pop: Post Office Protocol (1.0.0 to 1.10.6, 18 fields)
portcontrol: Port Control Protocol (1.10.0 to 1.10.6, 38 fields)
portmap: Portmap (1.0.0 to 1.10.6, 19 fields)
ppcap: Proprietary PCAP (1.8.0 to 1.10.6, 19 fields)
ppi: PPI Packet Header (1.0.0 to 1.10.6, 98 fields)
ppi_antenna: PPI antenna decoder (1.6.0 to 1.10.6, 34 fields)
ppi_gps: PPI Geotagging GPS tag decoder (1.6.0 to 1.10.6, 40 fields)
ppi_sensor: PPI sensor decoder (1.8.0 to 1.10.6, 25 fields)
ppi_vector: PPI vector decoder (1.6.0 to 1.10.6, 71 fields)
ppp: Point-to-Point Protocol (1.0.0 to 1.10.6, 15 fields)
pppmux: PPP Multiplexing (1.0.0 to 1.10.6, 1 field)
pppmuxcp: PPPMux Control Protocol (1.0.0 to 1.10.6, 2 fields)
pppoe: PPP-over-Ethernet (1.2.0 to 1.10.6, 5 fields)
pppoed: PPP-over-Ethernet Discovery (1.0.0 to 1.10.6, 60 fields)
pppoes: PPP-over-Ethernet Session (1.0.0 to 1.10.6, 5 fields)
pptp: Point-to-Point Tunnelling Protocol (1.0.0 to 1.10.6, 49 fields)
prap: Printer Access Protocol (1.10.0 to 1.10.6, 10 fields)
pres: ISO 8823 OSI Presentation Protocol (1.0.0 to 1.10.6, 77 fields)
presence: presence XML doc (RFC 3863) (1.0.0 to 1.10.6, 19 fields)
prism: Prism capture header (1.0.0 to 1.10.6, 24 fields)
prp: Parallel Redundancy Protocol (IEC62439 Part 3) (1.0.0 to 1.10.6, 14 fields)
ptp: Precision Time Protocol (IEEE1588) (1.0.0 to 1.10.6, 394 fields)
pulse: PULSE protocol for Linux Virtual Server redundancy (1.10.0 to 1.10.6, 1 field)
pvfs: Parallel Virtual File System (1.0.0 to 1.10.6, 116 fields)
pw_atm_n2o_cw: ATM PW, N-to-one Cell Mode Control Word (1.2.0 to 1.2.18, 3 fields)
pw_hdlc_nocw_fr: HDLC PW, FR port mode (no CW) (1.2.0 to 1.10.6, 6 fields)
pw_oam: Pseudo-Wire OAM (1.10.0 to 1.10.6, 8 fields)
pwcesopsn: CESoPSN basic NxDS0 mode (no RTP support) (1.2.0 to 1.10.6, 11 fields)
pwethcw: PW Ethernet Control Word (1.2.0 to 1.10.6, 3 fields)
pwfr: PW Frame Relay DLCI Control Word (1.2.0 to 1.10.6, 7 fields)
pwpadding: Pseudowire Padding (1.4.0 to 1.10.6, 1 field)
pwsatopcw: SAToP (no RTP support) (1.2.0 to 1.10.6, 12 fields)

Q

q2931: Q.2931 (1.0.0 to 1.10.6, 12 fields)
q708: ITU-T Q.708 ISPC Analysis (1.4.0 to 1.10.6, 3 fields)
q931: Q.931 (1.0.0 to 1.10.6, 49 fields)
q932: Q.932 (1.0.0 to 1.10.6, 39 fields)
q932.ros: Q.932 Operations Service Element (1.0.0 to 1.10.6, 19 fields)
q933: Q.933 (1.0.0 to 1.10.6, 23 fields)
qllc: Qualified Logical Link Control (1.0.0 to 1.10.6, 2 fields)
qsig: QSIG (1.0.0 to 1.10.6, 744 fields)
quake: Quake Network Protocol (1.0.0 to 1.10.6, 32 fields)
quake2: Quake II Network Protocol (1.0.0 to 1.10.6, 22 fields)
quake3: Quake III Arena Network Protocol (1.0.0 to 1.10.6, 13 fields)
quakeworld: QuakeWorld Network Protocol (1.0.0 to 1.10.6, 22 fields)

R

r-stp: Retix Spanning Tree Protocol (1.0.0 to 1.10.6, 10 fields)
r3: Assa Abloy R3 (1.4.0 to 1.10.6, 623 fields)
radio: 802.11 radio information (1.0.0 to 1.10.6, 3 fields)
radiotap: IEEE 802.11 Radiotap Capture header (1.0.0 to 1.10.6, 155 fields)
radius: Radius Protocol (1.0.0 to 1.10.6, 9417 fields)
ranap: Radio Access Network Application Part (1.0.0 to 1.10.6, 683 fields)
raw_sip: Session Initiation Protocol (SIP as raw text) (1.0.0 to 1.10.6, 1 field)
rdaclif: DCE/RPC Directory Acl Interface (1.0.0 to 1.10.6, 1 field)
rdc: H.282 Remote Device Control (1.0.0 to 1.10.6, 423 fields)
rdm: Remote Device Management (1.0.0 to 1.10.6, 128 fields)
rdp: Remote Desktop Protocol (1.8.0 to 1.10.6, 204 fields)
rdt: Real Data Transport (1.0.0 to 1.10.6, 68 fields)
redback: Redback (1.0.0 to 1.10.6, 9 fields)
redbackli: Redback Lawful Intercept (1.0.0 to 1.10.6, 8 fields)
reginfo: Reginfo XML doc (RFC 3680) (1.0.0 to 1.10.6, 42 fields)
reload: REsource LOcation And Discovery (1.6.0 to 1.10.6, 303 fields)
reload-framing: REsource LOcation And Discovery Framing (1.6.0 to 1.10.6, 12 fields)
remact: DCOM IRemoteActivation (1.0.0 to 1.10.6, 22 fields)
remunk: IRemUnknown (1.0.0 to 1.10.6, 18 fields)
rep_proc: DCE DFS Replication Server (1.0.0 to 1.10.6, 1 field)
rfc2190: H.263 RTP Payload header (RFC2190) (1.2.0 to 1.10.6, 21 fields)
rfr: Exchange 2003 Directory Request For Response (1.2.0 to 1.10.6, 10 fields)
rgmp: Router-port Group Management Protocol (1.0.0 to 1.10.6, 4 fields)
rip: Routing Information Protocol (1.0.0 to 1.10.6, 11 fields)
ripng: RIPng (1.0.0 to 1.10.6, 8 fields)
rlc: Radio Link Control (1.4.0 to 1.10.6, 38 fields)
rlc-lte: RLC-LTE (1.2.0 to 1.10.6, 66 fields)
rlm: Redundant Link Management Protocol (1.0.0 to 1.10.6, 5 fields)
rlogin: Rlogin Protocol (1.0.0 to 1.10.6, 15 fields)
rmcp: Remote Management Control Protocol (1.0.0 to 1.10.6, 4 fields)
rmi: Java RMI (1.0.0 to 1.10.6, 10 fields)
rmp: HP Remote Maintenance Protocol (1.0.0 to 1.10.6, 9 fields)
rnsap: UTRAN Iur interface Radio Network Subsystem Application Part (1.0.0 to 1.10.6, 2633 fields)
rohc: RObust Header Compression (ROHC) (1.6.0 to 1.10.6, 100 fields)
roofnet: Roofnet Protocol (1.0.0 to 1.10.6, 17 fields)
ros: X.880 OSI Remote Operations Service (1.0.0 to 1.10.6, 26 fields)
roverride: Remote Override interface (1.0.0 to 1.10.6, 1 field)
rpc: Remote Procedure Call (1.0.0 to 1.10.6, 70 fields)
rpc_browser: RPC Browser (1.0.0 to 1.10.6, 6 fields)
rpc_netlogon: Microsoft Network Logon (1.0.0 to 1.10.6, 313 fields)
rpcap: Remote Packet Capture (1.2.0 to 1.10.6, 77 fields)
rpkirtr: RPKI-Router Protocol (1.10.0 to 1.10.6, 18 fields)
rpl: Remote Program Load (1.0.0 to 1.10.6, 20 fields)
rpriv: Privilege Server operations (1.0.0 to 1.10.6, 8 fields)
rquota: Remote Quota (1.0.0 to 1.10.6, 18 fields)
rras: Microsoft Routing and Remote Access Service (1.0.0 to 1.10.6, 1 field)
rrc: Radio Resource Control (RRC) protocol (1.0.0 to 1.10.6, 5761 fields)
rrlp: Radio Resource LCS Protocol (RRLP) (1.0.0 to 1.10.6, 793 fields)
rs_acct: DCE/RPC RS_ACCT (1.0.0 to 1.10.6, 8 fields)
rs_attr: Registry Server Attributes Manipulation Interface (1.0.0 to 1.10.6, 1 field)
rs_attr_schema: DCE/RPC Registry Server Attributes Schema (1.0.0 to 1.10.6, 1 field)
rs_bind: DCE/RPC RS_BIND (1.0.0 to 1.10.6, 1 field)
rs_misc: DCE/RPC RS_MISC (1.0.0 to 1.10.6, 5 fields)
rs_pgo: DCE Name Service (1.0.0 to 1.10.6, 67 fields)
rs_plcy: RS Interface properties (1.0.0 to 1.10.6, 1 field)
rs_prop_acct: DCE/RPC RS_PROP_ACCT (1.0.0 to 1.10.6, 1 field)
rs_prop_acl: DCE/RPC Registry server propagation interface - ACLs (1.0.0 to 1.10.6, 1 field)
rs_prop_attr: DCE/RPC Prop Attr (1.0.0 to 1.10.6, 1 field)
rs_prop_pgo: DCE/RPC Registry server propagation interface - PGO items (1.0.0 to 1.10.6, 1 field)
rs_prop_plcy: DCE/RPC Registry server propagation interface - properties and policies (1.0.0 to 1.10.6, 1 field)
rs_pwd_mgmt: DCE/RPC Registry Password Management (1.0.0 to 1.10.6, 1 field)
rs_repadm: Registry server administration operations. (1.0.0 to 1.10.6, 2 fields)
rs_replist: DCE/RPC Repserver Calls (1.0.0 to 1.10.6, 1 field)
rs_repmgr: DCE/RPC Operations between registry server replicas (1.0.0 to 1.10.6, 1 field)
rs_unix: DCE/RPC RS_UNIX (1.0.0 to 1.10.6, 1 field)
rsec_login: Remote sec_login preauth interface. (1.0.0 to 1.10.6, 1 field)
rsh: Remote Shell (1.0.0 to 1.10.6, 6 fields)
rsip: Realm Specific IP Protocol (1.6.0 to 1.10.6, 27 fields)
rsl: Radio Signalling Link (RSL) (1.0.0 to 1.8.13, 86 fields)
rsp: RMCP Security-extensions Protocol (1.0.0 to 1.10.6, 2 fields)
rss: rss (1.0.0 to 1.10.6, 122 fields)
rstat: RSTAT (1.0.0 to 1.10.6, 4 fields)
rsvp: Resource ReserVation Protocol (RSVP) (1.0.0 to 1.10.6, 225 fields)
rsync: RSYNC File Synchroniser (1.0.0 to 1.10.6, 7 fields)
rtcdc: WebRTC Datachannel Protocol (1.10.0 to 1.10.6, 13 fields)
rtcfg: RTcfg (1.0.0 to 1.10.6, 23 fields)
rtcp: Real-time Transport Control Protocol (1.0.0 to 1.10.6, 164 fields)
rtmac: Real-Time Media Access Control (1.0.0 to 1.10.6, 38 fields)
rtmp: Routing Table Maintenance Protocol (1.0.0 to 1.10.6, 8 fields)
rtmpt: Real Time Messaging Protocol (1.0.0 to 1.10.6, 57 fields)
rtp: Real-Time Transport Protocol (1.0.0 to 1.10.6, 70 fields)
rtpevent: RFC 2833 RTP Event (1.0.0 to 1.10.6, 5 fields)
rtpmidi: RFC 4695/6295 RTP-MIDI (1.8.0 to 1.10.6, 285 fields)
rtps: Real-Time Publish-Subscribe Wire Protocol (1.0.0 to 1.10.6, 152 fields)
rtps2: Real-Time Publish-Subscribe Wire Protocol 2.x (1.2.0 to 1.8.13, 47 fields)
rtse: X.228 OSI Reliable Transfer Service (1.0.0 to 1.10.6, 35 fields)
rtsp: Real Time Streaming Protocol (1.0.0 to 1.10.6, 12 fields)
rua: UTRAN Iuh interface RUA signalling (1.4.0 to 1.10.6, 61 fields)
rudp: Reliable UDP (1.0.0 to 1.10.6, 13 fields)
rwall: Remote Wall protocol (1.0.0 to 1.10.6, 2 fields)
rx: RX Protocol (1.0.0 to 1.10.6, 41 fields)

S

s1ap: S1 Application Protocol (1.0.0 to 1.10.6, 516 fields)
s4406: STANAG 4406 Message (1.0.0 to 1.4.15, 87 fields)
s5066: STANAG 5066 (SIS layer) (1.0.0 to 1.10.6, 98 fields)
sabp: UTRAN IuBC interface SABP signaling (1.0.0 to 1.10.6, 79 fields)
sadmind: SADMIND (1.0.0 to 1.10.6, 3 fields)
sametime: Sametime Protocol (1.6.0 to 1.10.6, 28 fields)
samr: SAMR (pidl) (1.0.0 to 1.10.6, 648 fields)
sap: Session Announcement Protocol (1.0.0 to 1.10.6, 12 fields)
sasp: Server/Application State Protocol (1.4.0 to 1.10.6, 67 fields)
sb3: Fibre Channel Single Byte Command (1.0.0 to 1.8.13, 68 fields)
sbc: Bluetooth SBC Codec (1.10.0 to 1.10.6, 14 fields)
sbcap: SBc Application Part (1.8.0 to 1.10.6, 50 fields)
sbus: SAIA S-Bus (1.0.0 to 1.10.6, 68 fields)
sccp: Signalling Connection Control Part (1.0.0 to 1.10.6, 89 fields)
sccpmg: Signalling Connection Control Part Management (1.0.0 to 1.10.6, 10 fields)
scop: ZigBee SCoP (1.6.0 to 1.10.6, 6 fields)
scsi: SCSI (1.0.0 to 1.10.6, 259 fields)
scsi_mmc: SCSI_MMC (1.0.0 to 1.10.6, 305 fields)
scsi_osd: SCSI_OSD (1.0.0 to 1.10.6, 163 fields)
scsi_sbc: SCSI_SBC (1.0.0 to 1.10.6, 173 fields)
scsi_smc: SCSI_SMC (1.0.0 to 1.10.6, 33 fields)
scsi_ssc: SCSI_SSC (1.0.0 to 1.10.6, 82 fields)
sctp: Stream Control Transmission Protocol (1.0.0 to 1.10.6, 144 fields)
sdh: SDH/SONET Protocol (1.8.0 to 1.10.6, 28 fields)
sdlc: Synchronous Data Link Control (SDLC) (1.0.0 to 1.10.6, 10 fields)
sdp: Session Description Protocol (1.0.0 to 1.10.6, 73 fields)
sebek: SEBEK - Kernel Data Capture (1.0.0 to 1.10.6, 19 fields)
secidmap: DCE Security ID Mapper (1.0.0 to 1.10.6, 1 field)
selfm: SEL Fast Message (1.10.0 to 1.10.6, 90 fields)
sercosiii: SERCOS III V1.1 (1.2.0 to 1.6.16, 53 fields)
ses: ISO 8327-1 OSI Session Protocol (1.0.0 to 1.10.6, 62 fields)
sflow: InMon sFlow (1.0.0 to 1.10.6, 246 fields)
sgsap: SGs Application Part (SGsAP) (1.6.0 to 1.10.6, 14 fields)
sigcomp: Signaling Compression (1.0.0 to 1.10.6, 61 fields)
siii: SERCOS III V1.1 (1.8.0 to 1.10.6, 53 fields)
simulcrypt: SIMULCRYPT Protocol (1.2.0 to 1.10.6, 84 fields)
sip: Session Initiation Protocol (1.0.0 to 1.10.6, 218 fields)
sipfrag: Sipfrag (1.0.0 to 1.10.6, 1 field)
sir: Serial Infrared (1.0.0 to 1.10.6, 7 fields)
sita: Societe Internationale de Telecommunications Aeronautiques (1.0.0 to 1.10.6, 26 fields)
skinny: Skinny Client Control Protocol (1.0.0 to 1.10.6, 233 fields)
skype: SKYPE (1.10.0 to 1.10.6, 19 fields)
slarp: Cisco SLARP (1.0.0 to 1.10.6, 4 fields)
slimp3: SliMP3 Communication Protocol (1.0.0 to 1.10.6, 27 fields)
sll: Linux cooked-mode capture (1.0.0 to 1.10.6, 10 fields)
slow: Slow Protocols (1.0.0 to 1.10.6, 118 fields)
slsk: SoulSeek Protocol (1.0.0 to 1.10.6, 59 fields)
sm: Cisco Session Management (1.0.0 to 1.10.6, 20 fields)
smb: SMB (Server Message Block Protocol) (1.0.0 to 1.10.6, 649 fields)
smb2: SMB2 (Server Message Block Protocol version 2) (1.0.0 to 1.10.6, 319 fields)
smb_netlogon: Microsoft Windows Logon Protocol (Old) (1.0.0 to 1.10.6, 46 fields)
smil: Synchronized Multimedia Integration Language (1.0.0 to 1.10.6, 256 fields)
sml: Smart Message Language (1.10.0 to 1.10.6, 68 fields)
smpp: Short Message Peer to Peer (1.0.0 to 1.10.6, 148 fields)
smrse: Short Message Relaying Service (1.0.0 to 1.10.6, 29 fields)
smtp: Simple Mail Transfer Protocol (1.0.0 to 1.10.6, 21 fields)
smux: SNMP Multiplex Protocol (1.0.0 to 1.10.6, 2 fields)
sna: Systems Network Architecture (1.0.0 to 1.10.6, 200 fields)
snaeth: SNA-over-Ethernet (1.0.0 to 1.10.6, 2 fields)
sndcp: Subnetwork Dependent Convergence Protocol (1.0.0 to 1.10.6, 20 fields)
sndcpxid: Subnetwork Dependent Convergence Protocol XID (1.2.0 to 1.10.6, 52 fields)
snmp: Simple Network Management Protocol (1.0.0 to 1.10.6, 98 fields)
socks: Socks Protocol (1.0.0 to 1.10.6, 24 fields)
sonmp: Nortel SONMP (1.0.0 to 1.4.15, 6 fields)
soupbintcp: SoupBinTCP (1.10.0 to 1.10.6, 11 fields)
spice: Spice protocol (1.8.0 to 1.10.6, 143 fields)
spnego: Simple Protected Negotiation (1.0.0 to 1.10.6, 38 fields)
spoolss: Microsoft Spool Subsystem (1.0.0 to 1.10.6, 334 fields)
spp: Sequenced Packet Protocol (1.0.0 to 1.10.6, 12 fields)
spray: SPRAY (1.0.0 to 1.10.6, 6 fields)
sprt: Simple Packet Relay Transport (1.10.0 to 1.10.6, 151 fields)
spx: Sequenced Packet eXchange (1.0.0 to 1.10.6, 12 fields)
srp: H.324/SRP (1.0.0 to 1.10.6, 4 fields)
srvloc: Service Location Protocol (1.0.0 to 1.10.6, 91 fields)
srvsvc: Server Service (1.0.0 to 1.10.6, 751 fields)
sscf-nni: SSCF-NNI (1.0.0 to 1.10.6, 2 fields)
sscop: SSCOP (1.0.0 to 1.10.6, 8 fields)
ssh: SSH Protocol (1.0.0 to 1.10.6, 44 fields)
ssl: Secure Sockets Layer (1.0.0 to 1.10.6, 132 fields)
ssp: Scripting Service Protocol (1.0.0 to 1.10.6, 18 fields)
sss: Novell SecretStore Services (1.0.0 to 1.10.6, 45 fields)
starteam: StarTeam (1.0.0 to 1.10.6, 17 fields)
stat: Network Status Monitor Protocol (1.0.0 to 1.10.6, 15 fields)
statnotify: Network Status Monitor CallBack Protocol (1.0.0 to 1.10.6, 4 fields)
stp: Spanning Tree Protocol (1.0.0 to 1.10.6, 47 fields)
stun: Session Traversal Utilities for NAT (1.0.0 to 1.10.6, 63 fields)
stun2: Session Traversal Utilities for NAT (1.0.0 to 1.2.18, 55 fields)
sua: SS7 SCCP-User Adaptation Layer (1.0.0 to 1.10.6, 134 fields)
sv: IEC61850 Sampled Values (1.4.0 to 1.10.6, 32 fields)
svcctl: Microsoft Service Control (1.0.0 to 1.10.6, 41 fields)
swils: Fibre Channel SW_ILS (1.0.0 to 1.10.6, 125 fields)
symantec: Symantec Enterprise Firewall (1.0.0 to 1.10.6, 2 fields)
sync: MBMS synchronisation protocol (1.8.0 to 1.10.6, 10 fields)
synergy: Synergy (1.0.0 to 1.10.6, 61 fields)
synphasor: IEEE C37.118 Synchrophasor Protocol (1.2.0 to 1.10.6, 28 fields)
sysex: MIDI System Exclusive (1.10.0 to 1.10.6, 26 fields)
syslog: Syslog message (1.0.0 to 1.10.6, 4 fields)

T

t124: GENERIC-CONFERENCE-CONTROL T.124 (1.8.0 to 1.10.6, 201 fields)
t125: MULTIPOINT-COMMUNICATION-SERVICE T.125 (1.0.0 to 1.10.6, 117 fields)
t30: T.30 (1.0.0 to 1.10.6, 106 fields)
t38: T.38 (1.0.0 to 1.10.6, 39 fields)
tacacs: TACACS (1.0.0 to 1.10.6, 15 fields)
tacplus: TACACS+ (1.0.0 to 1.10.6, 60 fields)
tali: Transport Adapter Layer Interface v1.0, RFC 3094 (1.0.0 to 1.10.6, 3 fields)
tapa: Trapeze Access Point Access Protocol (1.0.0 to 1.10.6, 28 fields)
tapi: Microsoft Telephony API Service (1.0.0 to 1.10.6, 6 fields)
tc_nv: TwinCAT NV (1.0.0 to 1.10.6, 12 fields)
tcap: Transaction Capabilities Application Part (1.0.0 to 1.10.6, 132 fields)
tcp: Transmission Control Protocol (1.0.0 to 1.10.6, 193 fields)
tcpencap: TCP Encapsulation of IPsec Packets (1.0.0 to 1.10.6, 8 fields)
tdmoe: Digium TDMoE Protocol (1.6.0 to 1.10.6, 8 fields)
tds: Tabular Data Stream (1.0.0 to 1.10.6, 96 fields)
tei_management: TEI Management Procedure, Channel D (LAPD) (1.0.0 to 1.10.6, 5 fields)
teklink: TEKLINK (1.6.0 to 1.10.6, 18 fields)
telkonet: Telkonet powerline (1.0.0 to 1.10.6, 1 field)
telnet: Telnet (1.0.0 to 1.10.6, 33 fields)
teredo: Teredo IPv6 over UDP tunneling (1.0.0 to 1.10.6, 10 fields)
tetra: TETRA Protocol (1.6.0 to 1.10.6, 415 fields)
tftp: Trivial File Transfer Protocol (1.0.0 to 1.10.6, 9 fields)
time: Time Protocol (1.0.0 to 1.10.6, 1 field)
tipc: Transparent Inter Process Communication(TIPC) (1.0.0 to 1.10.6, 111 fields)
tivoconnect: TiVoConnect Discovery Protocol (1.0.0 to 1.10.6, 7 fields)
tkn4int: DCE DFS Token Server (1.0.0 to 1.10.6, 1 field)
tn3270: TN3270 Protocol (1.4.0 to 1.10.6, 359 fields)
tn5250: TN5250 Protocol (1.4.0 to 1.10.6, 550 fields)
tnef: Transport-Neutral Encapsulation Format (1.0.0 to 1.10.6, 59 fields)
tns: Transparent Network Substrate Protocol (1.0.0 to 1.10.6, 91 fields)
tpcp: Alteon - Transparent Proxy Cache Protocol (1.0.0 to 1.10.6, 12 fields)
tpkt: TPKT - ISO on TCP - RFC1006 (1.0.0 to 1.10.6, 3 fields)
tpncp: AudioCodes TPNCP (TrunkPack Network Control Protocol) (1.0.0 to 1.10.6, 11416 fields)
tr: Token-Ring (1.0.0 to 1.10.6, 19 fields)
trill: TRILL (1.4.0 to 1.10.6, 8 fields)
trksvr: Microsoft Distributed Link Tracking Server Service (1.0.0 to 1.10.6, 2 fields)
trmac: Token-Ring Media Access Control (1.0.0 to 1.10.6, 20 fields)
ts2: Teamspeak2 Protocol (1.2.0 to 1.10.6, 58 fields)
tsp: Time Synchronization Protocol (1.0.0 to 1.10.6, 7 fields)
tte: TTEthernet (1.2.0 to 1.10.6, 6 fields)
tte_pcf: TTEthernet Protocol Control Frame (1.2.0 to 1.10.6, 9 fields)
ttp: Tiny Transport Protocol (1.0.0 to 1.10.6, 4 fields)
turbocell: Turbocell Header (1.2.0 to 1.10.6, 10 fields)
turbocell_aggregate: Turbocell Aggregate Data (1.2.0 to 1.10.6, 5 fields)
turnchannel: TURN Channel (1.2.0 to 1.10.6, 2 fields)
tuxedo: BEA Tuxedo (1.0.0 to 1.10.6, 2 fields)
tzsp: Tazmen Sniffer Protocol (1.0.0 to 1.10.6, 17 fields)

U

ua3g: UA3G Message (1.8.0 to 1.10.6, 4 fields)
uasip: UA/SIP Protocol (1.8.0 to 1.10.6, 12 fields)
uaudp: UA/UDP Encapsulation Protocol (1.8.0 to 1.10.6, 12 fields)
ubikdisk: DCE DFS FLDB UBIK TRANSFER (1.0.0 to 1.10.6, 1 field)
ubikvote: DCE DFS FLDB UBIKVOTE (1.0.0 to 1.10.6, 1 field)
ucp: Universal Computer Protocol (1.0.0 to 1.10.6, 106 fields)
udld: Unidirectional Link Detection (1.0.0 to 1.10.6, 8 fields)
udp: User Datagram Protocol (1.0.0 to 1.10.6, 15 fields)
udplite: Lightweight User Datagram Protocol (1.0.0 to 1.10.6, 2 fields)
uhd: UHD (1.10.0 to 1.10.6, 17 fields)
ulp: OMA UserPlane Location Protocol (1.0.0 to 1.10.6, 554 fields)
uma: Unlicensed Mobile Access (1.0.0 to 1.10.6, 110 fields)
unistim: UNISTIM Protocol (1.0.0 to 1.10.6, 320 fields)
usb: USB (1.0.0 to 1.10.6, 108 fields)
usbaudio: USB Audio (1.10.0 to 1.10.6, 14 fields)
usbccid: USB CCID (1.8.0 to 1.10.6, 12 fields)
usbhid: USB HID (1.4.0 to 1.10.6, 52 fields)
usbhub: USB HUB (1.4.0 to 1.10.6, 31 fields)
usbms: USB Mass Storage (1.0.0 to 1.10.6, 14 fields)
usbvideo: USB Video (1.10.0 to 1.10.6, 166 fields)
uts: Unisys Transmittal System (1.0.0 to 1.10.6, 11 fields)

V

v120: Async data over ISDN (V.120) (1.0.0 to 1.10.6, 24 fields)
v150fw: v150fw State Signaling Event (1.10.0 to 1.10.6, 31 fields)
v52: V5.2 (1.4.0 to 1.10.6, 67 fields)
v5dl: V5 Data Link Layer (1.8.0 to 1.10.6, 20 fields)
v5ef: V5 Envelope Function (v5ef) (1.8.0 to 1.10.6, 6 fields)
v5ua: V5.2-User Adaptation Layer (1.0.0 to 1.10.6, 82 fields)
vcdu: VCDU (1.2.0 to 1.10.6, 43 fields)
vicp: LeCroy VICP (1.2.0 to 1.10.6, 6 fields)
vines_ip: Banyan Vines IP (1.0.0 to 1.10.6, 10 fields)
vines_ipc: Banyan Vines IPC (1.0.0 to 1.10.6, 8 fields)
vines_rtp: Banyan Vines RTP (1.0.0 to 1.10.6, 17 fields)
vines_spp: Banyan Vines SPP (1.0.0 to 1.10.6, 13 fields)
vj: PPP VJ Compression (1.0.0 to 1.10.6, 15 fields)
vlan: 802.1Q Virtual LAN (1.0.0 to 1.4.15, 1.6.3 to 1.10.6, 6 fields)
vmlab: VMware Lab Manager (1.4.0 to 1.10.6, 9 fields)
vnc: Virtual Network Computing (1.0.0 to 1.10.6, 147 fields)
vntag: VN-Tag (1.10.0 to 1.10.6, 2 fields)
vrrp: Virtual Router Redundancy Protocol (1.0.0 to 1.10.6, 13 fields)
vrt: VITA 49 radio transport protocol (1.10.0 to 1.10.6, 47 fields)
vsnp: Vendor Specific Network Protocol (1.4.0 to 1.10.6, 3 fields)
vssmonitoring: VSS-Monitoring ethernet trailer (1.8.0 to 1.10.6, 3 fields)
vtp: VLAN Trunking Protocol (1.0.0 to 1.10.6, 24 fields)
vuze-dht: Vuze DHT Protocol (1.8.0 to 1.10.6, 62 fields)
vxi11_async: VXI-11 Asynchronous Abort (1.10.0 to 1.10.6, 1 field)
vxi11_core: VXI-11 Core Protocol (1.10.0 to 1.10.6, 31 fields)
vxi11_intr: VXI-11 Interrupt (1.10.0 to 1.10.6, 2 fields)
vxi11async: VXI-11 Asynchronous Abort (1.4.0 to 1.8.13, 1 field)
vxi11core: VXI-11 Core Protocol (1.4.0 to 1.8.13, 31 fields)
vxi11intr: VXI-11 Interrupt (1.4.0 to 1.8.13, 2 fields)
vxlan: Virtual eXtensible Local Area Network (1.8.0 to 1.10.6, 12 fields)

W

wai: WAI Protocol (1.6.0 to 1.10.6, 72 fields)
wap-sir: WAP Session Initiation Request (1.0.0 to 1.10.6, 14 fields)
wassp: Wireless Access Station Session Protocol (1.2.0 to 1.10.6, 266 fields)
watcherinfo: watcherinfo XML doc (RFC 3858) (1.0.0 to 1.10.6, 20 fields)
waveagent: WaveAgent (1.8.0 to 1.10.6, 122 fields)
wbxml: WAP Binary XML (1.0.0 to 1.10.6, 4 fields)
wccp: Web Cache Communication Protocol (1.0.0 to 1.10.6, 86 fields)
wcp: Wellfleet Compression (1.0.0 to 1.10.6, 26 fields)
websocket: WebSocket (1.8.0 to 1.10.6, 29 fields)
whdlc: Wellfleet HDLC (1.0.0 to 1.10.6, 2 fields)
who: Who (1.0.0 to 1.10.6, 15 fields)
wifi_p2p: Wi-Fi Peer-to-Peer (1.6.0 to 1.10.6, 118 fields)
wimaxasncp: WiMAX ASN Control Plane Protocol (1.0.0 to 1.10.6, 773 fields)
wimaxmacphy: WiMAX MAC-PHY over Ethernet (1.10.0 to 1.10.6, 215 fields)
winreg: Remote Registry Service (1.0.0 to 1.10.6, 112 fields)
winsrepl: WINS (Windows Internet Name Service) Replication (1.0.0 to 1.10.6, 28 fields)
wkssvc: Workstation Service (1.0.0 to 1.10.6, 376 fields)
wlan: IEEE 802.11 wireless LAN (1.0.0 to 1.10.6, 131 fields)
wlan_aggregate: IEEE 802.11 wireless LAN aggregate frame (1.0.0 to 1.10.6, 3 fields)
wlan_mgt: IEEE 802.11 wireless LAN management frame (1.0.0 to 1.10.6, 1085 fields)
wlancap: AVS WLAN Capture header (1.0.0 to 1.10.6, 24 fields)
wlancertextn: Wlan Certificate Extension (1.0.0 to 1.10.6, 3 fields)
wlccp: Cisco Wireless LAN Context Control Protocol (1.0.0 to 1.10.6, 159 fields)
wmx: WiMax Protocol (1.0.0 to 1.10.6, 168 fields)
wmx.aas: WiMax AAS-FEEDBACK/BEAM Messages (1.0.0 to 1.10.6, 29 fields)
wmx.arq: WiMax ARQ Feedback/Discard/Reset Messages (1.0.0 to 1.10.6, 21 fields)
wmx.cd: WiMax DCD/UCD Messages (1.0.0 to 1.10.6, 129 fields)
wmx.clk: WiMax CLK-CMP Message (1.0.0 to 1.10.6, 7 fields)
wmx.dreg: WiMax DREG-REQ/CMD Messages (1.0.0 to 1.10.6, 24 fields)
wmx.ds: WiMax DSA/C/D Messages (1.0.0 to 1.10.6, 17 fields)
wmx.dsx: WiMax DSX-RVD Message (1.0.0 to 1.10.6, 3 fields)
wmx.fpc: WiMax FPC Message (1.0.0 to 1.10.6, 6 fields)
wmx.hdr: WiMax Generic/Type1/Type2 MAC Header Messages (1.0.0 to 1.10.6, 172 fields)
wmx.map: WiMax DLMAP/ULMAP Messages (1.0.0 to 1.10.6, 86 fields)
wmx.pkm: WiMax PKM-REQ/RSP Messages (1.0.0 to 1.10.6, 4 fields)
wmx.pmc: WiMax PMC-REQ/RSP Messages (1.0.0 to 1.10.6, 9 fields)
wmx.prc: WiMax PRC-LT-CTRL Message (1.0.0 to 1.10.6, 4 fields)
wmx.reg: WiMax REG-REQ/RSP Messages (1.0.0 to 1.10.6, 162 fields)
wmx.rep: WiMax REP-REQ/RSP Messages (1.0.0 to 1.10.6, 99 fields)
wmx.res: WiMax RES-CMD Message (1.0.0 to 1.10.6, 3 fields)
wmx.rng: WiMax RNG-REQ/RSP Messages (1.0.0 to 1.10.6, 88 fields)
wmx.sbc: WiMax SBC-REQ/RSP Messages (1.0.0 to 1.10.6, 222 fields)
wmx.sub: WiMax Sub-TLV Messages (1.0.0 to 1.10.6, 148 fields)
wol: Wake On LAN (1.0.0 to 1.10.6, 3 fields)
wow: World of Warcraft (1.2.0 to 1.10.6, 35 fields)
wpan: IEEE 802.15.4 Low-Rate Wireless PAN (1.0.0 to 1.10.6, 92 fields)
wps: Wifi Protected Setup (1.0.0 to 1.10.6, 167 fields)
wreth: WSE remote ethernet (1.8.0 to 1.10.6, 105 fields)
wsmp: Wave Short Message Protocol(IEEE P1609.3) (1.2.0 to 1.10.6, 9 fields)
wsp: Wireless Session Protocol (1.0.0 to 1.10.6, 177 fields)
wtls: Wireless Transport Layer Security (1.0.0 to 1.10.6, 69 fields)
wtp: Wireless Transaction Protocol (1.0.0 to 1.10.6, 35 fields)
wzcsvc: Wireless Configuration Service (1.0.0 to 1.10.6, 1 field)

X

x.25: X.25 (1.0.0 to 1.0.16, 17 fields)
x.29: X.29 (1.0.0 to 1.0.16, 3 fields)
x11: X11 (1.0.0 to 1.10.6, 7057 fields)
x224: ITU-T Rec X.224 (1.0.0 to 1.10.6, 8 fields)
x25: X.25 (1.2.0 to 1.10.6, 83 fields)
x29: X.29 (1.2.0 to 1.10.6, 3 fields)
x2ap: EUTRAN X2 Application Protocol (X2AP) (1.0.0 to 1.10.6, 346 fields)
x411: X.411 Message Transfer Service (1.0.0 to 1.4.15, 531 fields)
x420: X.420 Information Object (1.0.0 to 1.4.15, 357 fields)
x509af: X.509 Authentication Framework (1.0.0 to 1.10.6, 73 fields)
x509ce: X.509 Certificate Extensions (1.0.0 to 1.10.6, 203 fields)
x509if: X.509 Information Framework (1.0.0 to 1.10.6, 132 fields)
x509sat: X.509 Selected Attribute Types (1.0.0 to 1.10.6, 166 fields)
xcap-caps: XML Configuration Access Protocol Server Capabilities (1.0.0 to 1.10.6, 3 fields)
xcap-error: XCAP Error XML doc (RFC 4825) (1.0.0 to 1.10.6, 30 fields)
xcsl: Call Specification Language (Xcsl) (1.0.0 to 1.10.6, 6 fields)
xdmcp: X Display Manager Control Protocol (1.0.0 to 1.10.6, 29 fields)
xmcp: eXtensible Messaging Client Protocol (1.8.0 to 1.10.6, 55 fields)
xml: eXtensible Markup Language (1.0.0 to 1.10.6, 12 fields)
xmpp: XMPP Protocol (1.8.0 to 1.10.6, 142 fields)
xot: X.25 over TCP (1.0.0 to 1.10.6, 17 fields)
xtp: Xpress Transport Protocol (1.2.0 to 1.10.6, 60 fields)
xyplex: Xyplex (1.0.0 to 1.10.6, 6 fields)

Y

yami: YAMI Protocol (1.8.0 to 1.10.6, 17 fields)
yhoo: Yahoo Messenger Protocol (1.0.0 to 1.10.6, 10 fields)
ymsg: Yahoo YMSG Messenger Protocol (1.0.0 to 1.10.6, 10 fields)
ypbind: Yellow Pages Bind (1.0.0 to 1.10.6, 8 fields)
yppasswd: Yellow Pages Passwd (1.0.0 to 1.10.6, 11 fields)
ypserv: Yellow Pages Service (1.0.0 to 1.10.6, 16 fields)
ypxfr: Yellow Pages Transfer (1.0.0 to 1.10.6, 1 field)

Z

zbee.apf: ZigBee Application Framework (1.2.0 to 1.8.13, 2 fields)
zbee.aps: ZigBee Application Support Layer (1.2.0 to 1.8.13, 43 fields)
zbee.nwk: ZigBee Network Layer (1.2.0 to 1.8.13, 75 fields)
zbee.zcl: ZigBee Cluster Library (1.4.0 to 1.8.13, 44 fields)
zbee.zdp: ZigBee Device Profile (1.2.0 to 1.8.13, 78 fields)
zbee_apf: ZigBee Application Framework (1.10.0 to 1.10.6, 2 fields)
zbee_aps: ZigBee Application Support Layer (1.10.0 to 1.10.6, 42 fields)
zbee_nwk: ZigBee Network Layer (1.10.0 to 1.10.6, 72 fields)
zbee_zcl: ZigBee Cluster Library (1.10.0 to 1.10.6, 46 fields)
zbee_zdp: ZigBee Device Profile (1.10.0 to 1.10.6, 75 fields)
zebra: Zebra Protocol (1.0.0 to 1.10.6, 27 fields)
zep: ZigBee Encapsulation Protocol (1.2.0 to 1.10.6, 9 fields)
ziop: Zipped Inter-ORB Protocol (1.2.0 to 1.10.6, 8 fields)
zip: Zone Information Protocol (1.0.0 to 1.10.6, 18 fields)
zrtp: ZRTP (1.2.0 to 1.10.6, 44 fields)
Enhance Wireshark

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products.

Troubleshoot your Network

Free 30 day trial

Free 30 day trial

  • Save hours on network and application issue diagnoses
  • Monitor physical and virtual environments
  • GUI packet capture and analysis
  • Fully integrated with Wireshark

Try Cascade Shark VE & Cascade Pilot Free for 30 Days

802.11 Packet Capture

Riverbed AirPcap
  • WLAN packet capture and transmission
  • Full 802.11 a/b/g/n support
  • View management, control and data frames
  • Multi-channel aggregation (with multiple adapters)

Learn More

Buy Now

Packet Analysis Made Easy

    Cascade Pilot Personal Edition graphs
  • Visually rich, powerful LAN analyzer
  • Quickly access very large pcap files
  • Professional, customizable reports
  • Advanced triggers and alerts
  • Fully integrated with Wireshark

Try Cascade Pilot PE FREE for 10 days

Buy Now