Wireshark · Ethereal-users: Re: [Ethereal-users] How can Ethereal decode HTTP automatically when HTTP is not running on the stan

Ethereal-users: Re: [Ethereal-users] How can Ethereal decode HTTP automatically when HTTP is not

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Martin Regner" <martin.regner@xxxxxxxxx>

Date: Thu, 31 Oct 2002 06:33:44 +0100

Guy Harris wrote:
>Not without modifying the source code to the HTTP dissector to have a
>preference that's a string containing a list of additional ports, and
>having the dissector parse that string and register Ethereal with those
>other ports.

Actually a good idea for the RTP dissector as well to be able to specify ranges of port numbers
e.g. put an option in Preferences.../Protocols/RTP  
"Dissect for <Even/All> UDP portnumbers in the range(s): '5559,10230-10400,30000-30100'".

Currently I use a very simple plugin that hardcodes certain ranges of UDP ports and then I call the RTP
dissector from my plugin if the packet looks like RTP version 2.

This combined with the new way for non-heuristic dissectors to reject packets that doesn't look like RTP version 2, HTTP, ....
as described is the message below could be really useful. 
http://www.ethereal.com/lists/ethereal-dev/200210/msg00077.html

Probably the best is to put an option for this as well, e.g. "Don't dissect misformed RTP v2 packets" since sometimes
you want also the misformed packets.

Regards,
  Martin

Prev by Date: [Ethereal-users] Ethereal-users digest, Vol 1 #933 - 10 msgs
Next by Date: Re: [Ethereal-users] Enabling network name resolution in Tethereal
Previous by thread: Re: [Ethereal-users] How can Ethereal decode HTTP automatically when HTTP is not running on the standard port 80?
Next by thread: [Ethereal-users] Ethereal-users digest, Vol 1 #933 - 10 msgs
Index(es):
- Date
- Thread