Wireshark
the world's foremost network protocol analyzer
Wireshark-dev: Re: [Wireshark-dev] Introduction and first questions/suggestions
From: Steve Karg <skarg@xxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 06 Jun 2007 15:07:11 -0700
Hi Simon,I help maintain the BACnet (bacnet, bacapp, bvlc) dissectors in WireShark. Sorry I didn't see your post sooner - I normally just scan the subject lines for BACnet or BACapp or BVLC.
Either under Chapter "GUI" or "Dissection":When a protocol is used on another port than Wireshark expects it to be (such as BACnet on UDP port 48560) the context sensitive menu Item "Decode as..." is GREAT, but finding what I need is not so great since only an abreviation (in above example BVLC) can be selected without any way of help. I suggest a tooltip when hovering over a selected protocol item with the same content as in help --> Supported Protocols (in above example BVLC: BACnet Virtual Link Control).
Do you have a capture for this? If so, I can look at what is required for WireShark to analyze BACnet/IP on a UDP/IP port other than 47808.
Dissector specificItem 19. What's the reason, the APDU part of BACnet/IP is not dissected? Is it just the workload (for which a solution can be found) or there a technical reason such as variable length, the BACnet specific solution of segmenting or other?
The APDU portion is dissected and mostly complete since Ethereal 0.10.11. I will update the wishlist:
http://wiki.wireshark.org/WishList Best Regards, Steve
- Prev by Date: Re: [Wireshark-dev] [PATCH] ETHERNET Powerlink enhancement
- Next by Date: Re: [Wireshark-dev] how to make tcap subdissector in plugin
- Previous by thread: Re: [Wireshark-dev] Windows build crashing
- Next by thread: [Wireshark-dev] urgent:: query IPMON trtlg trace file
- Index(es):