Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-dev: Re: [Wireshark-dev] Problem to decode LDAP packets

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: Sake Blok <sake@xxxxxxxxxx>
Date: Sun, 3 Feb 2008 19:12:16 +0100

On Sun, Feb 03, 2008 at 05:41:12PM +0100, Noel Cuillandre wrote:
> I've compiled the svn version of Wireshark and i'm unable to decode LDAP
> packets on ports 389 and 3268 (MSGlobal catalog) whereas an old version
> (0.10) correctly display LDAP details on the same capture ! ( capture
> was done on wiresharlk 0.99.7)
> Is-this a bug ?

It *could* be a bug, but to be able to determine if it is, the packets
need to be examined. Are you able to mail a small capture file (<10kb)
to the list?

If not, what do the packets look like in Wireshark, just TCP? What 
happens if you disable the "Allow subdissectors to reassemble tcp
fragments" setting in the TCP protocol preferences?

Cheers,
    Sake
  • References:
    • [Wireshark-dev] Problem to decode LDAP packets
      • From: Noel Cuillandre
  • Prev by Date: [Wireshark-dev] Problem to decode LDAP packets
  • Next by Date: Re: [Wireshark-dev] LUA TCP protocol dissector
  • Previous by thread: [Wireshark-dev] Problem to decode LDAP packets
  • Next by thread: [Wireshark-dev] Generating test packet
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation