Wireshark · Ethereal-dev: [Ethereal-dev] Any chance to get something like "decode as" for DCE-RPC interfaces?

Ethereal-dev: [Ethereal-dev] Any chance to get something like "decode as" for DCE-RPC interfac

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Ulf Lamping <ulf.lamping@xxxxxx>

Date: Wed, 18 Aug 2004 20:03:54 +0200

Hi List!

I have an ongoing problem with DCE-RPC (DCOM) calls.

If I couldn't get the context of a DCE-RPC call (because I've missed the"bind" or "alter context" packets), Ethereal can't get a match betweenthe conversation and the corresponding DCE-RPC call dissection.

It would be *very nice* to have the "Decode As" feature for DCE-RPCinterfaces, so the user could select a specific RPC interface for aspecific conversation.

Had a short look into the decode as dialog, but as I'm not reallyfamiliar with the dissection engine, I don't see an easy way to add thisfeature.

Anyone interested in implementing such a feature, or at least give anestimation how much effort it would be to implement it and how?


Regards, ULFL

Follow-Ups:
- Re: [Ethereal-dev] Any chance to get something like "decode as" for DCE-RPC interfaces?
  - From: Ober Heim

Prev by Date: Re: [Ethereal-dev] Copy of the "byte view" contents to the clipboard via the context menu
Next by Date: Re: [Ethereal-dev] tvb_get_* for guint64?
Previous by thread: [Ethereal-dev] Re: TCAP and GSM: if no display filter is set, Protocol and Info columns not updated
Next by thread: Re: [Ethereal-dev] Any chance to get something like "decode as" for DCE-RPC interfaces?
Index(es):
- Date
- Thread