Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 1053] New: New SNMP filtering is broken

Date: Fri, 25 Aug 2006 07:12:50 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1053

           Summary: New SNMP filtering is broken
           Product: Wireshark
           Version: unspecified
          Platform: PC
        OS/Version: FreeBSD
            Status: NEW
          Severity: Blocker
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: jclarke@xxxxxxxxx


I can no longer successfully search through SNMP packets for a given object
name in wireshark 0.99.2 or 0.99.3a.

For example, say you have a capture of an snmpwalk for the system subtree.  You
want to find all packets that contain the sysLocation object (i.e.
1.3.6.1.2.1.1.6).  Creating the following filter will not work:

snmp.name == 1.3.6.1.2.1.1.6.0

(The above is the default filter created if you right-click on the
sysLocation.0 name in a packet, and select to prepare a filter with the
selected field.)

In fact, the only SNMP object name filter that will find anything is:

snmp.name contains 1.3.6

Any more sub IDs and the filter will no longer match any packets.

Other searches (such as snmp.request_id) do still work.  However, I cannot find
a way to reliably search through SNMP packets for particular values (e.g.
search through all packets where the value of an object is 12345).


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.