Wireshark-dev: Re: [Wireshark-dev] Problem to decode LDAP packets
From: Sake Blok <[email protected]>
Date: Sun, 3 Feb 2008 19:12:16 +0100
On Sun, Feb 03, 2008 at 05:41:12PM +0100, Noel Cuillandre wrote:
> I've compiled the svn version of Wireshark and i'm unable to decode LDAP
> packets on ports 389 and 3268 (MSGlobal catalog) whereas an old version
> (0.10) correctly display LDAP details on the same capture ! ( capture
> was done on wiresharlk 0.99.7)
> Is-this a bug ?

It *could* be a bug, but to be able to determine if it is, the packets
need to be examined. Are you able to mail a small capture file (<10kb)
to the list?

If not, what do the packets look like in Wireshark, just TCP? What 
happens if you disable the "Allow subdissectors to reassemble tcp
fragments" setting in the TCP protocol preferences?

Cheers,
    Sake