On Mon, 14 May 2012 23:58:06 -0700, Guy Harris wrote:
> What happens if:
> 1) your version of Wireshark is built with libsmi
That's what I have:
..., with SMI 0.4.8,...
> 2) OID resolution is enabled in the "Name Resolution" preferences
Yes, I have that enabled (and the MIBs added in path and modules).
The OIDs etc are correctly expanded to human-readable text in the Wireshark display.
Numeric and enumerated values are decoded correctly, it's only the OctetString values I had an issue with.
> 3) the MIB entry for the variable binding in question has a SYNTAX of, for example, DisplayString?
This is what I was missing. The MIBs I have only defined the SYNTAX as "OCTET STRING". After changing that to "DisplayString" (and importing DisplayString from SNMPv2-TC) in the MIB, I get some of the strings displayed correctly.
I still have a problem with malformed traps (Expert Info (Warn/Malformed): No instance sub-id in scalar value), where Wireshark doesn't honour the SYNTAX from the MIB.
This is a problem on the device generating the trap though, nothing to do with Wireshark.
Since I can't fix the device sending the traps, I'll stick with the hack of defining OctetString as FT_STRING.
Many thanks for your assistance.