Wireshark · Wireshark-dev: Re: [Wireshark-dev] Usb dissectors, usb.protocol is always 0x000000

Wireshark-dev: Re: [Wireshark-dev] Usb dissectors, usb.protocol is always 0x000000

From: Pascal Quantin <pascal.quantin@xxxxxxxxx>

Date: Fri, 23 Oct 2015 16:55:51 +0200

2015-10-23 16:50 GMT+02:00 [AvataR] <public.avatar@xxxxxxxxx>:

Hi list.

I wrote trivial dissector (in lua, if it's matters) for MTP protocol
for own use. Now I have a problem - how to apply it just for these
packets.

I reviewed sources and found out, that there is usb.protocol
dissection table. I even found Still Image protocol in wireshark
sources. The problem is, that for my captures Protocol is always 0x0.
To find this I make right click on packet, and on USB Protocol page I
there is labels like - Class = 0x0, Subclass = 0x0, Protocol = 0x0.

I tried to make full records in linux using /dev/usbmon and in windows
using USBCap. Result is the same.

Because my device have several endpoints which talks different
protocols I couldn't apply dissector to the whole device.

So.. What should I do?

Hi,

ensure to capture the USB enumeration. This is required to fill those fields.

Best regards,

Pascal.

Follow-Ups:
- Re: [Wireshark-dev] Usb dissectors, usb.protocol is always 0x000000
  - From: [AvataR]

References:
- [Wireshark-dev] Usb dissectors, usb.protocol is always 0x000000
  - From: [AvataR]

Prev by Date: [Wireshark-dev] Usb dissectors, usb.protocol is always 0x000000
Next by Date: Re: [Wireshark-dev] Usb dissectors, usb.protocol is always 0x000000
Previous by thread: [Wireshark-dev] Usb dissectors, usb.protocol is always 0x000000
Next by thread: Re: [Wireshark-dev] Usb dissectors, usb.protocol is always 0x000000
Index(es):
- Date
- Thread