I tried setting the
Preference->Protocols-> H248
and set the UDP Port preference to "2945" as shown below, but still did not
decode for me??
- I kept the
'Keep Persistent Context Information:' as is (ie.
unchecked)
- I changed the
'UDP port:' field from 0 to 2945
The Raw
Packet that I am trying to decode in "Text" is
below:
0000 00 0f 34 cd 73 c1 00 80 42 1a 74 aa 08 00 45
68 ..4.s... B.t...Eh
0010 00 9b 00 00 40 00 40 11 c5
42 8b 36 2f 0a 8b 36 ....@.@. .B.6/..6
0020 2f 31 0b 81 0b
81 00 87 71 0b 30 7d a1 7b
80 01 /1...... q.0}.{..
0030 01 a1 08 a0 06 80 04 8b
36 2f 0a a2 6c a1 6a a0 ........ 6/..l.j.
0040 68 80 02 03
e8 a1 62 30 60 80 01 00 a3 5b 30 59 h.....b0
`....[0Y
0050 a0 57 a7 55 a0 0a 30 08 a0 00 81 04 ff ff ff
ff .W.U..0. ........
0060 a1 47 80 01 03 a1 04 80 02
0b 81 82 01 01 a3 0d .G...... ........
0070 80 0b
41 42 43 44 45 46 47 5f 31 2f 31 a4 11
04 ..ABCDEF G_1/1...
0080 0f 16 0d 39 30 31 20 43 6f
6c 64 20 42 6f 6f 74 ...901 C old Boot
0090 85 01 00 a7 14
80 08 32 30 30 36 30 36 32 37 81 .......2
0060627.
00a0 08 31 33 33 37 34 38 30
30
.1337480 0
Do I need
H.248.1_Version1 plugins?
PS: How do I submit reply to following
message?
Thanks,
Bill
I am new to Ethereal.
I downloaded and installed the Win32 Binary Wireshark v0.99.1pre1 on WinXP
Pro., and opened an Ethereal capture file for
H.248 v1
BER encoded trace (ip:udp:h248 over udp
port 2945). What configuration changes or plugins are needed so I can see
the content of H.248 BER encoded data?
Thanks,
Bill
