Wireshark · Wireshark-users: [Wireshark-users] symbolic decode of ESP payload

Wireshark-users: [Wireshark-users] symbolic decode of ESP payload

From: "Joe Harvell" <harvell@xxxxxxxxxx>

Date: Wed, 27 Sep 2006 12:44:19 -0500

I am trying to decode packets carried in ESP transport mode. I set upIPSec to use NULL encryption and authentication. When I configure ESPwith the SA's, it shows me the decoded data in the ESP payloads. But Iwant it to symbolically decode that. Specifically, if a TCP segementspans multiple ESP packets, I expect Wireshark to re-assemble andsymbolically decode whatever is inside. I know it can do this withDiameter. Does it not do it for ESP?


---
Joe Harvell

Prev by Date: Re: [Wireshark-users] Command Syntax Problem with tethereal
Next by Date: [Wireshark-users] This log doesn't seem right (newbie question)
Previous by thread: Re: [Wireshark-users] Arbitrarily labelling src / dst IPs?
Next by thread: [Wireshark-users] This log doesn't seem right (newbie question)
Index(es):
- Date
- Thread