Wireshark · Wireshark-users: Re: [Wireshark-users] Wireshark-users Digest, Vol 17, Issue 18

Wireshark-users: Re: [Wireshark-users] Wireshark-users Digest, Vol 17, Issue 18

From: "Dennis Perisa" <dennis.perisa@xxxxxxxxx>

Date: Tue, 16 Oct 2007 15:37:52 +1000

Thanks for the info Luis

Unfortunately, the snmp.ObjectName field does not exist, nor is documented (I am using version 0.99.6a). An error is returned when I try to use it.

The same goes for latest dev version.

Do you mean snmp.name? If so, that don't work either :)

The last suggestion using <mib-name>.... works a charm so I look forward to that capability being available in a future stable release.

On 10/15/07, wireshark-users-request@xxxxxxxxxxxxx < wireshark-users-request@xxxxxxxxxxxxx> wrote:

Message: 5
Date: Mon, 15 Oct 2007 11:07:08 +0200
From: "Luis EG Ontanon" <luis.ontanon@xxxxxxxxx>
Subject: Re: [Wireshark-users] How to filter SNMP on object ID
To: "Community support list for Wireshark"
        <wireshark-users@xxxxxxxxxxxxx>
Message-ID:
        <f20d86b70710150207y2ddf9f43s6705c78e34470382@xxxxxxxxxxxxxx >
Content-Type: text/plain; charset=ISO-8859-1

snmp.objectID_value is the value what you are looking is for the name so:

snmp.ObjectName == 1.3.6.1.2.1.2.2.1.16.7 should work for you

In development versions after 0.99.6 you could also filter this with:

mibs.ifOutOctets && mibs.ifEntry.ifIndex == 7

L

On 10/15/07, Dennis Perisa <dennis.perisa@xxxxxxxxx> wrote:
> Hi all,
>
> Can anyone give me an example of how to filter an SNMP packet on a specific
> object ID?  I seem to be having trouble using the built-in filter
> snmp.objectID_value.
>
> Here's an example of what I have tried thus far:
> snmp.objectID_value == 1.3.6.1.2.1.2.2.1.16.7
> ==> returns nothing
>
> Thanks in advance,
> Dennis
>
>
>
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users
>
>

--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan

------------------------------

_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users

End of Wireshark-users Digest, Vol 17, Issue 18
***********************************************

Prev by Date: Re: [Wireshark-users] FC6 Wireshark 0.99.6 not showing latest live packets
Next by Date: [Wireshark-users] Support for DOCSIS3.0
Previous by thread: Re: [Wireshark-users] FC6 Wireshark 0.99.6 not showing latest live packets
Next by thread: [Wireshark-users] Support for DOCSIS3.0
Index(es):
- Date
- Thread