Wireshark-users: Re: [Wireshark-users] how to second capwap decryptor for tshark
From: balu <[email protected]>
Date: Wed, 4 Jul 2012 15:18:12 +0530
Ok, I understand the problem. But for me decryption of data packets is sufficient. Just curious is there any work around to decrypt capwap data packet.
In my case all packets are decrypting assuming as capwap control pkts and other capwap packets marked as malfunctioned packets. Actually I don't bother about control packets. So Is there a way to work with capwap data packet no need of control packets display (I don't bother if it displayed as malfunctioned packets).

Thank you very much



On Wed, Jul 4, 2012 at 1:34 PM, Guy Harris <[email protected]> wrote:

On Jul 4, 2012, at 12:24 AM, Guy Harris wrote:

> That doesn't mean there are 3 B.A.T.M.A.N. dissectors or two CAPWAP dissectors, it means either that the code to register them as potential UDP port dissectors doesn't eliminate duplicate registrations or that the code to print those registrations doesn't eliminate them.  I'll look at fixing that bug.

Actually, the problem for CAPWAP is that, even if there's only one registered protocol and only one dissector source file, there are separate dissectors for "control" and "data" packets.  Unfortunately, there's no way to specify which of the dissectors should be used.  (A similar problem exists for B.A.T.M.A.N.)

This needs more work to fix.



--
*******************************
baluenigma.blogspot.com
balaji phaneedra kumar
[email protected]
********************************