Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: Re: [Wireshark-users] Importing raw application protocol data with Wireshark

From: Abhik Sarkar <sarkar.abhik@xxxxxxxxx>
Date: Thu, 14 Sep 2017 17:53:57 +0400
text2pcap might help, provider the application layer itself has a dissector in Wireshark.

From https://www.wireshark.org/docs/wsug_html/#AppToolstext2pcap:
"text2pcap also allows the user to read in dumps of application-level data, by inserting dummy L2, L3 and L4 headers before each packet..."

See also: https://wiki.wireshark.org/HowToDissectAnything.

On 14 September 2017 at 15:28, Jack Guest <anonimusul@xxxxxxxxx> wrote:
Hi,

Is there any straightforward way of importing from a file
application-layer protocol data that lacks transport headers (i.e
lacks link-layer, internet-layer and transport-layer headers) in order
to be able to use an existing Wireshark protocol dissector to view and
analyze the application protocol raw data?


If not, what would it take to add such feature to Wireshark or the other tools?

Thanks,
Jack
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe