Wireshark-users: Re: [Wireshark-users] Importing raw application protocol data with Wireshark
From: Jaap Keuter <[email protected]>
Date: Fri, 15 Sep 2017 08:18:34 +0200
... or “Import from Hex Dump” in Wireshark itself (it’s basically the same thing).

On 14 Sep 2017, at 15:53, Abhik Sarkar <[email protected]> wrote:

text2pcap might help, provider the application layer itself has a dissector in Wireshark.

From https://www.wireshark.org/docs/wsug_html/#AppToolstext2pcap:
"text2pcap also allows the user to read in dumps of application-level data, by inserting dummy L2, L3 and L4 headers before each packet..."

See also: https://wiki.wireshark.org/HowToDissectAnything.

On 14 September 2017 at 15:28, Jack Guest <[email protected]> wrote:

Is there any straightforward way of importing from a file
application-layer protocol data that lacks transport headers (i.e
lacks link-layer, internet-layer and transport-layer headers) in order
to be able to use an existing Wireshark protocol dissector to view and
analyze the application protocol raw data?

If not, what would it take to add such feature to Wireshark or the other tools?

Sent via:    Wireshark-users mailing list <[email protected]>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-[email protected]?subject=unsubscribe

Sent via:    Wireshark-users mailing list <[email protected]>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
            mailto:[email protected]?subject=unsubscribe