http://blog.gmane.org/gmane.network.wireshark.user hourly 1 1901-01-01T00:00+00:00 http://gmane.org/img/gmane-25t.png http://gmane.org http://comments.gmane.org/gmane.network.wireshark.user/5812 Ammar Lilamwala 2008-07-25T07:08:36 http://comments.gmane.org/gmane.network.wireshark.user/5811 Hello, I am new to the Wireshark users list. The question I have is how do I report a bug in DNP reassembly of some packets I am capturing. Thanks in advance, Louis Piscopo CAUTION This email and any files transmitted with it may be confidential and are intended solely for the use of the individual or entity to whom they are addressed. Any confidentiality is not waived or lost because this email has been sent to you by mistake. This email may contain personal information of individuals, and be subject to Commonwealth and/or State privacy laws in Australia. This email is also subject to copyright. If you are not the intended recipient, you must not read, print, store, copy, forward or use this email for any reason, in accordance with privacy and copyright laws. If you have received this email in error, please notify the sender by return email, and delete this email from your inbox. louis.piscopo-fQPH76NNnUoW+bLBXbPJGg< at >public.gmane.org 2008-07-25T05:18:58 http://comments.gmane.org/gmane.network.wireshark.user/5807 Barry Constantine 2008-07-24T19:20:03 http://comments.gmane.org/gmane.network.wireshark.user/5806 Wes 2008-07-24T19:24:14 http://comments.gmane.org/gmane.network.wireshark.user/5799 Rick Gudmundson 2008-07-22T16:02:42 http://comments.gmane.org/gmane.network.wireshark.user/5793 Greetings, I have to admitt I'm a total newbie to Wireshark, I hope it can help me solve a problem. I've been task to find out what our http and https request per second load is out to the internet. Is this built into the product? or do I need to write a filter. If a custom filter is needed any suggestions? thanks fo any help, BM2b netman 2008-07-22T22:50:09 http://comments.gmane.org/gmane.network.wireshark.user/5791 Hoosain Madhi 2008-07-22T06:31:05 http://comments.gmane.org/gmane.network.wireshark.user/5789 Hi! Is there a way to (display) filter out packets case insensitive? I mean you can do something like: pn_dcp.suboption_device_nameofstation == "Rack02xF-Device-03" || pn_dcp.suboption_device_nameofstation == "rack02xf-device-03" But is there a way to do a more generic case insensitive filter, maybe using pcre? Regards, ULFL Ulf Lamping 2008-07-21T20:26:02 http://comments.gmane.org/gmane.network.wireshark.user/5770 Hello, I am new to Wireshark and am using the Windows version. I was given a dissector and need to build it into Wireshark. The extension of the dissector is .c. I downloaded Wireshark yesterday and I know very little about the program. Thank you Sandoval, Andres R 2008-07-18T16:40:16 http://comments.gmane.org/gmane.network.wireshark.user/5767 Biswojit Padhiary 2008-07-18T05:39:18 http://comments.gmane.org/gmane.network.wireshark.user/5766 Letourneau, Matthew 2008-07-17T14:01:06 http://comments.gmane.org/gmane.network.wireshark.user/5764 Justin Alcorn 2008-07-18T15:39:52 http://comments.gmane.org/gmane.network.wireshark.user/5758 Hello all, How should I configure my Wireshark( version 1.0.1) in order to read this type of files? I read about *Tektronix K12xx/K15 .rf5 files* on http://wiki.wireshark.org/K12 but I got lost at this part: "The configuration file contains a list of stk-file/encapsulation-protocol pairings separated by a space. To set wireshark to use a k12 config file go to Preferences->Protocols->k12 and write the filename in the "Configuration filename" preference. You can specify a k12 config file using -o 'k12.config: /path/to/k12_config on the command line. Example configuration file # comments are lines that start with a '#' # sorry no spaces in filenames are allowed yet C:\K1297\stacks\umts_iu\umts_iu_ranap_alcap_2002-03.stk sscf-nni C:\K1297\stacks\umts_iu\umts_iu_ranap_alcap_2002-09.stk sscop D:\K15\stacks\gprs\gprs_Gb_R99.stk fr D:\K15\stacks\umts_iu\umts_iu_ranap_alcap_2002-09.stk sscop D:\K15\stacks\umts_iu\umts_iu_ranap_alcap.stk sscop C:\K1205\stacks\whibisup.stk mtp2 C:\K1297\stacks\gsm2p\gsm2p_gmsc.stk mtp2 C:\K1297\stacks\umts_iu\umts_iu_ranap_alcap.stk sscop " ... Because in Preferences->Protocols->k12 i don't have a option called "Configuration filename" and I don't know where to make the configuration from the example from above. Also I tried to open wireshark from cmd (I work on Windows) with the -o 'k12.config: /path/to/k12_config option but I get a invalid -o flag k12.config I mention that in Preferences->Protocols-> I have k12xx and not k12. Can anyone help me? Thanks in advance Adriana Matei 2008-07-18T11:19:41 http://comments.gmane.org/gmane.network.wireshark.user/5756 Dan Murphy 2008-07-17T18:30:12 http://comments.gmane.org/gmane.network.wireshark.user/5755 WIN_XP Wireshark Version 1.0.2 (SVN Rev 25698) I've tried to add a path by using Edit>Preferences>Name Resolution> SMI (MIB and PIB) paths. The Apply_button in the SMI Paths dialog_box acts like a Cancel_button. The same problem occurs when you try to delete a path or when you try to add/delete SMI (MIB and PIB) modules. So I used the OK_button (or you can add/edit the files smi_modules and smi_paths). Joan j.snelders-gV1cAGbgYeXz+pZb47iToQ< at >public.gmane.org 2008-07-17T18:18:18 http://comments.gmane.org/gmane.network.wireshark.user/5753 I installed Wireshark on Mac OS X 10.5.4 and tried to launch it. The icon appeared on the dock but the Wireshark window did not appear. When I tried running it by hand, I get the following messages: $ /Applications/Wireshark.app/Contents/Resources/bin/wireshark 2008-07-16 15:58:25.674 defaults[1068:10b] The domain/default pair of (kCFPreferencesAnyApplication, AppleAquaColorVariant) does not exist 2008-07-16 15:58:25.684 defaults[1069:10b] The domain/default pair of (kCFPreferencesAnyApplication, AppleHighlightColor) does not exist (process:1059): Gdk-WARNING **: locale not supported by C library (wireshark-bin:1059): Gtk-WARNING **: Locale not supported by C library. Using the fallback 'C' locale. Has anyone encountered this issue or knows a solution? Thank you. Lawrence Lawrence Teo 2008-07-16T20:00:52 http://comments.gmane.org/gmane.network.wireshark.user/5745 Sabyasachi Samal 2008-07-17T07:14:51 http://comments.gmane.org/gmane.network.wireshark.user/5740 Dowling Paul 2008-07-16T13:00:37 http://comments.gmane.org/gmane.network.wireshark.user/5738 Hi everybody, I have been trying to dump HTTP traffic with tshark, but did not manage to find good params... I want to dump the traffic in text from a server on 192.168.16.23:8880 I tried variants of: tshark -T text -x -f "dst port 8880 and host 192.168.16.23" -R http.request But I endup just dumping to a file and using the strings command on it... Is there a better way? Thx, JD John Doe 2008-07-16T09:33:08 http://comments.gmane.org/gmane.network.wireshark.user/5735 Dear gurus, I have installed the Wireshark 1.0.2 in a notebook with a Realtek RTL8139/810x Family Fast Ethernet Ethernet NIC. Everything seems OK, when I initialize wireshark to capture the packets over the Ethernet. However, when I attach the notebook to a hub with a IP Phone attached on another port, strange thing happens. The Wireshark could capture packets except those of SIP and RTP related protocols (ex., I ping the IP Phone from the notebook and the packets of ICMP echo request and reply can be captured). No capture filters has been assigned in the Wireshark. I then initalize a soft phone in the notebook to communicate with the Proxy server and use wireshark to capture the SIP packets. The Wireshrak works well in this way. I have unistalled WinPacp and wireshark with Revo unistaller (in order to uninstall them completely) and re-install them several times. The situation doesn't change a bit. It just seems that my notebook could not cpature the Ethernet packets of SIP and RTP protocols. Can anyone help me or give me a clue to solve this? Thank you very much for the help! Best Regards Shou-Kuo Shao skshao 2008-07-16T08:20:48 http://comments.gmane.org/gmane.network.wireshark.user/5733 Ammar Lilamwala 2008-07-15T20:08:41 Search the mailing list at Gmane query http://search.gmane.org/?group=$group=gmane.network.wireshark.user