Wireshark mailing list archives
Re: Unable to recognise DTLS packets
From: Pascal Quantin <pascal.quantin () gmail com>
Date: Thu, 13 Feb 2014 09:05:26 +0100
Hi, 2014-02-13 8:43 GMT+01:00 Tulika Bose <tulika.bose () tcs com>:
Hi Thanx a lot.I used the 'Decode as' option,and the DTLS header is getting parsed correctly.But it caused an issue,that for some some of the DTLS packets,the pprotocol field showed DTLSv1,while the other packets showed it as DTLS,although all the packets are of the same version.Is there any particular reason for such a difference in version. Secondly,I would like to get the packet displayed with the header information,through command line using tshark,and redirect the output to a text file.But when the filter string used is 'dtls',the file conatains no entries.On the other hand,when the filter string used with the same command is 'coap',packets get displayed,but then again the DTLS header is parsed as CoAP.I would like to get DTLS packets decoded as DTLS through command line.I am using version 10.4.Is there any other approach to do the same using the same version,or I need to update it?
tshark -d option is your friend. See http://www.wireshark.org/docs/man-pages/tshark.html for details. Pascal.
-----Hauke Mehrtens <hauke () hauke-m de> wrote: ----- To: Developer support list for Wireshark <wireshark-dev () wireshark org>, tulika.bose () tcs com From: Hauke Mehrtens <hauke () hauke-m de> Date: 02/12/2014 06:02PM Subject: Re: [Wireshark-dev] Unable to recognise DTLS packets On 02/12/2014 01:02 PM, Tulika Bose wrote:Dear All, I have come across a problem with the display filter of dtls.The version I am using is 1.10.4.I have some DTLS packets,where DTLS is used over CoAP,and they have been captured in a .pcapng file. But when I filter the packets using the string 'dtls',no packets get displayed.On the other hand,when the filter string used is 'coap' or 'udp', packets get displayed,because DTLS is using the same port as coap which is 5683.But the problem is that the wireshark cannot recognise the DTLS header,it parses the same as the CoAP header,although these are actually dtls packets.It would be very kind of you,if you help me with the issue. Thanks & Regards Tulika BosePort 5683 is the default CoAP port and then the CoAP dissector is used by default. You can right click on the Package in wireshark and then click on "Decode As..." and select DTLS to decode it was DTLS. Wen you want to use DTLS with CoAP I would suggest you to use a nightly build or a 11.X version of wireshark, there are some improvements in wireshark regarding these two protocols. Hauke =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Unable to recognise DTLS packets Tulika Bose (Feb 12)
- Re: Unable to recognise DTLS packets Hauke Mehrtens (Feb 12)
- Re: Unable to recognise DTLS packets Tulika Bose (Feb 13)
- Re: Unable to recognise DTLS packets Pascal Quantin (Feb 13)
- Re: Unable to recognise DTLS packets Tulika Bose (Feb 16)
- Re: Unable to recognise DTLS packets Tulika Bose (Feb 18)