Wireshark mailing list archives
Comstock Token Format Protocol
From: Tom Brearley via Wireshark-dev <wireshark-dev () wireshark org>
Date: Thu, 20 Jul 2017 14:08:10 +0000 (UTC)
Dear WireShark Developers/Users I was wondering if anyone out there had any experience with the ComStock Token Format protocol (CTF)? It is a financial protocol used to transmit real time data. It is used by companies such as Interactive Data/ICE for their data feeds. I am a subscriber to such a data feed and am using WireShark to have a look at the TCP packets coming through the wire. I'm so far completely unable to decipher them (its possible that they are compressed - on a side note, could anyone point out if they are? I have attached some sample packets). I am aware however that the feed uses this protocol. It works in such a way that a token number is used, along with the data, in the form "TOKENNUMBER=DATA", or as per the screenshot below, for a more real example "8=521"(where 8 would signify a trade price and 521 would be the trade price itself). I believe that these values will actually be encoded in the byte array.A link to the full protocol is here:-https://wenku.baidu.com/view/530e0268b84ae45c3b358c24.html### Does anyone have any information about protocols such as these? I would also be extremely grateful if someone could also have a look at the sample packet attached and tell me if I am missing something simple (such as compression/encryption - the first two bytes of most of the messages always seem to start with 153, 121 - not sure if this is a compression signature). Any help would be massively appreciated. Tom
Attachment:
packet_sample.pcapng
Description:
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Comstock Token Format Protocol Tom Brearley via Wireshark-dev (Jul 20)