[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2019-01-05 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Ross Jacobs  changed:

   What|Removed |Added

 Status|INCOMPLETE  |RESOLVED
 Resolution|--- |NOTABUG

--- Comment #5 from Ross Jacobs  ---
Closing due to inactivity.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-12-10 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Ross Jacobs  changed:

   What|Removed |Added

 CC||whim42+wiresh...@gmail.com

--- Comment #4 from Ross Jacobs  ---
It has been almost a year since this thread was updated. If this is still an
issue, please provide the following:

1. Attach a packet capture that contains this protocol
2. The tshark command used to generate the json
3. How tshark is parsing the file incorrectly into a JSON

Documentation for this protocol and what it used for will be helpful here.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-13 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Jaap Keuter  changed:

   What|Removed |Added

   Severity|Critical|Normal
   Priority|High|Medium

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-10 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

--- Comment #3 from Pascal Quantin  ---
I do not know anything about this protocol, but can you have different numbers
of entreprise private entries per flow? If no, then it's easy to match the
number of entries versus the number of flows. If not, we should probably add a
new field given the number of entreprise private entries for each flow.
Note that a pcap would help to test any newly added field.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-10 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

--- Comment #2 from elias abou hamad  ---
Dear Pascal,

I install the new release of tshark the below info :


TShark (Wireshark) 2.5.0-2309-gbe143963 (v2.5.0rc0-2309-gbe14396)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, without POSIX capabilities, without libnl, with
GLib 2.48.2, with zlib 1.2.8, without SMI, without c-ares, without Lua, without
GnuTLS, with Gcrypt 1.6.5, without Kerberos, with GeoIP, without nghttp2,
without LZ4, without Snappy, with libxml2 2.9.3.

Running on Linux 4.4.0-104-generic, with Intel(R) Core(TM)2 Duo CPU E7200 
@
2.53GHz, with 3942 MB of physical memory, with locale LC_CTYPE=en_US.UTF-8,
LC_NUMERIC=ar_LB.UTF-8, LC_TIME=ar_LB.UTF-8, LC_COLLATE=en_US.UTF-8,
LC_MONETARY=ar_LB.UTF-8, LC_MESSAGES=en_US.UTF-8, LC_PAPER=ar_LB.UTF-8,
LC_NAME=ar_LB.UTF-8, LC_ADDRESS=ar_LB.UTF-8, LC_TELEPHONE=ar_LB.UTF-8,
LC_MEASUREMENT=ar_LB.UTF-8, LC_IDENTIFICATION=ar_LB.UTF-8, with libpcap version
1.7.4, with Gcrypt 1.6.5, with zlib 1.2.8, binary plugins supported (13
loaded).

Built using gcc 5.4.0 20160609.






Please find the below output :


{  
   "timestamp":"1515569548848",
   "layers":{  
  "frame":{  
 "filtered":"frame"
  },
  "eth":{  
 "filtered":"eth"
  },
  "ip":{  
 "filtered":"ip"
  },
  "udp":{  
 "filtered":"udp"
  },
  "cflow":{  
 "cflow_cflow_version":"10",
 "cflow_cflow_len":"1379",
 "cflow_cflow_timestamp":"Jan 10, 2018 09:32:28.0 EET",
 "cflow_timestamp_cflow_exporttime":"1515569548",
 "cflow_cflow_sequence":"2896658",
 "cflow_cflow_od_id":"2880943041",
 "cflow_text":"Set 1 [id=8400] (12 flows)",
 "text_cflow_flowset_id":"8400",
 "text_cflow_flowset_length":"1363",
 "text_cflow_template_frame":"38065",
 "text_text":[  
"Flow 1",
"Flow 2",
"Flow 3",
"Flow 4",
"Flow 5",
"Flow 6",
"Flow 7",
"Flow 8",
"Flow 9",
"Flow 10",
"Flow 11",
"Flow 12"
 ],
 "text_cflow_protocol":[  
"6",
"17",
"17",
"6",
"17",
"1",
"17",
"17",
"6",
"17",
"17",
"17"
 ],
 "text_cflow_dstport":[  
"443",
"53",
"53",
"443",
"137",
"8",
"53",
"53",
"443",
"53",
"443",
"123"
 ],
 "text_cflow_inputint":[  
"111",
"111",
"121",
"131",
"0",
"131",
"131",
"111",
"111",
"131",
"131",
"0"
 ],
 "text_cflow_srcport":[  
"53504",
"50837",
"64468",
"10538",
"514",
"0",
"33456",
"11760",
"2024",
"62128",
"59504",
"17113"
 ],
 "text_cflow_outputint":[  
"111",
"111",
"121",
"131",
"111",
"131",
"131",
"111",
"111",
"131",
"131",
"131"
 ],
 "text_cflow_dstaddr":[  
"216.58.205.180",
"193.227.177.130",
"128.8.10.90",
"31.13.75.12",
"192.168.0.5",
"216.58.211.164",
"193.227.177.53",
"193.227.177.130",
"216.58.209.142",
"194.126.16.38",
"216.58.201.193",
"66.243.43.2"
 ],
 "text_cflow_dstaddrv6":[  
"::",
"::",
"::",
"::",
"::",
"::",
"::",
"::",
"::",
"::",
"::",
"::"
 ],
 "text_cflow_timedelta":[  
"62.0",
"20.0",
"20.0",
"140.0",
"20.0",
"40.0",
"20.0",
"20.0",
"10.0",
"20.0",
"148.0",

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Pascal Quantin  changed:

   What|Removed |Added

 Status|CONFIRMED   |INCOMPLETE

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Christoph Wurm  changed:

   What|Removed |Added

 CC||w...@elastic.co

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Pascal Quantin  changed:

   What|Removed |Added

 CC||pascal.quan...@gmail.com

--- Comment #1 from Pascal Quantin  ---
Hi Elias,

I'm not sure I understood your request properly, but JSON key deduplication was
tracked by bug 12958 that is solved in master branch. Could you give it a try?

Thanks,
Pascal.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

Pascal Quantin  changed:

   What|Removed |Added

   See Also||https://bugs.wireshark.org/
   ||bugzilla/show_bug.cgi?id=12
   ||958

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

elias abou hamad  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |CONFIRMED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14315] -T ek enterprise private entry

2018-01-09 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14315

elias abou hamad  changed:

   What|Removed |Added

   Priority|Low |High

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe