Wireshark has transport name resolution enabled by default.
Unfortunately protocol numbers often get mapped to the wrong name, which
can lead to confusion:
https://ask.wireshark.org/questions/10380/what-is-commplex-main
It seems like the services file has effectively become a list of
things not
On Apr 23, 2012, at 10:56 AM, Gerald Combs wrote:
Wireshark has transport name resolution enabled by default.
Unfortunately protocol numbers often get mapped to the wrong name, which
can lead to confusion:
https://ask.wireshark.org/questions/10380/what-is-commplex-main
It seems like the
On Apr 23, 2012, at 11:11 AM, Stephen Fisher wrote:
It still has useful matches including, but not limited to:
ssh (22)
domain (53)
http (80)
microsoft-ds (445)
router (520) - (I know, scary RIP...)
Note that we have dissectors for all of those (and that the names aren't the
On Mon, Apr 23, 2012 at 11:24:02AM -0700, Guy Harris wrote:
Note that we have dissectors for all of those (and that the names aren't the
protocol names, e.g. domain rather than DNS, microsoft-ds rather than
SMB, router rather than RIP).
The issues are probably mostly with the protocols not
Guy Harris guy@... writes:
Perhaps we should, instead, have our own table of port numbers-protocol
names.
In that case, would it make sense to add a preference to allow the user to
choose either the current services file for the mapping or to use the Wireshark
table?
To help support