Hi
Thanks a lot for the solution provided.I have been able to get what I wanted.
Thanks & Regards
Tulika Bose
Follow me on KNOME: https://knome.ultimatix.net/u/tulika.bose
Tata Consultancy Services Limited
Cell:- +918820214176
Mailto: [email protected]
Website: http://www.tcs.com
____________________________________________
Experience certainty. IT Services
Business Solutions
Consulting
____________________________________________
[email protected] wrote: -----
To: Developer support list for Wireshark <[email protected]>
From: Tulika Bose
Sent by: [email protected]
Date: 02/17/2014 11:30AM
Subject: Re: [Wireshark-dev] Unable to recognise DTLS packets
Hi
I used the command 'tshark -r "dtls_pcap.pcapng" -R "dtls" > dtls.txt' , for
redirecting the informations of the packets diplayed in the pcap file
dtls_pcap.pcapng into the text file dtls.txt. But,although the pcap file
contained dtls packets,displayed when the 'Decode As' option was manually used,
but the text file was blank,when filter used was "dtls".On the other hand ,when
the filter used in the above command was "coap",the text file conatained
packets,whose header was parsed as CoAP header,instead of dtls header. Please
let me know how can I display dtls packets,with headers parsed as DTLS header
using tshark in the command line.
Thanks & Regards
Tulika Bose
Follow me on KNOME: https://knome.ultimatix.net/u/tulika.bose
Tata Consultancy Services Limited
Cell:- +918820214176
Mailto: [email protected]
Website: http://www.tcs.com
____________________________________________
Experience certainty. IT Services
Business Solutions
Consulting
____________________________________________
[email protected] wrote: -----
To: Developer support list for Wireshark <[email protected]>
From: Pascal Quantin
Sent by: [email protected]
Date: 02/13/2014 01:37PM
Subject: Re: [Wireshark-dev] Unable to recognise DTLS packets
Hi,
2014-02-13 8:43 GMT+01:00 Tulika Bose <[email protected]>:
Hi
Thanx a lot.I used the 'Decode as' option,and the DTLS header is getting
parsed correctly.But it caused an issue,that for some some of the DTLS
packets,the pprotocol field showed DTLSv1,while the other packets showed it as
DTLS,although all the packets are of the same version.Is there any particular
reason for such a difference in version.
Secondly,I would like to get the packet displayed with the header
information,through command line using tshark,and redirect the output to a text
file.But when the filter string used is 'dtls',the file conatains no entries.On
the other hand,when the filter string used with the same command is
'coap',packets get displayed,but then again the DTLS header is parsed as CoAP.I
would like to get DTLS packets decoded as DTLS through command line.I am using
version 10.4.Is there any other approach to do the same using the same
version,or I need to update it?
tshark -d option is your friend. See
http://www.wireshark.org/docs/man-pages/tshark.html for details.
Pascal.
-----Hauke Mehrtens <[email protected]> wrote: -----
To: Developer support list for Wireshark <[email protected]>,
[email protected]
From: Hauke Mehrtens <[email protected]>
Date: 02/12/2014 06:02PM
Subject: Re: [Wireshark-dev] Unable to recognise DTLS packets
On 02/12/2014 01:02 PM, Tulika Bose wrote:
> Dear All,
> I have come across a problem with the display filter of dtls.The
> version I am using is 1.10.4.I have some DTLS packets,where DTLS is used
> over CoAP,and they have been captured in a .pcapng file. But when I
> filter the packets using the string 'dtls',no packets get displayed.On
> the other hand,when the filter string used is 'coap' or 'udp', packets
> get displayed,because DTLS is using the same port as coap which is
> 5683.But the problem is that the wireshark cannot recognise the DTLS
> header,it parses the same as the CoAP header,although these are actually
> dtls packets.It would be very kind of you,if you help me with the issue.
>
> Thanks & Regards
> Tulika Bose
Port 5683 is the default CoAP port and then the CoAP dissector is used
by default. You can right click on the Package in wireshark and then
click on "Decode As..." and select DTLS to decode it was DTLS.
Wen you want to use DTLS with CoAP I would suggest you to use a nightly
build or a 11.X version of wireshark, there are some improvements in
wireshark regarding these two protocols.
Hauke
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain
confidential or privileged information. If you are
not the intended recipient, any dissemination, use,
review, distribution, printing or copying of the
information contained in this e-mail message
and/or attachments to it are strictly prohibited. If
you have received this communication in error,
please notify us by reply e-mail or telephone and
immediately and permanently delete the message
and any attachments. Thank you
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe
