Hello Guy,
guy.rooms@xxxxxxxxxx wrote:
I use thethereal.exe (-V) to decode files of captured data into text
format for further processing, using a display filter on "h225".
Sine the upgrade from v.0.9.11 to v.0.10.0 (and introduction of
dedicated h225 dissector) I notice some additional info is inserted into
these textual files :
(1) binary represenation
(2) additional comments
More in Detail
(1) binary represenation, eg
now :
discoveryComplete: 0... .... False
iso (before I upgraded) :
discoveryComplete: False
Since this additional info blocks all processing I do afterwards, I was
wondering if there was a way (preferences, additional options in
tethereal ...) to deactivate this additional info. If not, is it
possible to foresee this in the future ?
(2) additional comments
Also additionally appearing ;
"This is a response to a request in frame 2
RAS Service Response Time: 0.116638000 seconds"
Same question applies here : Is there any way to bypass this ?
Suggestions are highly appreciated, Thanx.
There is probably a way to introduce a preference for both things. But
anyway:
The h225 dissector has been completely rewritten (there were a lot of
reasons to do so). There are probably some more differences you haven't
seen yet. Output of tethereal -V changed a lot:
a) We have now an H.225 version 5 dissector (The h323 plugin
contained h.225 version 2 or 3). A lot more is dissected now.
b) ethereal 0.10.0 still don't have a h.235 dissector.
-> some h323 packets won't be dissected completely.
To (2):
This was introduced in version 0.10.0. I can add a preference to skip
this output, if this helps.
Give 0.9.16 a try, it doesn't have it.
Regards,
Lars