https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4022
Summary: tshark fails to display MEGACO protocol.
Product: Wireshark
Version: 0.99.4
Platform: Other
OS/Version: Ubuntu
Status: NEW
Severity: Blocker
Priority: Medium
Component: TShark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: kk891r@xxxxxxx
CC: kk891r@xxxxxxx
Build Information:
tshark -v
TShark 0.99.4
Copyright 1998-2006 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GLib 2.12.11, withlibpcap 0.9.5, with libz 1.2.3, with libpcre
6.7, without UCD-SNMP, with ADNS, without Lua, with GnuTLS 1.4.4, with Gcript
1.2.3, without Kerberos.
Running on Linux 2.6.20-15-sparc64-smp, with libpcap version 0.9.5.
Built using gcc 4.1.2 (Ubuntu 4.1.2-0ubuntu4).
--
This may not be related to this post. However, I'm using tshark version 0.99.4
on a Linux machine.
I'm trying to filter out the MEGACO protocols from my traces using TShark. I'm
successfully able to decode the MEGACO trace, however, when I try to utilize
the display filter, there is nothing in the output file.
Here are the commands I used:
tshark -r OriginalTrace -d udp.port==2944,megaco -F libpcap -R "megaco" -w
megacoOnlyTrace
This produces a blank file. What am I doing wrong?
If I use the command:
tshark -r OriginalTrace -d udp.port==2944,megaco -F libpcap -w megacoOnlyTrace
tshark -r megacoOnlyTrace -R "megaco" -F libpcap -w megaco2.pcap
megacoOnlyTrace now contains the original trace + udp port 2944 decoded as
MEGACO. However, the megaco2.pcap file is blank.
All of this works just fine on my PC (even on the 0.99.4 version), it is only
the LINUX version which has problems.
Thank you,
Kalpesh
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.