Guy Harris
changed
bug 9427
What |
Removed |
Added |
Status |
UNCONFIRMED
|
INCOMPLETE
|
Summary |
T1 data in Ethernet payload has no dissector
|
Dissector for T1 data-over-TCP protocol wanted
|
Ever confirmed |
|
1
|
Comment # 1
on bug 9427
from Guy Harris
A quick look at the capture file shows that it contains:
1) PPP-over-L2TP traffic with echo requests and replies, which is probably
not the traffic in question;
2) TCP connections:
10.134.72.183:60237 -> 10.134.150.3:23561
10.134.72.183:60237 -> 10.134.150.3:53928
10.134.72.183:60237 -> 10.134.150.3:25961
10.134.72.183:60237 -> 10.134.150.3:64495
which include FIX traffic, so they're probably not the Guisys traffic;
3) TCP connections:
10.134.72.178:60239 -> 10.134.150.3:41817
which has what appears to be a combination of binary data and some ASCII
numbers, which is therefore *probably* not the Guisys traffic;
4) TCP connections:
10.134.72.179:60239 -> 10.134.150.1:3435
which has a bunch of 3-byte TCP segments, all containing 0x00 0x03 0x02,
which is therefore *probably* not the Guisys traffic;
5) TCP connections:
10.134.72.130:60230 -> 10.134.150.1:3541
10.134.72.194:60230 -> 10.134.150.1:3542
which are not recognized by any dissector and contain data with no
obvious pattern, so at least one of them is probably the Guisys traffic.
Unfortunately, that's not sufficient to determine how to dissect it; you'll
need to provide us with a complete, detailed description of the format of the
data in the TCP stream in order for us to dissect it.
You are receiving this mail because:
- You are watching all bug changes.