Comment # 7
on bug 12283
from Jamie Bainbridge
Everything you say is correct, I will clarify more in future.
I just found it strange that we've been using Wireshark to look at NFS for
years, yet only since Wireshark 2.0 have we seen RPC+NFS decoded as other
protocols. Maybe we're just incredibly lucky but that seems unlikely.
(In reply to Guy Harris from comment #6)
> If you set the TCP preference "Try heuristic sub-dissectors first" to true,
> it recognizes the traffic in question as RPC.
Thanks, I will try this. Perhaps this default has changed between 1.x and 2.x,
exposing additional dissector bugs?
> However, it'd be better if there were a way to have the SSL dissector reject
> traffic that's "obviously" not SSL; whether that's possible to do without
> rejecting traffic that *is* SSL is another matter. "Guessing protocols is
> hard, let's go shopping!"
True, at least there's already a sample capture "pop-ssl.pcapng" on the wiki
https://wiki.wireshark.org/SampleCaptures so should be easy to confirm.
You are receiving this mail because:
- You are watching all bug changes.