Marc Lebas wrote:
Hello,
Maybe its a User question but that could be a dev issue; anyway there
was no answer to my question on the User's mailing list.
The issue : i got different depth in decoding (GPRS over FR), depending
on the capture file format :
With rf5, the analysis is limited to GPRS protocol layers, but never
decode IP which is the encapsulated protocol.
With libpcap, it is OK; Wireshark go deeper as it is able to decode
encapsulated IP frames in GPRS frames.
Why such a behaviour ? Did i missed something in my config ?
Here is my config on Linux (but the issue is the same on Windows) :
- preferences : fr.encap: GPRS Network Service
- cat k12_protos : "gprs_gb","fr"
Not having ever looked at a GPRS capture in Wireshark, I don't know.
(Small) sample captures would help.