Wireshark-dev: Re: [Wireshark-dev] Export higer level PDUs, "Unbundled PDUs" decrypted PDUs etc

From: vineeth vijay <vineethvijaysv@xxxxxxxxx>
Date: Thu, 18 Apr 2013 22:04:01 +0530
Yes, and this "function" would take arguments of original frame, offset where the interesting payload starts and length of this payload. Correct??

Regards,
Vineeth


On Thu, Apr 18, 2013 at 9:52 PM, Anders Broman <a.broman@xxxxxxxxxxxx> wrote:
vineeth vijay skrev 2013-04-18 18:11:
Hi Anders,

Do you mean ability to export only the payload protocol from tunneled/encapsulated captures like GTP-U etc?
If yes, +1 :)

Yes that could be one use case. Probably every protocol using the function would have to have code supporting it.
Regards
Anders

Have been looking for such functionality for some time.

Regards,
Vineeth


On Thu, Apr 18, 2013 at 2:23 PM, Anders Broman <anders.broman@xxxxxxxxxxxx> wrote:

Hi,

I think these topics in various forms has been cropping up lately, would  it be possible/useful to have a generic feature to “Export” to a new file

From a dissector using a tap writing a to a generic DLT with a pseudo header containing pseudo data such as extracts from lover layers like IP port or whatever can be useful

and an Indication what the next level protocol is. As an example if I have decrypted and reassembled SIP traffic it could be useful to be able to export that to a new file

Just containing the SIP traffic and the IP port combination used. The header would then Indicate the protocol as SIP and the meta data would be of type TLV and added to as

Needs arises. Just a rough idea…

 

Regards

Anders


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe