[Jaap Keuter <jaap.keuter@xxxxxxxxx>]

Hi,

"Yeah, what he said".
And I tried to make the Wiki a bit more clear on this.

Thanx,
Jaap

Luis EG Ontanon wrote:
> The K12 configuration file applies to versions up to 0.99.5, 1.0 its
> far newer it instead uses a table.
>
> The k12 "dissector" now uses a simple table that contains two parts:
> match and proto:
>
> - "match" should contain a string that is an univocously identifiable
> part of either the port name or a stack filename (.stk).
>
> - "proto" contains the lowest layer protocol to be used (i.e. the
> encapsulation mtp2, eth, sscf-nni, ...).
>
>
> Once you populate your table with the various entries Wireshark will
> look for "match" in either the port name or the stack filename for
> that port and if there is a match for a given packet it will attempt
> to decode its contents using "proto".
>
>
> On Fri, Jul 18, 2008 at 1:19 PM, Adriana Matei
> <adriana.matei@xxxxxxxxxxxxxx> wrote:
> >  Hello all,
> >
> >  How should I configure my Wireshark( version 1.0.1) in order to read
> > this type of files? I read about *Tektronix K12xx/K15 .rf5 files* on
> > http://wiki.wireshark.org/K12 but I got lost at this part:
> >
> > "The configuration file contains a list of
> > stk-file/encapsulation-protocol pairings separated by a space.
> >
> > To set wireshark to use a k12 config file go to
> > Preferences->Protocols->k12 and write the filename in the "Configuration
> > filename" preference. You can specify a k12 config file using  -o
> > 'k12.config: /path/to/k12_config  on the command line.
> >
> > Example configuration file
> >
> > # comments are lines that start with a '#'
> > # sorry no spaces in filenames are allowed yet
> > C:\K1297\stacks\umts_iu\umts_iu_ranap_alcap_2002-03.stk sscf-nni
> > C:\K1297\stacks\umts_iu\umts_iu_ranap_alcap_2002-09.stk sscop
> > D:\K15\stacks\gprs\gprs_Gb_R99.stk fr
> > D:\K15\stacks\umts_iu\umts_iu_ranap_alcap_2002-09.stk sscop
> > D:\K15\stacks\umts_iu\umts_iu_ranap_alcap.stk sscop
> > C:\K1205\stacks\whibisup.stk mtp
> > C:\K1297\stacks\gsm2p\gsm2p_gmsc.stk mtp2
> > C:\K1297\stacks\umts_iu\umts_iu_ranap_alcap.stk sscop " ...
> >
> >  Because in Preferences->Protocols->k12 i don't have a option called "Configuration filename" and I don't know where to make the configuration from the example from above.
> >  Also I tried to open wireshark from cmd (I work on Windows) with the -o 'k12.config: /path/to/k12_config option but I get a invalid -o flag k12.config
> >  I mention that in Preferences->Protocols-> I have k12xx and not k12.
> > Can anyone help me?
> >
> > Thanks in advance