Ray Van Dolson wrote:
Hi, I'm trying to investigate an FTP session using explicit TLS/SSL
(connects via port 21 using AUTH TLS command vs using a dedicated
port).
I'm using the following to direct wireshark to decrypt the SSL:
<ftp server ip>,21,ftp,/path/to/private/key
This definitely seems to change the output some, but I'm not able to
see the FTP commands being passed back and forth:
association_add TCP port 21 protocol ftp handle (nil)
association_add could not find handle for protocol 'ftp', try to find 'data' dissector
This would seem to be a key error? Also later on, I see stuff like the
following:
I don't know anything about the TLS/SSL stuff, but the above error is
because the FTP dissector is not registered by name. I checked in a
change in rev 25871 to fix that--you can pick up the change in a
buildbot build in a couple of hours or, if you're building your own
Wireshark, just update your source.