Greetings,
I'm a new user to wireshark. It rocks.
I'm working with an open source CMS (Alfresco) that provides a SMB interface. We have it configured to listen to port 1445 instead of 445. We handle the port forwarding to get the traffic to 1445.
I'm using dumpcap to capture edump files on the server for later examination on a development box. When I select Analyze -> Decode As, click the Transport tab of the Decode As dialog, and select source (1445) as the TCP setting, SMB isn't one of the choices in the protocol list. Should it be? Can I do something to make it appear? How should I tell wireshark to treat 1445 traffic as SMB?
Thanks!
John Walsh