Wireshark-bugs: [Wireshark-bugs] [Bug 1432] New: Wireshark can not decode H248 over TCP.
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1432
Summary: Wireshark can not decode H248 over TCP.
Product: Wireshark
Version: 0.99.5
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: Major
Priority: Medium
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: krisztian.papp@xxxxxxxxx
Build Information:
wireshark 0.99.5 (SVN Rev 20677)
Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.10.7, with GLib 2.12.7, with WinPcap (version unknown),
with libz 1.2.3, with libpcre 6.4, with Net-SNMP 5.4, with ADNS, with Lua 5.1,
with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT Kerberos, with PortAudio
PortAudio V19-devel, with AirPcap.
Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0
(packet.dll version 4.0.0.755), based on libpcap version 0.9.5, without
AirPcap.
Built using Microsoft Visual C++ 6.0 build 8804
--
Hi!
Wireshark can not decode H248 over TCP.
If the H248 is on top of SCTP then I can apply a decoder. (It does not decode
automatically, but it works manualy...)
If the H248 is on top of TCP then there is need TPKT between them, and I try to
apply some decoder (H248, MEGACO, MGCP, TPKT), but they are not work.
As I know the TPKT should be selected in this case, but it recognise some other
kind of protocol (COTP) not H248.
Maybe there is 2 ways to correct it:
- TPKT should be modified to handle H248 correctly, or
- Can be WireShark modified to the user can set the protocol hierarchy manualy
and not just the Link, Network, Transport, but more and more "tunnelled"
protocols.
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
