Wireshark-bugs: [Wireshark-bugs] [Bug 6274] New: Transport name resolution not working
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6274
Summary: Transport name resolution not working
Product: Wireshark
Version: 1.7.x (Experimental)
Platform: x86
OS/Version: Windows Vista
Status: NEW
Severity: Normal
Priority: Medium
Component: Wireshark
AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
ReportedBy: Jim@xxxxxxxxxxxxxxxxx
Created an attachment (id=6876)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=6876)
Capture file "Transport Name Resolution.pcap"
Build Information:
Version 1.7.0-SVN-38764 (SVN Rev 38764 from /trunk)
Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (32-bit) with GTK+ 2.22.1, with Cairo 1.10.2, with Pango 1.28.3, with
GLib 2.26.1, with WinPcap (version unknown), with libz 1.2.5, without POSIX
capabilities, with threads support, with SMI 0.4.8, with c-ares 1.7.1, with Lua
5.1, without Python, with GnuTLS 2.10.3, with Gcrypt 1.4.6, with MIT Kerberos,
with GeoIP, with PortAudio V19-devel (built Aug 28 2011), with AirPcap.
Running on 32-bit Windows Vista Service Pack 2, build 6002, with WinPcap
version
4.1.2 (packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.10.3, Gcrypt 1.4.6, with AirPcap 4.1.1 build
1838.
Built using Microsoft Visual C++ 9.0 build 21022
--
When transport name resolution is enabled, Wireshark does not always display
protocol names instead of port numbers.
TO RE-CREATE:
Download the attached capture file, "Transport Name Resolution.pcap" and load
it into Wireshark 1.7.0-SVN-38764 with transport name resolution enabled. Note
that some of the port numbers will be translated to protocol names and some
will still display as numbers. For example, packet 1 will show "1651 > https"
in the Info column, and packet 15 will show "1657 > https". See attached screen
shot "170 Name Resolution.jpg."
Now load the same capture file into Wireshark stable version 1.6.1 with
transport name resolution enabled. Note that all port numbers will be properly
translated to protocol names. Packet 1 will show "shiva_confsrvr > https" and
packet 15 will show "fujitsu-mmpdc > https". See attached screen shot "161 Name
Resolution.jpg."
This seems to be related to the format of the "services" file. If I shut down
Wireshark 1.7.0-SVN-38764, copy over the "services" file from Wireshark 1.6.1,
and restart Wireshark 1.7.0-SVN-38764, the port numbers are properly translated
to protocol names.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.