Wireshark · Wireshark-users: Re: [Wireshark-users] wireshark question - how to make it decode aparticular protocol?

Wireshark-users: Re: [Wireshark-users] wireshark question - how to make it decode aparticular pro

From: "Anders Broman" <a.broman@xxxxxxxxx>

Date: Mon, 8 Oct 2007 16:49:00 +0200

Hi,

Try

Edit->preferences->protocols->tcp and tick the ”Try heuristic sub disectors first” radio button.

Regards

Anders

Från: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] För Brian Holdsworth
Skickat: den 8 oktober 2007 16:16
Till: wireshark-users@xxxxxxxxxxxxx
Ämne: [Wireshark-users] wireshark question - how to make it decode aparticular protocol?

In the supported protocols for Wireshark, it claims to decode FIX protocol. I have a FIX trace. The server for the trace ran on port 3333, but I can change this if I need to.

When I load the trace into Wireshark, it tags it as ENTDEC protocol, which apparently uses port 3333. If I try to Decode As from the menu, the FIX protocol does not appear as an option in the list. From my research, there is also no well-known port specified for FIX.

So, question is, does anyone have an idea what I can do to try to make it decode FIX?

- Brian

Brian Holdsworth
Senior Software Engineer
OPNET Technologies
voice - 919.461.2445 x256
fax - 919.461.2447
email - bholdsworth@xxxxxxxxx

http://www.opnet.com

References:
- [Wireshark-users] wireshark question - how to make it decode a particular protocol?
  - From: Brian Holdsworth

Prev by Date: [Wireshark-users] wireshark question - how to make it decode a particular protocol?
Next by Date: Re: [Wireshark-users] To run Tshark in graphical mode.
Previous by thread: [Wireshark-users] wireshark question - how to make it decode a particular protocol?
Next by thread: [Wireshark-users] How to send packets in wireshark
Index(es):
- Date
- Thread