Wireshark-users: Re: [Wireshark-users] EBCDIC in data portion of packet
From: "Starr, David" <David.Starr@xxxxxxxxxxxxxxxx>
Date: Tue, 15 Jan 2008 17:24:16 -0600
The packets are various proprietary POS formats, tcp......  There is an
indicator in the header that tells us the character set...    But, I
don't need the packets to be broken out. I just need to be able to
quickly find a particular pos transaction from among 10mil....
Generally we look for a store ID #, or a transaction number...

Thanks,
Dave

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Stephen
Fisher
Sent: Tuesday, January 15, 2008 11:09 AM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] EBCDIC in data portion of packet

On Mon, Jan 14, 2008 at 01:07:01PM -0600, Starr, David wrote:

> Is there a better way to use the display filter to find a specific 
> piece of EBCDIC data in a large capture file?

Not at this time.

> Would it make sense to have a configurable flag to allow Wireshark to 
> display the data as EBCDIC?

Perhaps.  What protocol is carrying the EBCDIC traffic you're seeing?


Steve

_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users

2008-01-15, 17:23:51
The information contained in this e-mail message and any attachments may be privileged and confidential.  If the reader of this message is not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by replying to this e-mail and delete the message and any attachments from your computer.