The BacNet protocol is supported by Ethereal (hows that pronounced BTW?) but it is only broken down in the tree view if the packets come across using the $BAC0 (47808) port... otherwise these are shown as generic UDP. Since configurations can be changed on these devices I am monitoring, I'm wondering if there is a way I can MANUALLY dictate to Ethereal that "UDP #1000" for example, is "BacNet".... or if Ethereal itself might modify the detection method (probably not very efficient to do the latter)
any suggestions for me? TIA.
