Right click on the "Session Initiation Protocol" part of the packet and
select "Expand Subtrees" Then select Export->Packet-Details->As
displayed only. If there's too much information just collapse the part
of the packet you're not interested in. This give output that's pretty
similar to what you w
Bill,If you are working on the TDS dissector,could you also look into making the heuristics a bit stronger for this dissector?It is fairly commong that the payload for certain bulk transport protocols are mistaken for TDS.
On 11/13/06, Bill Meier <> wrote:
>> I am trying to write a tap for TDS pack
>
> I am trying to write a tap for TDS packets in Lua and I am running into
> issues when the PDU is in multiple packets. Is there any way to access the
> reassembled TCP data?
>
> If you turn off reassembly, the first payload byte of each frame is
> dissected as a tds.type parameter. If you turn
I have tried that but I cant see any combination of the options
presented to get the output in the format I indicated. Also I only
want the SIP part of the communication and the export function seems
to always include the headers from other layers as well.
Do you know of any way to get it to forma
Maybe the export-function?
On Sun, 12 Nov 2006 19:07:07 +, "nnp" <[EMAIL PROTECTED]> said:
> Hi,
> I have a captured SIP session that I wish to replay using a python
> script of mine. I require the saved packed dump to be in the form
>
> REGISTER sip:127.0.0.1 SIP/2.0
> Via: SIP/2.0/UDP 127.0
Hi,
I have a captured SIP session that I wish to replay using a python
script of mine. I require the saved packed dump to be in the form
REGISTER sip:127.0.0.1 SIP/2.0
Via: SIP/2.0/UDP 127.0.0.1:5066;rport;branch=z9hG4bKecjlzkte
Max-Forwards: 70
To: "Bleh <101>"
From: "Blah <101>" ;tag=gaerh
Call
I am trying to write a tap for TDS packets in Lua and I am running into
issues when the PDU is in multiple packets. Is there any way to access the
reassembled TCP data?
If you turn off reassembly, the first payload byte of each frame is
dissected as a tds.type parameter. If you turn on reassembly
