On Fri, Feb 7, 2020 at 7:33 AM Nikhil Jadhav <njad...@securview.com> wrote:
> Hello Developers, > > > > I am working on Cisco ISE and I find the Wireshark tool very beneficial to > analyze different packets. So Cheers to all your hard work!!! > > I am using Windows 10 (Insider Preview Build with TEAP support) endpoint > with the latest version of Wireshark running (Version 3.2.1 > (v3.2.1-0-gbf38a67724d0)). > > Currently there is a new TEAP protocol (Tunneled EAP protocol - RFC 7170) > , and we tried to analyze the TEAP traffic on Wireshark but Wireshark shows > the Code-Type in EAP as ‘Unknown’ instead of ‘TEAP’ even though it > identifies the code as 55. Also, could you please let me know if there be > way to analyze the TEAP traffic by adding certificate to Wireshark. > > > > Kindly please have a look at the attached Wireshark screenshots of TEAP > Traffic and PEAP traffic so as to have a better comparison and > understanding of the issue. > > > Here's your chance to become one of the famous wireshark developers. 1. Get the source. 2. Inside epan/dissectors/packet-eap.c there is an array of value_string structs called eap_type_vals. 3. Add the new entry or entries to that table. 4. Rebuild. Probably on Linux because building on Windows is hard. 5. Feed the capture into the new build. 6. Feel a burst of joy at making your first change to Wireshark. 7. Add any new attributes or whatever is needed to properly dissect the whole new types. 8. Submit a code review. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者)
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe