Wireshark mailing list archives
Re: Asterisk AMI and FreeSWITCH ESL dissectors
From: Kristian Kielhofner <kris () kriskinc com>
Date: Mon, 29 Oct 2012 11:44:21 -0400
On Sat, Oct 27, 2012 at 1:55 PM, Dirk Jagdmann <doj () cubic org> wrote:
Those two protocols are indeed made to look like HTTP headers. Have you tried to make the following settings in the HTTP preferences: enable "Reassemble HTTP headers..." disable "Reassemble HTTP bodies..." and add the TCP ports you're interested to the list. Now of course those protocols will be shown as HTTP, but it should give some results. If that doesn't work well, you'll have to look into your own custom dissector.
Dirk, Yes, I have tried this. While there are various issues with this approach the most significant appears to be the lack of a Content-Length header with AMI. So yes, I'm still interested in sponsoring the work of a custom dissector for these protocols :). -- Kristian Kielhofner ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Asterisk AMI and FreeSWITCH ESL dissectors Kristian Kielhofner (Oct 24)
- Re: Asterisk AMI and FreeSWITCH ESL dissectors Dirk Jagdmann (Oct 27)
- Re: Asterisk AMI and FreeSWITCH ESL dissectors Kristian Kielhofner (Oct 29)
- Re: Asterisk AMI and FreeSWITCH ESL dissectors Dirk Jagdmann (Oct 27)