This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hello, I want to watch some packets of an unknown protocol which relies on UDP, but Wireshark doesn't display these packets. Why does Wireshark do this? What can I do? I can't believe I must write a dissector to display it. Wireshark should at least display the payload under UDP protocol.

asked 03 Jun '13, 09:08

anon321123's gravatar image

anon321123
1111
accept rate: 0%


You do not need to write a dissector to display packets for an unknown protocol. It will just be displayed as UDP.

What is your capture setup? Are you capturing on the sending or receiving host? Are you capturing in the same network of the sending or receiving host? Are you capturing somewhere in the middle? Did you use port mirroring?

Have a look at http://wiki.wireshark.org/CaptureSetup and http://wiki.wireshark.org/CaptureSetup/Ethernet

permanent link

answered 03 Jun '13, 09:55

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×205
×166
×42

question asked: 03 Jun '13, 09:08

question was seen: 4,028 times

last updated: 03 Jun '13, 09:55

p​o​w​e​r​e​d by O​S​Q​A