greetings when i display data as text it shows \x011119 032914 121638 10 49.2768 49.2781 056.4940 0.3094 i want to make column shows only 121638 10 ??? i tried in column reference but it didnt work asked 30 Mar '14, 12:45  shady |
One Answer:
'data' isn't a 'protocol'. It's just a way for Wireshark to show payload data, if there is no dissector available for that specific protocol.
good.
O.K. now comes the 'bad' news: You'll have to write a dissector for that to happen in Wireshark. Within a dissector you can defined protocol fields and you can expose them in a way to be able to use those fields as a source for column data in Wireshark. Please read the developer docs how to write a dissector. Regards answered 02 Apr '14, 14:25  Kurt Knochner ♦ Usual plug: Or see my presentation from sharkFest'13 (to be reprised at SF'14) on 3 ways to write a dissector: http://sharkfest.wireshark.org/sharkfest.13/presentations/PA-10_Writing-a-Wireshark-Dissector_Graham-Bloice.zip (03 Apr '14, 02:45) grahamb ♦ thank you very much for your help i will try to write it i will be back (03 Apr '14, 02:53) shady |
I'm sorry, but your description is not really helpful to understand your problem. So, if you are interested in a meaningful answer, please add much more details.
first of all thank you for response i sorry i cannot upload the file its too large but while iam uploading the file this snapshot can show what i mean
O.K some more questions:
sorry again if my questions are not clear i will try harder to be clear
its data protocol and here its page in wireshark site http://wiki.wireshark.org/Protocols/data
yes the are at same location every time
yes i need that as a column and if its possible to get text output it will be great
thank you very much
any information yet??