It looks like the _ws.col.Protocol has changed in wireshark/tshark 2.1.0 - IPv4 UDP traffic is reported as "IPV4" rather than "UDP" for example. Is there documentation available on what has changed? Is there a new translated protocol field name? Thanks.. asked 19 Oct '15, 13:16  Loki |
One Answer:
Using v2.1.0rc0-168-ge8a3769, _ws.col.Protocol filter is working as usual: UDP packets display UDP in the column and not IPv4. Did you verify that you did not deactivate UDP dissector by error (in Analyze -> Enabled Protocols)? Edit: during a few commits, the code adding the UDP name to the Protocols column was removed by mistake. It is now back so upgrading your Wireshark copy to a newer version should fix the issue. answered 20 Oct '15, 01:14  Pascal Quantin edited 20 Oct '15, 01:16 |
