I was using the 1.4.4 release of Wireshark and upgraded to the 1.6 release and noticed that for MQ traffic that is talking between Unix and zOS systems the characters are now hidden instead of being shown as octocl information such as (slash) 343 (slash) 342 (slash) 310 type of information. I was able to use that for other post processing to actually see traffic interactions bewteen these systems. This was by using the results from the tags like Remote Queue: and notice the 347 type of marking and then translate that to a character. Now I no longer have the option to do that. I have had to bad level my wireshark to keep this function. Yet I like the newer features in 1.6 except for that one feature. Could it be an option to use the Octocl or the marker? asked 29 Jun '11, 05:03  hsteinhauer edited 29 Jun '11, 05:05 |
2 Answers:
This sounds like a bug report to me. Please file it here, with a sample capture file for the developers to work/test with. answered 29 Jun '11, 06:55  Jaap ♦ |
OK, the MQ dissector in the SVN trunk translates EBCDIC strings to ASCII before showing them in the Info column or packet details. That's scheduled for backporting to 1.6.1. answered 03 Jul '11, 14:41  Guy Harris ♦♦ |
OK - -I opened up a bug report