Hi All, The following tells me that Wireshark can dissect OpenWire at least since 2012: http://activemq.2283324.n4.nabble.com/Wireshark-packet-dissection-Openwire-td4631635.html , however I'm unable to get it to dissect my ActiveMQ trace for some reason when I choose "Decode As... OpenWire": https://drive.google.com/open?id=0B31e47Ucqt4BOXJrSTEwMi1OdWc I also tried "Decode As... AMQP", still no luck. Packet bytes view of some packets in the trace suggests it's ActiveMQ (which I think is different from AMQP though). Is there a way to get Wireshark to dissect my trace anyway? Many thanks in advance, Dmitriy asked 10 May '17, 08:23  Dmitriy edited 10 May '17, 08:31 |
One Answer:
The protocol in use is STOMP, for which Wireshark doesn't currently have a dissector. As it's a text based protocol you can see the text lines in the "Data" part of the dissector tree, or see the conversation by right clicking a packet in the list and selecting Follow -> TCP Stream. If you want to see STOMP dissection added to Wireshark, please raise an enhancement request on the Wireshark Bugzilla, attaching your capture file to the request. answered 10 May '17, 08:55  grahamb ♦ |
Thank you: trying to restore my access to Wireshark Bugzilla to raise it there as you advised.
Done: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13695
If an answer has solved your issue, please accept the answer for the benefit of other users by clicking the checkmark icon next to the answer. Please read the FAQ for more information.