We switch many millions of data packets daily to multiple hosts. A
small percentage of these packets have EBCDIC in the data portion of the
packet. The only way I have found to decode this is through the
"follow TCP stream"... but that doesn't allow me to use the "data
contains" in the display filter. And the stream is a persistent socket,
so it's quite large.
Is there a better way to use the display filter to find a specific piece
of EBCDIC data in a large capture file?
Would it make sense to have a configurable flag to allow Wireshark to
display the data as EBCDIC?
Thanks!
Dave
2008-01-14, 13:06:37
The information contained in this e-mail message and any attachments may be
privileged and confidential. If the reader of this message is not the intended
recipient or an agent responsible for delivering it to the intended recipient,
you are hereby notified that any review, dissemination, distribution or copying
of this communication is strictly prohibited. If you have received this
communication in error, please notify the sender immediately by replying to
this e-mail and delete the message and any attachments from your computer.
_______________________________________________
Wireshark-users mailing list
Wireshark-users@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-users
