how to dissect X711 CMIP traffic ?

  • retag add tags

Hi, i'm using wireshark version 3.4.10 on debian 11 and i don't manage to decode traffic as X711 CMIP traffic. I've checked in Analyze->Protocol->Activated Protocols, and CMIP is activated, so i suppose Wireshark should be able to decode my traffic as CMIP traffic.

I thought maybe this traffic requires another dissector to be activated therefore i activated all the dissectors. Even with that, when i right click on a packet, the "decode as" menu doesn't propose CMIP protocol.

It seems that X711/CMIP protocol is transported by ACSE or ROSE protocol (which are in their turn over TCP), but it doesn't seem to exist dissector for such protocol in wireshark.

Am i missing something ?

link to pcap

kiwi123's avatar
1
kiwi123
asked 2022-12-15 09:19:57 +0000, updated 2022-12-23 09:39:19 +0000
edit flag offensive 0 remove flag close merge delete

Comments

Can you share a capture file?

Chuckc's avatar Chuckc (2022-12-15 13:20:28 +0000) edit
more
  • delete

This trace https://wiki.wireshark.org/uploads/__... shows some of those transport layers.

Anders's avatar Anders (2022-12-15 14:43:45 +0000) edit
more
  • delete

So maybe decode as TPKT on TCP level?

Anders's avatar Anders (2022-12-15 14:45:16 +0000) edit
more
  • delete

Hi, thx for your anwser, unfortunately i can't upload any capture (my karma is too low !).

kiwi123's avatar kiwi123 (2022-12-20 10:22:08 +0000) edit
more
  • delete

Place it on public file share (Dropbox, Google, OneDrive) then update the question with a link to it.

Chuckc's avatar Chuckc (2022-12-20 20:47:20 +0000) edit
more
  • delete
add a comment see more comments