DCT2000

IxCatapult .out file packet header

This protocol / header format consists of some information associated with a packet read from a IxCatapult (formerly DCT2000) .out file. The fields that comprise this protocol (protocol, variant, context, out-header, direction, original timing information) should be useful for filtering, and also make it easy to correlate entries in the Wireshark packet list with the DCT2000 decodes.

Wireshark

The DCT2000 dissector shows the fields of this protocol before handing off to the appropriate link-type dissector (ip, ethernet, atm, sscop, lapd, ppp, frame relay or mtp2).

For protocols that appear within IP or SCTP primitve messages, an attempt is made to decode the payload part of the message. There is also support for directly dissecting:

Preference Settings

* Use IP Primitive heuristic. For messages that appear to be protocol payloads sent to/from the UDP/TCP state machine, attempt to dissect the payload a Wireshark dissector is found using the DCT2000 protocol name. Default ON

* Use SCTP Primitive heuristic. For messages that appear to be protocol payloads sent to/from the SCTP state machine, attempt to dissect the payload a Wireshark dissector is found using the DCT2000 protocol name. Default ON

For best results, when creating .out files for use by Wireshark you should obviously turn on logging for board ports.

Example capture file

Here is a short example file of this format, that has examples of packets using most supported link types

Display Filter

A complete list of DCT2000 display filter fields can be found in the display filter reference

Show only the dct2000 based traffic:

 dct2000

(Note that a capture file will either all be DCT2000 packets, or none at all, so the above filter is not very useful)

Capture Filter

There is no way to directly capture dct2000 packets - they will only be seen by opening DCT2000 .out files.

External links

Discussion

Imported from https://wiki.wireshark.org/DCT2000 on 2020-08-11 23:12:34 UTC