OUCH is an order entry protocol supported by the NASDAQ stock exchange.
OUCH 4.x is a binary protocol, replacing OUCH 3.x and earlier that encoded all fields with printable ASCII values.
- SoupBinTCP: Typically, OUCH uses SoupBinTCP as its transport protocol. The OUCH dissector registers itself as a heuristic sub-dissector with SoupBinTCP, so once Wireshark is told to decode a TCP session as SoupBinTCP, OUCH should be detected and dissected automatically.
The OUCH dissector is awaiting code review https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8490.
A complete list of PROTO display filter fields can be found in the display filter reference
Show only the PROTO based traffic:
You cannot directly filter OUCH protocols while capturing. However, if you know the TCP port used (see above), you can filter on that one, which will show both the SoupBinTCP encapsulation (generally of interest anyway), and the OUCH messages.
- Specification (at NASDAQ)
Imported from https://wiki.wireshark.org/OUCH on 2020-08-11 23:17:45 UTC