Differences between revisions 1 and 2
Revision 1 as of 2006-10-10 16:23:00
Size: 1513
Editor: 213-66-131-200-o88
Comment:
Revision 2 as of 2006-10-10 17:26:05
Size: 1427
Editor: GuyHarris
Comment: Clean up.
Deletions are marked like this. Additions are marked like this.
Line 4: Line 4:
The protocol allows a client to get a random quote from the server. The quote of the day protocol allows a client to get a random quote from a server.
Line 15: Line 15:
Do'h - Homer Simpsson Do'h - Homer Simpson
Line 19: Line 19:
The PROTO dissector is not existing, since the protocol is Raw text without any formating or commands No qod dissector exists; the protocol is raw text without any formatting or commands.
Line 28: Line 28:
A complete list of PROTO display filter fields can be found in the [http://www.wireshark.org/docs/dfref/q/qod.html display filter reference] A complete list of qod display filter fields can be found in the [http://www.wireshark.org/docs/dfref/q/qod.html display filter reference]
Line 42: Line 42:
 * add link to qod specification and where to find additional info on the web about it, e.g.:
 * [http://www.ietf.org/rfc/rfc123.txt RFC 123] ''The RFC title'' - explanation of the RFC content.
 * [http://www.ietf.org/rfc/rfc865.txt RFC 865] ''Quote of the Day Protocol'' - description of the qod protocol.

Quote of the day (qod)

The quote of the day protocol allows a client to get a random quote from a server.

History

The protocol is as old as TCP and is part of the basic protocols.

Protocol dependencies

  • ["TCP"]: Qod uses ["TCP"] as its transport protocol. The TCP port for qod traffic is 17.

Example traffic

Do'h - Homer Simpson

Wireshark

No qod dissector exists; the protocol is raw text without any formatting or commands.

Example capture file

XXX - Add a simple example capture file to the SampleCaptures page and link from here (see below). Keep this file short, it's also a good idea to gzip it to make it even smaller, as Wireshark can open gzipped files automatically.

  • attachment:SampleCaptures/qod.pcap

Display Filter

A complete list of qod display filter fields can be found in the [http://www.wireshark.org/docs/dfref/q/qod.html display filter reference]

  • Show only the qod based traffic:

     qod 

Capture Filter

You cannot directly filter qod protocols while capturing. However, if you know the ["TCP"] port used (see above), you can filter on that one.

  • Capture only the qod traffic over the default port (17):

     tcp port 17 

Discussion

QuoteOfTheDayProtocol (last edited 2008-04-12 17:51:39 by localhost)