- Now the coloring rule file supports Wireshark 2.4.0. Fixed some old obsolete syntax which is no longer supported in 2.4.0.
- Added some 802.11 and Cisco proprietary frames.
- Disabled CAPWAP_Control to pay attention to CAPWAP Heartbeat frames. You can enable it again at anytime.
These files are coloring rule files for Wireshark version 1.6.0 - 2.2.8 and version 2.4.0.
(Verified on Mac OS X10.6, 10.11.6, X Window System, and the latest Windows 7 Professional)
How to use
Download wireshark_coloring_hosaki_2017Aug15_ver1.12-2.2.8.wireshark.zip for Wireshark version 2.2.8 or below, and wireshark_coloring_hosaki_2017Aug15_ver2.4.wireshark.zip for Wireshark version 2.4.0, attached on this document and unarchive them.
Run your wireshark application.
Click "Edit coloring rules" button loated in Tool bar to open Coloring Rules window.
Click "Import" button then select the file downloaded at Step1.
Click "Open" button to import the file.
Click "Apply" button to apply the coloring rule to your wireshark.
Click "OK" to close Coloring Rules window.
Now you can see graphical colored wireless 802.11/LWAPP/CAPWAP/WLCCP frames when you open wireless sniffer files.
Note: The order of each coloring rule is important. You may override existing rules by changing the order. Some protocols like TCP, HTTP, and FCS checksum which are default rule are disabled intentionally in order to give your attention to more important frames.
This rule has been described by hosaki and may contain old/wrong formula. Please feel free to contact me on CSC if you had noticed anything.
Hi Guest ssid, wlan, and policy are configured based on cisco document attached link. it uses internal web server. Client PC can get correct ip address from the c9800, but auth web page does not show up. I notice I did not have chance to setup password du...
Hello,I temporarily set up WiFi for users in a remote location. I'm using 2702 APs and running WLC 8.5.The uplink we have is not great and has a FUP, so I'd like to limit unnecessary data usage. Nowadays, mobile phone hotspots can use Vendor Specific Info...
Dear allCan i update NBAR2 Advanced Protocol Pack WLC to version 38 ?I have WLC 5520 version 8.2 . I try to download NBAR2 on website cisco but it only have download version 24.I would like to download version 38 it for suuport zoom meetingthank you
Hi, In c9800 wlc, looks like there are two sites for configuring dhcp relay. One is at Vlan SVI---> Advanced, second is at Policy ----> Advanced ----> DHCP. What is difference between the two location for configuring dhcp relay? I think the final...
Hi i have routed access layer design as im running L3 to the access and OSPF as IGP ( Core - Distribution - Access ) thw WLC 3504 connected to the Core the the APs 1800 connected to the Access Sw each with different subnetsi could register the A...