[OT] Is it possible to use Wireshark to visualize RFC7268 AVP (instead of Unkown-Attribute) ?
rhouben at systemec.nl
Tue Apr 5 12:35:41 UTC 2022
> Van: Freeradius-Users <freeradius-users-bounces+rhouben=systemec.nl at lists.freeradius.org> namens Alan DeKok <aland at deployingradius.com>
> On Apr 5, 2022, at 7:56 AM, Olivier <oza.4h07 at gmail.com> wrote:
> > Debugging some Radius accounting sessions on Debian Bullseye,
> > Wireshark shows some AVP as "t=Unkown-Attribute(186)" or
> > "t=Unkown-Attribute(187)".
> > Looking at , it seems those AVP belongs to RFC7268.
> > In my PC, a /usr/share/wireshark/radius/dictionary.rfc7268 file exists
> > and it contains data about AVP 186 and 187.
> > Is it possible to use Wireshark to read these Unkown attributes ? If
> > positive, how ?
> The RADIUS dictionaries should be loaded by default in Wireshark.
> But if they're not, you'll have to ask the Wireshark people why their software doesn't work.
> Alan DeKok.
Having just checked wireshark on a debian 11 system, I can confirm that it does in fact load the RADIUS dictionaries -- and it doesn't need to have freeradius installed to look them up either.
The dictionaries are contained in the libwireshark-data package which should have been installed automatically as a dependency of wireshark by apt.
Systemec Internet Services
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users