Since v3.0.0 Wireshark supports msgpack. I have a capture file containing msgpack messages encapsulated in UDP I want to dissect. The problem is that when I'm running:
tshark -r 1.pcap -d udp.port==60003,msgpack
I get following message:
tshark: Protocol "msgpack" isn't valid for layer type "udp.port"
tshark: Valid protocols for layer type "udp.port" are:
The list of supported protocol contains msgpack:
tshark -G protocols | grep msgpack
Message Pack MsgPack msgpack
Here is the link to example capture file: https://drive.google.com/file/d/1qZO-WKgTValghMjC4kM56B-M1FlYg5C2/view?usp=sharing
-d
decode-as flag. msgpack is a JSON alternative, so I'm guessing not. Can you provide a link to the packet capture containing the protocol? – Ross Jacobs