Forum Discussion
4 Replies
- René_GeileCirrus
Hi,
you should use Wireshark 2.6.0 which includes the F5 Plugin. Activate the F5 protocol filter.
Lookup one of the streams and read out the flow ID from "f5ethtrailer.flowid". Then apply a display filter f5ethtrailer.anyflowid == [flowid]
This is essentially the same like ( f5ethtrailer.flowid == [flowid] ) or ( f5ethtrailer.peerid == [flowid] )
See KB 13637 and F5 Wireshark Plugin
- Wangzixuan_3147Nimbostratus
Thanks!But it does not work ,I tried it many times. The plugin 'f5ethtrailer.dll' has no "plugin_version" symbol
Make sure you're running version 2.6.0 of Wireshark, which does not need the additional DLL file added to it.
 
As mentioned in the link that René posted, https://devcentral.f5.com/s/articles/getting-started-with-the-f5-wireshark-plugin-on-windows you should consider the following:
 
As of Wireshark 2.6 (rel. 4/24/2018) the f5ethtrailer is included as a built-in dissector. Wireshark 2.6.0 incorporated the 1.11b version of the dissector.
 
https://www.wireshark.org/news/20180424.html
 
It is disabled by default. To enable it, from the menu select "Anyalyze" : "Enabled Protocols...". Then search for f5ethtrailer and enable the dissector.
 
- Wangzixuan_3147Nimbostratus
Thanks,ok now