displaying SNMP mib names in Wireshark scratch pack

Wireshark is the most prestigious open source grab Bag tool, in the Telecom network management development of the day-to-day work is indispensable, often need to grasp the package analysis. Is there a way to display the name of the SNMP MIB directly in the captured bag instead of the OID? The approach is of course there is, it is very simple, in the official document there are instructions. Here are the actual configuration steps:

1. Put the MIB file in the "C:Program fileswiresharksnmpmibs" directory.

2. Open "%appdata%wiresharksmi_modules" file, in the original format, add MIB name.

3. Modify the configuration of the Wireshark, select "Enable OID Resolution", "suppress SMI errors" (pictured below). After the change, close and reopen the Wireshark is effective.

Note:

1. If you see the configuration interface is not the same as above, is Wireshark version is too low, upgrade to the latest version can be.

2. Not all MIB files can be correctly parsed, which is a known issue because of the problem with the open Source MIB parsing module LIBSMI. If you find that some of the MIB added after the Wireshark can not start, it is still the change back.

Reference reading: 1,2,3.

In addition, because the name of the MIB file must be the name of the MIB module, but there is an inconsistency between the filename and the module name, a groovy script is written to rename the MiB file in the specified directory:

Import java.util.regex.*

def dir = new File (' C:Program fileswiresharksnmpmibs ')

def pattern = ~/(? ms). *^s* ([w-]+) s*definitions:: = begins*$.*/

dir.eachfilerecurse{F->

if (F.file && f.name.endswith (". MiB")) {

Matcher m = Pattern.matcher (F.gettext ());

if (M.matches ()) {

F.renameto (F.parentfile.path + "" + m[0][1])

Println ' "' + m[0][1] + '" '

}

}

}