rmarx
commented
4 years ago Hello Percy,
Sadly, no, we currently don't support gQUIC (and, to be honest, we probably are a bit flaky on IETF QUIC by this point as well, though it should still work for most things).
I don't plan to support gQUIC either, because it is slowly evolving towards IETF QUIC anyway and will eventually go out of use completely.
That being said: there is really no rocket science here... you mainly need to copy the correct fields from the tshark JSON output into a qlog-compliant format. It should be easy enough to do for the basic gQUIC stuff. I know that's probably not what you wanted to hear, but I don't have time to work on a gQUIC transformer myself at this time. I would of course accept PRs ;)
More feedback on pcap2qlog for IETF QUIC or the qvis toolset is of course always welcome as well!
With best regards, Robin
Hi, there!
Thank you for developing the analysis tool of quic protocol. Just wondering whether this pcap2qlog converter supports gQUIC as well as IETF QUIC?
I just run the script as the follows. /projects/pcap2qlog$ sudo node ./out/main.js --input=./input_dir/quic.pcap --tshark=~/projects/wireshark/run/tshark
and I got an error in the generated qlog file:
{ "qlog_version": "draft-01", "description": "", "traces": [ { "error_description": "TypeError: Cannot read property 'quic.scid' of undefined", "uri": "./input_dir/ming.pcap" } ] }
Sincerely, Percy