ICE iMpact Wireshark Dissector
Wireshark Compatibility Table
ICE iMpact Multicast Feed Wireshark Custom Dissector compatibity table:
| Dissector | Wireshark | Notes |
|---|---|---|
| icemulticast-spec1.22.dll | 1.12.13 (64-bit) | Typical plugin install path: "C:\Program Files\Wireshark\plugins\1.12.13" |
| icemulticast-spec1.34.dll | 2.0.3 (64-bit) | Typical plugin install path: "C:\Program Files\Wireshark\plugins\2.0.3" |
| icemulticast-spec1.42.dll | 3.0.5 (64-bit) | Typical plugin install path: "C:\Program Files\Wireshark\plugins\3.0\epan" |
Capture UDP Packets
To capture UDP packets use tcpdump tool:
$ sudo tcpdump -i $NIC udp and host $IP and port $PORT -w $FILENAME.pcap
where:
$NIC- Network interface name$IP- Multicast feed IP address$PORT- Multicast feed port number$FILENAME- The name of the PCAP file
For example, for ICE Futures Brent FOD Snapshots :
$ sudo tcpdump -i eth0 udp and host 233.156.208.230 and port 20230 -w ice-brent-fod-snapshots.pcap
The output will be:
tcpdump: listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
When enough packets captured, use Ctrl+C to stop tcpdump:
^C
1446 packets captured
1459 packets received by filter
0 packets dropped by kernel
Now you can open ice-brent-fod-snapshots.pcap file in Wireshark.
