Supported Protocols
This is the list of protocols and layers TraceWrangler currently supports when sanitizing files:
- Ethernet
- VLAN tags
- ARP/RARP
- Tunneling: AYIYA, GRE, GTP-U, VXLAN, Geneve (most are just passed through)
- IPv4
- IPv6, including Fragmentation Headers (more Extension Headers to come at a later time)
- TCP
- UDP
- ICMPv4
- ICMPv6
- DHCPv4
- NetFlow v5
- HSRP
- RTPS
If a protocol is not supported, TraceWrangler will do one of two things, depending on the payload settings you define on the General Settings section:
- keep the unknown protocol intact, which may expose sensitive data
- truncate the frame at the offset where the unknown protocol starts
The safe way of handling unknown protocols is to configure the sanitization task to remove them.