This is the list of protocols and layers TraceWrangler currently supports when sanitizing files:

  • Ethernet
  • VLAN tags
  • Tunneling: AYIYA, GRE, GTP-U, VXLAN, Geneve (most are just passed through)
  • IPv4
  • IPv6, including Fragmentation Headers (more Extension Headers to come at a later time)
  • TCP
  • UDP
  • ICMPv4
  • ICMPv6
  • DHCPv4
  • NetFlow v5
  • HSRP
  • RTPS

If a protocol is not supported, TraceWrangler will do one of two things, depending on the payload settings you define on the General Settings section:

  1. keep the unknown protocol intact, which may expose sensitive data
  2. truncate the frame at the offset where the unknown protocol starts

The safe way of handling unknown protocols is to configure the sanitization task to remove them.