On Wed, 20 Aug 2003, David E. Weekly wrote:
> > I know of at least one large NAS company that is very unhappy with their
> > very expensive to maintain packet capture and analysis program give that
> > Ethereal, which is developed by a 'horde of mongrels' (according to sales
> > staff of the company that develops said program), beats the pants off of
> > it in almost every department.
>
> Ethereal is really kick ass 95% of the time.
>
> For the other 5%, I wish:
> - I could cut and paste (big PITA)
Groan, yes, I know. I tried to do this recently and couldn't.
> - I could save as text
Hmmm, hadn't thought of this need. This will need some discussion as to
what needs to be saved.
> - I could easily drop in new protocol specifications without writing
> code
We have talked about this time and time again. There are several
approaches ranging from:
- A programming language, like maybe Python, in Ethereal that can do
dissections easier than writing C code.
- A protocol specification language that you pass through a tool to
generate C code
- A pointy-clicky thing that allows you to select ranges of bytes and
specify what they are and allowed values etc.
All require lots of work and the horde of mongrels are afraid of work :-)
> I'm sufficiently not-sharp that I'm willing to believe that Ethereal *does*
> all of this and I just don't know about it - anyone care to inform me?
Nope, there are not ways to do these things, I believe.
Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
