Wireshark · Ethereal-dev: Re: [Ethereal-dev] Re: Ethereal Gripe

Ethereal-dev: Re: [Ethereal-dev] Re: Ethereal Gripe

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Andrew Feren" <aferen@xxxxxxxxxxxxxxxxx>

Date: Tue, 26 Aug 2003 09:26:41 -0400

----- Original Message ----- 
From: "Kevin" <kem2@xxxxxxx>
To: "Ronnie Sahlberg" <ronnie_sahlberg@xxxxxxxxxxxxxx>
Cc: "Tomas Kukosa" <tomas.kukosa@xxxxxxxxxxx>; "Guy Harris"
<guy@xxxxxxxxxxxx>; "Mark H. Wood" <mwood@xxxxxxxxx>;
<ethereal-dev@xxxxxxxxxxxx>
Sent: Sunday, August 24, 2003 9:52 AM
Subject: Re: [Ethereal-dev] Re: Ethereal Gripe

> Comment from a heavy user of ethereal.  I am not a developer in any
> manner, but my team and I do use ethereal daily.
>
> Acterna Examine has / had the ability to insert a user definable
> protocol layer into the decode.  Then filters can be applied to this
> layer using the defined field names.
>
> Just the ability to break out and display these proprietary or new
> fields is a godsend.  Any relationships between the fields is
> determined by the user.

I agree.

It was the inability of the sniffer we were using to do this that drove me
to discover and begin developing ethereal dissectors.  I agree with Ronnie
that just decoding the packet doesn't make a good dissector.  However, if a
good dissector is not available the ability to break out and display
new/proprietary fields would be fabulous.  In some cases it might even be
all that is needed.

-Andrew

Follow-Ups:
- Re: [Ethereal-dev] Re: Ethereal Gripe
  - From: Ronnie Sahlberg

References:
- Re: [Ethereal-dev] Re: Ethereal Gripe
  - From: Kevin

Prev by Date: RE: [Ethereal-dev] Patch: Add wiretap support for Endace ERF files(updated)
Next by Date: Re: [Ethereal-dev] Re: Ethereal Gripe
Previous by thread: Re: [Ethereal-dev] Re: Ethereal Gripe
Next by thread: Re: [Ethereal-dev] Re: Ethereal Gripe
Index(es):
- Date
- Thread