|
>>Greg Morris wrote:
>> I have a number of new additions to Ethereal that I want to submit. But
>> I know that the list was wanting only bug fixes this week prior to the
>> next release. Should I still submit my new additions or wait for another
>> week or so?
> Guy Harris wrote:
> I'll let Gerald give an official answer, but it appears that he's
> branched off 0.10.13; if so, it's probably OK to add new features to the
> main branch, as they won't go into 0.10.13.
Ok. I will wait for further responses from Gerald. >> New Feature: >> Error Equivalency Tables: >> Similar to SRT functionality, but to enable, each dissector needs to add >> an additional tap. (<protocol>-err) IE tcp-err. This feature parses the >> packet trace and via the tap interface counts the number of errors >> reported and provides a table of the composite data. > Should those errors (or, at least, the significant ones) also be marked > using the "expert" feature Ulf Lamping added - or should *repeated* > errors be so marked? I think some network analyzers' expert feature > reports problems such as "too many open errors".
Unfortunately, I had missed seeing the mailing list entries for the expert
feature by Ulf. I have been reviewing and it looks like I can also use the
same tap. I will look at modifying the code to utilize the similar data.
If Ulf would like to incorporate then I can provide the data.
>> I have currently done the error table tap and modifications to both the
>> NCP and TCP dissectors. One neat feature is the ability to highlight one
>> of the errors listed in the error table, right click the mouse button,
>> and then search the internet for the error string. (I currently default
>> to Google for the internet search)
>Presumably it uses the "browser_open_url()" routine declared in
>gtk/webbrowser.h, so that it'll open the URL correctly on:
> Windows;
> OS X;
> UNIX+X11, if the preference for the browser "open a URL" command is set
> correctly (someday, if we support a GTK+GNOME version, that version
> could use the standard GNOME APIs to let you open up a browser with a
> given URL, and if we ever do a Qt+KDE version, it should also do that).
Yes, it uses the browser_open_url() function.
>> I have attached a few screen shots of this new feature.
> It looks as if it provides, in some ways, a summary window for the
> "expert" mechanism (especially given that the TCP statistics aren't all
> for errors - window updates aren't really errors).
> There's currently no summary mechanism for the expert feature; perhaps
> the expert feature should support both a "generic" string for items,
> such as "Connection establish request" for TCP, and a "specific" string
> for each item, with the latter being what's displayed in the "Expert
> Info" window, and the former used to compute the summary counts for the
> "error equivalence" window and to do the Web search.
> We might be able to piggyback your new feature atop the "expert"
> mechanism. Does that make sense?
Again, yes, I like the passing of the criticality of the message as does the
expert feature. I think that best solution would be for me to re-evalutate
how the works and utilize the efforts made by other contributers. I will get
back to the list after some additional modifications and changes.
Thanks for the input,
| 
