Greg Morris wrote:
>>Greg Morris wrote:
>> New Feature:
>> Error Equivalency Tables:
>> Similar to SRT functionality, but to enable, each dissector needs
to add
>> an additional tap. (<protocol>-err) IE tcp-err. This feature parses
the
>> packet trace and via the tap interface counts the number of errors
>> reported and provides a table of the composite data.
> Should those errors (or, at least, the significant ones) also be marked
> using the "expert" feature Ulf Lamping added - or should *repeated*
> errors be so marked? I think some network analyzers' expert feature
> reports problems such as "too many open errors".
Unfortunately, I had missed seeing the mailing list entries for the expert
feature by Ulf. I have been reviewing and it looks like I can also use
the
same tap. I will look at modifying the code to utilize the similar data.
If Ulf would like to incorporate then I can provide the data.
See http://wiki.ethereal.com/Development/ExpertInfo for some more info
on this feature ...
>> I have currently done the error table tap and modifications to both
the
>> NCP and TCP dissectors. One neat feature is the ability to
highlight one
>> of the errors listed in the error table, right click the mouse button,
>> and then search the internet for the error string. (I currently
default
>> to Google for the internet search)
>Presumably it uses the "browser_open_url()" routine declared in
>gtk/webbrowser.h, so that it'll open the URL correctly on:
> Windows;
> OS X;
> UNIX+X11, if the preference for the browser "open a URL" command
is set
> correctly (someday, if we support a GTK+GNOME version, that version
> could use the standard GNOME APIs to let you open up a browser with a
> given URL, and if we ever do a Qt+KDE version, it should also do that).
Yes, it uses the browser_open_url() function.
>> I have attached a few screen shots of this new feature.
> It looks as if it provides, in some ways, a summary window for the
> "expert" mechanism (especially given that the TCP statistics aren't all
> for errors - window updates aren't really errors).
> There's currently no summary mechanism for the expert feature; perhaps
> the expert feature should support both a "generic" string for items,
> such as "Connection establish request" for TCP, and a "specific" string
> for each item, with the latter being what's displayed in the "Expert
> Info" window, and the former used to compute the summary counts for the
> "error equivalence" window and to do the Web search.
I was thinking about a way to add a (wiki) link directly by an API call.
> We might be able to piggyback your new feature atop the "expert"
> mechanism. Does that make sense?
Again, yes, I like the passing of the criticality of the message as
does the
expert feature. I think that best solution would be for me to
re-evalutate
how the works and utilize the efforts made by other contributers. I
will get
back to the list after some additional modifications and changes.
Thanks for the input,
Greg
Being busy right now, sorry for short answer.
Regards, ULFL
