https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4014
--- Comment #16 from Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx> 2010-09-14 15:03:58 MDT ---
(In reply to comment #10)
> I think the info column gets a bit messy with this info.
How about we remove some of the characters to change it from:
(id=0x412b, seq(be/le)=1/256, ttl=64)
To
id=0x412b, seq=1/256, ttl=64
So isn't as busy looking. It still doesn't measure up to the TCP dissector's
info column madness though :). Since the purpose of the info column is for us
to see the numbers changing, maybe just showing the two numbers with a slash is
enough information.
Is the ID of the ICMP packet important enough to display in the info column? I
agree about the showing sequence and ttl and possibly other things that a ping
command shows once it's supported such as response time.
As for the identifier field, FreeBSD at least on 8.1-RELEASE sends the
identifier out as little-endian on a little endian host while Wireshark
displays it in big endian format. I never realized that the ident field was
based on the process id, but sure enough on FreeBSD, /usr/src/sbin/ping/ping.c
does this:
ident = getpid() & 0xFFFF;
(since getpid returns a pid_t, which is typedef as a 32-bit integer)
So showing the identifier in decimal also would be helpful. Is the hex
representation for the identifier even useful then? Win7 sends identifier
"0x0001" which is of course just "1" in decimal. A little and big endian
representation would be nice in the protocol tree... maybe there's a better way
instead of showing two different entries? Maybe one line with the be=xxx and
then le=xxx?
What a pain.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
