The most recent comments added by Bahaa Naamneh to bug #2581
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2581) prompted me
to generate a spreadsheet of as many "questionable" display filter
fields as I could find. As I mention in the spreadsheet, I define
"questionable" as follows:
1) Any field that is not exactly prefixed with its PROTOABBREV and a
period.
2) Any protocol that has zero registered fields.
3) Any field that simply doesn't look similar (stands out) to other
fields for that protocol.
4) Fields with apparent redundancies in their names.
5) PROTABBREV itself is a questionable name, (e.g., it contains a
period).
I don't know if it's best to generate a new bug report and attach this
information to it, or to file it with one of the existing bugs, either
2581 as mentioned above, or one of these bugs related to display filter
field problems:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1788
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1804
I'm leaning towards just generating a new bug report for all of them and
closing both 1788 and 1804, marking them as duplicates of the new one.
BTW: I couldn't figure out any easy way to gather the information I
wanted, so I generated the spreadsheet by manually - yes manually -
scanning through the 68303 available fields. As such, you'll understand
if I missed some or listed any that don't actual have a problem at all.
FWIW,
Chris
<<Wireshark-1.0.1-QuestionableDisplayFilterFields.zip>>
Attachment:
Wireshark-1.0.1-QuestionableDisplayFilterFields.zip
Description: Wireshark-1.0.1-QuestionableDisplayFilterFields.zip
