On 4 jul 2011, at 17:22, Stig Bjørlykke wrote:
> 2011/7/4 Sake Blok <sake@xxxxxxxxxx>:
>> Conversation coloring is just one of the sources of these temporary coloring filters. Rightclicking on any field can also create a temporary coloring rule. IMHO it is the fact that these coloring rules don't get saved to the colorfilters file that makes them distinctive :-)
>
> Hmm, ok. Maybe I should find a smarter name then. I think it should
> be possible to see why the packet i colorized, and "tmp" does not tell
> me anything :)
Where do you need that info, in the frame section of the packet details we list the following:
Coloring Rule Name: ___tmp_color_filter___01
Coloring Rule String: (ip.addr eq 192.168.0.104 and ip.addr eq 208.117.232.170) and (tcp.port eq 50388 and tcp.port eq 80)
Or (when using a field to create the temporary coloring filter):
Coloring Rule Name: ___tmp_color_filter___01
Coloring Rule String: ip.id == 0x59fe
(I do see a little problem that this information is not updated for the current packet after doing the coloring, you need to select another packet first and them come back to the original one at the moment)
Cheers,
Sake
