On 10/30/2013 07:25 AM, Anders Broman wrote:
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Matthieu Patou
Sent: den 30 oktober 2013 09:15
To: Developer support list for Wireshark
Subject: [Wireshark-dev] multiple parsing of the same packets
Hello,
I noticed long time ago that wireshark is parsing the same packet at least 3 tree times.
To make it worse if I go back and forth to the same packet it will be dissected one more time.
A packet will be redissected when selected in the packet list
With complex protocols like DRS (directory replication for Active
directory) it's really a problem as the UI freeze for a while.
First thing, why 3 dissections initially, is there a way to reduce this to 2, I more or less understand why 2 pass are needed but 3 ...
Is it 3 times for all packets or "only" for the ones visible in the GUI?
I don't know when I start wireshark it has always an empty filter but I
suspect that it's only for the visible ones.
Matthieu.
--
Matthieu Patou
Samba Team
http://samba.org
