Wireshark-users: Re: [Wireshark-users] Changing the display fields

From: "Kondal Rao" <kondal04@xxxxxxxxx>
Date: Thu, 2 Jul 2009 15:06:38 -0700

Hi,

This is good, but wouldn't it slow down the capture/display because of the
name resolution?

-KK

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of
j.snelders@xxxxxxxxxx
Sent: Thursday, July 02, 2009 1:39 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Changing the display fields

Hi,

Yes, it's possible.
http://www.wireshark.org/docs/man-pages/wireshark.html:
Name Resolution (hosts) 
If the personal hosts file exists, it is used to resolve IPv4 and IPv6
addresses
before any other attempts are made to resolve them. The file has the
standard
hosts file syntax; each line contains one IP address and name, separated
by whitespace. The same directory as for the personal preferences file is
used.

BTW
You have to enable network name resolution:
Edit -> Preferences -> Name Resolution.
Qiut and lauch Wireshark again.

HTH
Joan


On Thu, 2 Jul 2009 11:59:09 -0700 Kondal Rao wrote:

>Hi,
>
>I'm trying to change the display information in the list of packet capture,
>like changing the "source ip address" to some meaningful text like "Client
>01".
>
>How do I do this?
>
>I see that filters would not be helpful, so some lua script should able
to
>do. But could not find sufficient information on this.
>
>Help me on this.

>
>Thank you,



       


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
 
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe