The Wireshark Tools menu contains the fields shown in Table 3.12, “Tools menu items”.
Table 3.12. Tools menu items
This allows you to create command-line ACL rules for many different firewall products, including Cisco IOS, Linux Netfilter (iptables), OpenBSD pf and Windows Firewall (via netsh). Rules for MAC addresses, IPv4 addresses, TCP and UDP ports, and IPv4+port combinations are supported.
It is assumed that the rules will be applied to an outside interface.
Menu item is greyed out unless one (and only one) frame is selected in the packet list.
This allows you to extract credentials from the current capture file. Some of the dissectors (ftp, http, imap, pop, smtp) have been instrumented to provide the module with usernames and passwords and more will be instrumented in the future. The window dialog provides you the packet number where the credentials have been found, the protocol that provided them, the username and protocol specific information.
These options allow you to work with the Lua interpreter optionally built into Wireshark. See “Lua Support in Wireshark” in the Wireshark Developer’s Guide.
The Lua menu structure is set by console.lua in the Wireshark install directory.