Wireshark · Ethereal-dev: Re: [Ethereal-dev] Follow TCP Stream problem?

Ethereal-dev: Re: [Ethereal-dev] Follow TCP Stream problem?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxx>

Date: Tue, 9 Oct 2001 13:41:55 -0700 (PDT)

> I can get it to work both ways... 
> 
> 1) The correct way. 
> 
> Right click a packet with source address XXX.XXX.XXX.XXX
> and select the 'Follow TCP Stream' option.
> 
> 2) The wrong way.
> 
> Right click a packet with source address YYY.YYY.YYY.YYY
> and select the 'Follow TCP Stream' option.

"follow_read_stream()" appears to consider the "client" to be the
host/port from which the first packet in the stream is sent (which isn't
necessarily the case, of course, if you've caught the traffic in
mid-stream...).

However, "follow_stream_cb()", I suspect, considers the "client" to be
the host/port from which the *currently selected packet* is sent.  That
controls which of the last two two items in the option menu is
considered the "client" direction and which is considered the "server"
direction.

"follow_read_stream()"s choice is more likely to be correct than is
"follow_stream_cb()"s choice, so it shouldn't be changed.

Perhaps, instead, we need to have the callbacks for the option menu not
choose whether to show "client->server" or "server->client", but choose
one or the other address/port pairs as the source to show.

References:
- RE: [Ethereal-dev] Follow TCP Stream problem?
  - From: Jeff Foster

Prev by Date: RE: [Ethereal-dev] Follow TCP Stream problem?
Next by Date: RE: [Ethereal-dev] Follow TCP Stream problem?
Previous by thread: RE: [Ethereal-dev] Follow TCP Stream problem?
Next by thread: RE: [Ethereal-dev] Follow TCP Stream problem?
Index(es):
- Date
- Thread