Wireshark · Ethereal-dev: [Ethereal-dev] [RFC] User-operated dissection

Ethereal-dev: [Ethereal-dev] [RFC] User-operated dissection

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Biot Olivier <Olivier.Biot@xxxxxxxxxxx>

Date: Fri, 16 Apr 2004 10:45:57 +0200

Hi list,

Sometimes we have a huge capture containing lots of packets from different
protocols and we want to generate a small capture file that shows a specific
issue. Very often we are tempted to either write a display filter or mark
interesting packets that will later be saved to a smaller capture file.

Eventually we reopen the smaller capture file and we realize that we cannot
dissect it anymore as some crucial packets have not been included in the
file.

I propose we add a new operation mode to Ethereal where we can
enable/disable packet dissection per packet, something similar to the
Mark/Unmark option we have.

This operation mode has the following benefits:
1. You can test the dissection based on the selected packets prior to saving
to a file
2. You can censure packets which fool your dissection, allowing to remove
"false errors"

Fire your remarks!

Regards,

Olivier

Prev by Date: [Ethereal-dev] [RFC] Proposal for Print, Save and Export functionality
Next by Date: RE: [Ethereal-dev] Add PDML output to ethereal
Previous by thread: Re: [Ethereal-dev] [RFC] Proposal for Print, Save and Export functionality
Next by thread: RE: [Ethereal-dev] [RFC] Proposal for Print, Save and Export func tionality
Index(es):
- Date
- Thread