Martin Regner wrote:
>
>Below is some of the things I have marked (however just written down
quickly, but I
>hope you understand what I mean anyway).
Well, hopefully I do.
>
>
>Chapter 1.7.2 (page 10) Reporting problems:
>------------------------------------------------
>* Maybe we could give hints about reading the FAQ and searching the
Ethereal web-site/news-groups
I've added a section about the FAQ.
I've added a tip that the mailing lists are searchable (is that what you
mean?)
>* Add a Note: Don't send capture files with sensitive/confidential
information (passwords) to the mailing list
Done
>
>Chapter 1.7.4 (page 11) Reporting crashes on Windows platforms
>--------------------------------------------------------------------
>* Could be improved later on (maybe some comments about DrWatson logs
or using Visual C++)
As I'm only using the MSVC debugger together with the pdb's, I don't
know how to use DrWatson and what can be done with it :-(
>
>Chapter 3.15 (page 49) the "Packet list" pane
>------------------------------------------------
>* Maybe change "you will see the information from the highest possible
level only"
>to
>"you will normally see information from the highest possible level only"
I've added "typically" to the sentence
>
>Chapter 5.2.2 (page 68) Input File Formats
>---------------------------------------------
>* Add a Note: It may not be possible to read some formats dependant on
the packet types captured.
>
>Ethernet captures are normally supported for most file formats, but
other packet types may not be possible to read
>for some file formats.
added a slightly changed note, please review
>
>Chapter 5.3.2 (page 71) Output File Formats
>---------------------------------------------
>* Add a Note: Other protocol analyzers may require that the file has
a certain suffix
>in order to read the files you generate with Ethereal.
>e.g.
> ".ENC" for Network Associates Sniffer DOS-format
> ".DMP" for Tcpdump/libpcap
> ".CAP" for Network Assosciates Sniffer Windows
>
done
>The Syngress book about Ethereal has useful information about how you
can transfer capturs
>to/from other protocol analyzers. It may be good to add some similar
things later on.
I don't have that book and I don't want to break their copyright.
However, it might be a good idea.
>
>Chapter 6.3 (page 93 -94) Building display filter expressions
>-------------------------------------------------------------
>* Explain why the filter "ip.addr != 10.10.20.10" normally isn't as
useful as "ip and !(ip.addr == 10.10.20.10)"
changed
>
>Chapter 7.3 (page 110) Packet Reassembling
>------------------------------------------------
>* Mention that you may have to change some preference settings for
(IP/TCP,...) in order to get packet
>reasembly to work
I've added a note
>
>Chapter 8.8 (page 125) The protocol specific statistics
>-------------------------------------------------------
>* We should probably add some details about RTP Analysis later on, and
other statistics ...
Well, that's already mentioned, here's some more work to be done.
>
>Chapter 9.4.2 (page 137-138) User Specified Decodes
>----------------------------------------------------------
>* We should maybe add some information that it will not always be
possible to
>force dissection with the Decode As functionality.
>- dissector hasn't been register for udp.port
>- there is a conversation that has higher priority
>- the dissector rejects dissection of the packet
>- ...
Could you send a more detailed text about it, as I don't have much
knowledge on this topic (I don't use "Decode as" a lot).
>
>Things that could be good to add:
>=======================
>* Some things from the FAQ could be added at suitable places in the
user guide (and/or we could refer to the FAQ on
>certain places).
I've added this to my todo list, but as I want to release the guide
soon, I would think this will be done in the next release.
>* Maybe add a table similar to the supported media table
http://www.ethereal.com/media.html
I've added a subsection "1.1.3. Live capture from many different network
media" to the "1.1 What is Ethereal" section, pointing to that webpage.
