Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Ethereal-dev: [Ethereal-dev] Follow TCP Stream dialog fixes

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Chris Eagle" <cseagle@xxxxxxxxxxxx>
Date: Tue, 1 Feb 2005 21:54:53 -0800
First, does anyone read these emails?  I have posted before on this topic
and never seen any replies.  From browsing the archives, it is clear that I
am not the only one that believes a problem exists in the "Follow TCP
Stream" display

Bottom line on this email is that the attached patch fixes several problems
with the Follow TCP Stream dialog.

Now, why are these changes needed:

1. There is currently no way to save the raw binary data of a stream to a
file.  This is because the current implementation converts all non-printable
ASCII characters to '.' before writing to the GTK window or a file.
Carriage returns are also added.  This renders the saved data useless for
binary analysis.  The attached patch adds a "Raw" radio button that provides
the same text display as the ASCII button, but allows for raw binary save
when the "Save As" button is clicked.

2. The "Hex Dump" and "C Arrays" options are useless for all but the
smallest of streams.  When I tried to view a "Hex Dump" of a 1.4Mb stream,
it took 18 minutes to generate, I gave up on the "C Arrays" display when it
had failed to produce any output after 2 hours.  This on a fairly beefy
laptop.  While ethereal was attempting to generate these two displays, it
was utterly useless and appeared to the casual observer to be completely
locked up.  No hour glass icon or anything.  The attached patch improves
performance so that each of the two displays above takes about 8-10 seconds
to generate.

Point number 1 has been raised in the past.  I have no idea why it has yet
to be fixed.  People have even offered patches in the past.  A "Save As"
feature that does not faithfully save the stream is essentially useless,
raising the question "why have it at all."  Likewise, the excessive times
required to generate hex dumps and c arrays make those "features" useless as
well.  If no one has any intention of incorporaing fixes for the problem, or
at least acknowledging that a problem exists, then the functionality should
be removed altogether.

Regards,

Chris

Attachment: follow_stream_fix.patch
Description: Binary data

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube