> I wonder if something like this might be done -my
> understanding of GTK is null-:
>
> Sender Proxy Receiver
> |------->(5060) | |
> |INVITE | |
> | | |
> | (5060)---->(7777) |
> | INVITE |
> | | |
> | | (7777)-------->|
> | | INVITE |
>
> It would work for either same or different port/transport,
> for both directions, and the visual perception would be kept.
> For the ASCII dump I don't think it would be difficult, but
> the graph is out of my reach.
Francisco, I like your solution a lot, as actually "forwarding" (same
IP, different ports) is very common.
In the IP case, the source and destination ports should always be
mentioned, IMHO.
Keeping one vertical line for one IP hosts makes sense to me, thus
limiting the number of vertical lines, and directly linking to a notion
that can be visualized: the IP address.
Sender Proxy Receiver
|(3333)-->(5060)| |
|INVITE | |
| | |
| (5060)---->(7777) |
| INVITE |
| | |
| |(7777)-->(5060)|
| |INVITE |
Another way of seeing it is:
Sender Proxy Receiver
|(3333)-->(5060)| |
|INVITE | |
| | |
| |(5060)--+ |
| INVITE | |
| |(7777)<-+ |
| | |
| |(7777)-->(5060)|
| |INVITE |
This also reminds me of another remark for the flowgraph feature.
Currently, on top of the arrows, the protocol name is mentioned (SIP,
GSM MAP, ...).
Although I understand why this is useful when sniffing a network which
supports many protocols (internet or corporate LAN), this is less useful
in analysis and debugging environments where the protocols have a great
chance to be limited to 1, 2 or 3.
Displaying something like "SIP/INVITE" or "Diameter/CER" or "ARP/Who
has" or "Camel/InitialDP" (protocol + message name) will really be
great. But I don't know how this can be done as I don't think we have a
common field (across the protocols) that indicates what the "message
name" is. The colinfo usually contains it, but with far too many info.
Olivier.
Olivier.
