Hi all
(I ask you to reply this to may private email and also to the list since I do not subscribed to it. Thank you.)
I need to write a 'report for dummies' and 'Follow TCP Stream' has the right measurement for this. (no offense to anyone. the point here it that this window hides a lots of info unnecessary to not IT people)
'Follow TCP Stream' is a great feature. But how can I follow 2 or more streams that are, say, related? For example, I like to follow the whole http sections of getting a HTML page.
I can see this at the main window writing filters but 'Follow TCP Stream' window has its own idea about what a stream is. It uses, for example:
(ip.addr eq X.Y.W.Z and ip.addr eq A.B.C.D) and (tcp.port eq 32785 and tcp.port eq 80)
and I'd like to use
(ip.addr eq X.Y.W.Z and ip.addr eq A.B.C.D) and (tcp.port eq 80).
I need to keep the data time ordered.
Any ideas?
All the best
--
Ethy H. Brito /"\
InterNexo Ltda. \ / CAMPANHA DA FITA ASCII - CONTRA MAIL HTML
+55 (12) 3941-6860 X ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL
S.J.Campos - Brasil / \
