Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 4887] New: Adding support for Gigamon headers (timestamp, source port, length,

[bugzilla-daemon@xxxxxxxxxxxxx]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4887

           Summary: Adding support for Gigamon headers (timestamp, source
                    port, length, etc) that are inserted by Gigamon
                    network equipments
           Product: Wireshark
           Version: SVN
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: tieuthunhi@xxxxxxxxxxx


Created an attachment (id=4798)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4798)
patch file to 33247 - tested on Centos 5 and Windows 7

Build Information:
SVN 33247 (06-17-2010)
--
Packets that are processed by Gigamon network equipments (www.gigamon.com) can
optionally modified to include a header or trailer which contains these
information:
- Source port id
- Original length
- Timestamp (as entered into the network equipment vs as recorded by the packet
capture device for example)

By adding support to display the Gigamon header/trailer to Wireshark, it
enables the user to monitor live network by connecting Wireshark to the tool
port of Gigamon network equipment, or using Wireshark to view the pcap file
offline.

The patch submitted consists of 3 modifications:
- Adding dissector for gmhdr (the header)
- Adding support for the trailer
- Adding new column to sort the packets based on the timestamp in Gigamon
header/trailer

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.