ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 12218] New: Expert Information UI unusable in the new GUI

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 01 Mar 2016 14:46:10 +0000
Bug ID 12218
Summary Expert Information UI unusable in the new GUI
Product Wireshark
Version 2.0.2
Hardware x86-64
OS Windows 7
Status UNCONFIRMED
Severity Normal
Priority Low
Component GTK+ UI
Assignee [email protected]
Reporter [email protected] 

Build Information:
Version 2.0.2 (v2.0.2-0-ga16e22e from master-2.0)

--
TLDR; Revert the "Expert Info" window back to the old style.


This is not a bug per say, but the new layout in the new GUI (v2.x) makes the
Expert Information window pretty much unusable.
Something that was working that has become unusable is "broken", and hence I
create a bug.


Scenario:
In new networks I usually capture 500 000 packets to see if I find anyting
strange.
One of the routine steps is to check the "Expert Information" so see if
Wireshark has spotted something noteworthy.
In the old GUI, I simply clicked each tab (Errors, Warnings, Notes, Chat) and
then sorted based on count.

Quick and easy to spot odd things.

With the new v2.x GUI, you can't sort the actual data!
You can only sort the uppermost categories (severity/group/protocol/count).

My current 500 000 packets from a random network generates
Severity Group       Proto Count
Error    Malformed   TCP   17830
Error    Malformed   mDNS  2416
Error    Malformed   HTTP  129
...and a few more...
Warn     Sequence    TCP   85233
Warn     Malformed   LDAP  25
...etc...
...etc...
...etc...

When I expand the "Warn     Sequence    TCP", I see a long long long list of
85233 issues.

There's no way to sort them or group them together! :-(


So If I want to see all the "TCP Window Zero" warnings, I have to scroll
through 85 thousand lines and manually spot them, hiding between thousands of
"ACKed segment that wasn't captured (common at capture start)", "This frame is
a (suspected) out-of-order segment", "Connection reset (RST)", etc.

I want to simply sort the data based on count, so I can see that there were 88 
"TCP Window Zero" warnings, 1439 "ACKed segment that wasn't captured (common at
capture start)", 79822 "This frame is a (suspected) out-of-order segment", and
so on.


The old window with separate tabs for each category, with grouping & sorting
for the actual data in it, is much better. Please revert back to it.

/Elof

You are receiving this mail because:
  • You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube