Wireshark · Wireshark-dev: Re: [Wireshark-dev] PCAP-NG metadata support

Wireshark-dev: Re: [Wireshark-dev] PCAP-NG metadata support

From: Stephen Donnelly <Stephen.Donnelly@xxxxxxxxxx>

Date: Mon, 23 Jul 2012 21:24:41 +0000

-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Carpenter, Brandon J
Sent: Saturday, 21 July 2012 5:16 a.m.
To: wireshark-dev@xxxxxxxxxxxxx
Subject: [Wireshark-dev] PCAP-NG metadata support

Hi all,

I've been working on a patch to overcome one of Wireshark's limitations with regard to PCAP-NG captures.  The patch adds metadata (section, interface, packet options, etc) to the dissector window and allows one to filter packets based on the metadata

It's also notable that the useful 'capinfos' CLI tool does not decode/display any Pcap-NG SHB/IDB metadata.

Stephen

References:
- [Wireshark-dev] PCAP-NG metadata support
  - From: Carpenter, Brandon J

Prev by Date: Re: [Wireshark-dev] [Wireshark-commits] rev 43934: /trunk-1.8/wiretap/ /trunk-1.8/wiretap/: Makefile.am
Next by Date: Re: [Wireshark-dev] PCAP-NG metadata support
Previous by thread: Re: [Wireshark-dev] PCAP-NG metadata support
Next by thread: Re: [Wireshark-dev] PCAP-NG metadata support
Index(es):
- Date
- Thread