Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] tcp graphs vs. sctp graphs

From: Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx>
Date: Mon, 12 Nov 2012 08:35:26 -0500
Hi Cristian, a couple of comments in-line below.
Martin

On Mon, Nov 12, 2012 at 5:41 AM, Cristian Constantin <const.crist@xxxxxxxxxxxxxx> wrote:
hi!

I am just a bit confused about the way the tcp graphs are presented to the user.
I am using debian/Version 1.6.5

1. tcp. if one selects (for example):

Statistics/TCP Stream Graph/Window Scaling Graph

from the main menu, one gets the graph from the perspective of the endpoint which is
represented by source ip address, source ip port of the frame containing the tcp segment 
selected in the main wireshark window, right?
for getting the graph for the other endpoint, I have to close the current graph and select a tcp
segment with the source ip/port of the other endpoint and select again:

I also found the method of needing to select a frame for the chosen conversation before launching TCP Stream Graph windows frustrating... Since yesterday you can find the TCP conversation from the Statistics menu and click on buttons to launch graphs for A->B or B->A.  I didn't use TCP Stream Graphs back in 1.6 but there is no need to close one graph now before opening another.
 
Statistics/TCP Stream Graph/Window Scaling Graph

wouldn't have been more intuitive and easier to use (from the user perspective) changing the
graph dynamically when another source endpoint is selected in the main window? or to present
such a choice in the tcp graph windows?


The control window that (now) pops up alongside the graph allows you to toggle between the various graph types.  For the buttons I mentioned above, I made always start with Time / Sequence (tcptrace-style), because that seems to be the most useful one.  I suppose this could be controlled by a preference.

This changes are available in the current sources, or in the most recent automated builds.
 
2. sctp. I find the way the graphs are presented to the user much more intuitive and easier to use
(i.e. _explicitly_ per endpoint of the association). for example, choosing from the main menu:

Telephony/SCTP/Show All Associations...

then selecting the association from the popped-up window and then requesting the
graphs per _endpoint_. 

(i.e. "Analyse" button in the "SCTP Associations" window, then choosing the endpoint tab in the
"SCTP Analyse Association" window and then pressing one of the graph buttons)

 
cristian

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe