Wireshark-dev: Re: [Wireshark-dev] Bluetooth coloring rules
From: Gerald Combs <[email protected]>
Date: Wed, 01 May 2013 14:15:08 -0700
On 5/1/13 10:28 AM, [email protected] wrote:
> 
> What exactly "move to Bluetooth specific global configuration profile" means?
> Now using Wireshark is flexible: I open Bluetooth logs or eth-logs in another
> Wireshark session. Also remember about possibility to see Bluetooth protocols
> over USB. After move I must any time switch to Bluetooth profile? Also must copy
> defaults colors to Bluetooth profile, because network payload is possible over
> Bluetooth interface (TCP, etc.. see btbnep [BNEP protocol]). Last small thing:
> Bluetooth payload is also possible over network payload (for example WiFi/WLAN: partially by btamp and bt-oui).

It means that when you start up Wireshark you will be able to select a
Bluetooth-specific configuration profile in the lower right corner of
the main window or via Edit→Configuration Profiles. Wireshark will
remember this selection between sessions and users can copy and
customize global profiles. I checked in a proposed profile directory in
r49116.

> I think current state of comfortable. If there any performance or stylish reason
> to move it?

Traditionally the default colorfilters file contained a minimal set of
rules focused on general troubleshooting. A case could be made to add
rules for WiFi, storage, telephony, and other types of traffic but we
haven't done so mainly because it would make the default rule set
unmanageable.

> Why is there a lot of Bluetooth colors? Bluetooth stack is quite hermetic, every
> protocol is some specific functionality. Colors significantly increase
> readability. I will use Wireshark to analyze Bluetooth payloads and fixing bugs,
> so you can assume that colors are verified in practice.

I think the colors are great and they make me wish we had similar rule
sets for other protocols.