Wireshark-dev: Re: [Wireshark-dev] Bluetooth coloring rules
From: Gerald Combs <[email protected]>
Date: Wed, 01 May 2013 14:15:08 -0700
On 5/1/13 10:28 AM, [email protected] wrote:
> What exactly "move to Bluetooth specific global configuration profile" means?
> Now using Wireshark is flexible: I open Bluetooth logs or eth-logs in another
> Wireshark session. Also remember about possibility to see Bluetooth protocols
> over USB. After move I must any time switch to Bluetooth profile? Also must copy
> defaults colors to Bluetooth profile, because network payload is possible over
> Bluetooth interface (TCP, etc.. see btbnep [BNEP protocol]). Last small thing:
> Bluetooth payload is also possible over network payload (for example WiFi/WLAN: partially by btamp and bt-oui).

It means that when you start up Wireshark you will be able to select a
Bluetooth-specific configuration profile in the lower right corner of
the main window or via Edit→Configuration Profiles. Wireshark will
remember this selection between sessions and users can copy and
customize global profiles. I checked in a proposed profile directory in

> I think current state of comfortable. If there any performance or stylish reason
> to move it?

Traditionally the default colorfilters file contained a minimal set of
rules focused on general troubleshooting. A case could be made to add
rules for WiFi, storage, telephony, and other types of traffic but we
haven't done so mainly because it would make the default rule set

> Why is there a lot of Bluetooth colors? Bluetooth stack is quite hermetic, every
> protocol is some specific functionality. Colors significantly increase
> readability. I will use Wireshark to analyze Bluetooth payloads and fixing bugs,
> so you can assume that colors are verified in practice.

I think the colors are great and they make me wish we had similar rule
sets for other protocols.