I worked on something in this area earlier this year (extending current
functionality to allow named subnets / partial matching - the patch has
not yet been committed.
If you turn on asynchronous name resolution (I think the dialogs may
call it concurrent) much of the speed issue with loading
My last post on this subject wound up on the wrong forum, so I'd like to repost
here. My traffic is encapsulated in a VPN tunnel, when it is unencrypted I can
see the start of the IP protocol 5 bytes into the payload. The first 5 bytes
are overhead protocols for the tunnel itself (some form of
Sure, here is one typical packet. In this particular case the VPN protocol
(PPP?) is 5 bytes and in the beginning of this payload: The final byte (value
of 18 here) is apparently a sequence number as it increases by one in each
packet. The middle 3 bytes aren't overly informative and I assume
Thanks Guys Harris a lot. I understand more now. Actually I copied without
modifying header fields a, so it appeared to be *three* a in
proto_tree_add_item
Steven
On 3/12/07, Guy Harris [EMAIL PROTECTED] wrote:
On Mar 12, 2007, at 5:47 PM, Steven Le wrote:
No bitmasking necessary -
That works perfectly. Thanks Guy.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Guy Harris
Sent: Monday, March 12, 2007 8:13 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] proto_add_tree_item versus proto_add_tree_string
On
Hi John!
Sorry for the delay, I'm currently really busy ...
BTW: You can get the current folders inside WS at Help / About / Folders
BTW8): Some more infos on this topic are at:
http://www.wireshark.org/docs/wsug_html_chunked/ChAppFilesConfigurationSection.html
John T. Haller wrote:
I
