On Tue, Jun 12, 2007 at 08:55:06AM -0400, James Carlson wrote: > Brian Utterback writes: > > Of course if we stay up to date, the hope would be that any new protocols > > will already be supported in wireshark. If not, then that same person that > > would have updated snoop will need to update wireshark. > > ... and that leads directly to my concern. The only commitment there > is here is to deliver what happens to be in the open source.
Well, folks who need to resort to packet inspection tools *already* often have to use multiple differnt tools because they provide different degrees of dissector support for different protocols. I've used snoop and ethereal on the same captures before and likely will again. And netmon and ethereal on Windows for that matter. > Thus, we're stuck in a very strange place. We end up with a situation > where we deliver a nice new tool that works much better than the old > one (and one that many of us in networking in fact have used for > years), but the ARC will continue to advise new project teams to > enhance the moribund snoop tool for each new protocol, because that's > the "official" tool that Sun is supporting. > > We're not just wasting effort, but, as this proposal isn't aligned > with snoop or the networking group itself, we're actually marching in > the opposite direction. I'd say: EOF snoop, ask for funding to add to Wireshark any dissector functionality that is in snoop but not in Wireshark, and require that future projects that would have had to update snoop to update Wireshark instead. Requiring that the i-team here update Wireshark with any functionality in snoop that's missing in Wireshark might be (I bet would be) a deal breaker; I'd rather have Wireshark in OpenSolaris with this "strange place" situation than no Wireshark in OpenSolaris. If funding to update Wireshark with snoop functionality never shows up, oh well. Nico --
