Is there any recommended way of annotating capture files in a way that
Wireshark could display in nice way on the UI? I would like to be able
to insert text comments between frames and it would also be nice to be
able to add expert info entries. So far, I've been using a dummy frame
that I
On Nov 11, 2010, at 3:55 PM, Jouni Malinen wrote:
Is pcap-ng likely to materialize any time soon?
Define materialize. Wireshark is capable of reading and writing pcap-ng
files, and has been capable of that for a while; libpcap 1.1.x can also read
pcap-ng files that have only one link-layer
On Fri, Nov 12, 2010 at 2:15 AM, Guy Harris g...@alum.mit.edu wrote:
Define materialize. Wireshark is capable of reading and writing pcap-ng
files, and has been capable of that for a while; libpcap 1.1.x can also read
pcap-ng files that have only one link-layer type and snapshot length
On Nov 11, 2010, at 7:30 PM, Jouni Malinen wrote:
This looks somewhat better than the picture I got from the wiki page
(http://wiki.wireshark.org/Development/PcapNg) which seemed to
indicate that only Ethernet link type would be supported. Though, the
per-packet opt_comment part would likely
On Nov 11, 2010, at 5:27 PM, Hadriel Kaplan wrote:
If you do it, please make it agnostic to the file format, or at least easy to
patch for other file formats. Wireshark supports reading/writing multiple
file formats, some of which also support per-packet comments,
Which ones other than
On Nov 11, 2010, at 8:45 PM, Guy Harris wrote:
On Nov 11, 2010, at 5:27 PM, Hadriel Kaplan wrote:
If you do it, please make it agnostic to the file format, or at least easy
to patch for other file formats. Wireshark supports reading/writing
multiple file formats, some of which also
