Hi Martin,
2013/6/15 martin f krafft <madd...@debian.org>:
> also sprach Bálint Réczey <bal...@balintreczey.hu> [2013.06.15.2037 +0200]:
>> tshark already does that:
>> $ tshark -V -i wlan0 -i lo
>
> Yeah, with -V, but that is too verbose. What I meant was to provide
> an option or some other way to include the interface in the
> line-by-line default output.
>
> Sorry that I wasn't clearer…
I agree that this information can be quite handy and there is already
a way to achieve what you are asking for.
Wireshark supports Lua language for extending its functionality
without compiling anything:
rbalint@chaos:~$ cat if_id.lua
-- trivial postdissector example
-- declare some Fields to be read
if_id_f = Field.new("frame.interface_id")
-- declare our (pseudo) protocol
trivial_proto = Proto("trivial","Trivial Postdissector")
-- create a function to "postdissect" each frame
function trivial_proto.dissector(buffer,pinfo,tree)
-- obtain the current values the protocol fields
local if_id = if_id_f()
io.write(string.format("If id: %s", tostring(if_id)))
end
-- register our protocol as a postdissector
register_postdissector(trivial_proto)
rbalint@chaos:~$ tshark -Xlua_script:if_id.lua -r /tmp/asd2.pcap
If id: 0 1 0.000000000 192.168.0.154 -> 200.237.192.15 TCP 66 52903 >
http [ACK] Seq=1 Ack=1 Win=3287 Len=0 TSval=18026345 TSecr=791985608
If id: 1 2 0.009209000 127.0.0.1 -> 127.0.0.1 ICMP 98 Echo
(ping) request id=0x138f, seq=3/768, ttl=64
I think having this option should be enough to fulfill this wish.
Having my Wireshark developer on I would like to keep the C codebase simple
and keep the default output in the current form. There is so much
information which
would be handy, but there is not enough room for them.
Cheers,
Balint
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
