On Feb 8, 2012, at 12:33 PM, Anders Broman wrote:
> Guy Harris skrev 2012-02-08 21:20:
>> On Feb 8, 2012, at 8:05 AM, Anders Broman wrote:
>>
>>> Should it be safeguarded with a preference?
>> No. Older versions of Wireshark will ignore name resolution blocks, as does
>> libpcap and hence all
Guy Harris skrev 2012-02-08 21:20:
On Feb 8, 2012, at 8:05 AM, Anders Broman wrote:
Should it be safeguarded with a preference?
No. Older versions of Wireshark will ignore name resolution blocks, as does
libpcap and hence all programs using libpcap to read pcap-ng files.
I was more thinking
On Feb 8, 2012, at 8:05 AM, Anders Broman wrote:
> Should it be safeguarded with a preference?
No. Older versions of Wireshark will ignore name resolution blocks, as does
libpcap and hence all programs using libpcap to read pcap-ng files.
___
Hi,
Getting WS to add a Name resolution block seems to be a simple patch
Index: file.c
===
--- file.c (revision 1249)
+++ file.c (working copy)
@@ -3786,6 +3786,9 @@
goto fail;
}
+ /* Add address resolution
Jonathan S. Weissman writes:
> What's the difference between ip.src and ip.src_host (and ip.dst and
ip.dst_host and ip.addr vs ip.host)?
>
> They return the same results, so what exactly does the "type" do?
If you enable network name resolution and the IP address resolves to a host
name, you wi
> -Original Message-
> From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-
> boun...@wireshark.org] On Behalf Of Jose Pedro Oliveira
> Sent: Sunday, January 29, 2012 10:26 PM
> To: Developer support list for Wireshark
> Subject: Re: [Wireshark-dev] Merging capture files of diff
On Wed, Feb 8, 2012 at 3:16 PM, Jeff Morriss wrote:
> Joerg Mayer wrote:
> [...]
>
> So more than half of all the stuff is added by using proto_tree_add_text.
>> As long as the ratio is that way, people are likely to continue using it
>> inside this dissector.
>> Any volunteer(s) to get this down
On Wed, Feb 08, 2012 at 09:16:48AM -0500, Jeff Morriss wrote:
> Joerg Mayer wrote:
> [...]
>> So more than half of all the stuff is added by using proto_tree_add_text.
>> As long as the ratio is that way, people are likely to continue using it
>> inside this dissector.
>> Any volunteer(s) to get th
Joerg Mayer wrote:
[...]
So more than half of all the stuff is added by using proto_tree_add_text.
As long as the ratio is that way, people are likely to continue using it
inside this dissector.
Any volunteer(s) to get this down to some sane level by replacing it by
proto_tree_add_item and adding
Hi
Short question, two actually. First, there are some entries in the
fuzz-menagerie, which do not work, as they are patches. Shouldn't they
be removed from the test all together? And my second question, I have
added some example capture files to
http://wiki.wireshark.org/SampleCaptures#openSAFETY
What's the difference between ip.src and ip.src_host (and ip.dst and
ip.dst_host and ip.addr vs ip.host)?
http://www.wireshark.org/docs/dfref/i/ip.html lists one as a type "Character"
and another as type "IPv4 address"
ip.dst IPv4 address Destination 1.0.0 to 1.6.5
ip.dst_host Character s
11 matches
Mail list logo
