User Guide

6.4. Building display filter expressions ........................................................... 110

6.4.1. Display filter fields .................................................................... 110

6.7.1. The "Find Packet" dialog box ....................................................... 118

6.7.2. The "Find Next" command .......................................................... 119

6.7.3. The "Find Previous" command ..................................................... 119

6.8. Go to a specific packet .......................................................................... 120

6.8.1. The "Go Back" command ............................................................ 120

6.8.2. The "Go Forward" command ....................................................... 120

6.8.3. The "Go to Packet" dialog box ..................................................... 120

6.8.4. The "Go to Corresponding Packet" command .................................. 120

6.8.5. The "Go to First Packet" command ............................................... 120

6.8.6. The "Go to Last Packet" command ................................................ 120

7.2.1. The "Follow TCP Stream" dialog box ............................................ 126

7.3. Time Stamps ....................................................................................... 128

7.3.1. Wireshark internals .................................................................... 128

7.3.2. Capture file formats ................................................................... 128

7.3.3. Accuracy .................................................................................. 128

7.4. Time Zones ......................................................................................... 130

7.4.1. Set your computer's time correct! .................................................. 131

7.4.2. Wireshark and Time Zones .......................................................... 131

7.5. Packet Reassembling ............................................................................ 133

7.5.1. What is it? ................................................................................ 133

7.6.5. TCP/UDP port name resolution (transport layer) .............................. 136

7.7. Checksums ......................................................................................... 137

7.7.1. Wireshark checksum validation .................................................... 137

7.7.2. Checksum offloading .................................................................. 138

8. Statistics ....................................................................................................... 140

8.1. Introduction ........................................................................................ 140

8.2. The "Summary" window ........................................................................ 141

8.3. The "Protocol Hierarchy" window ........................................................... 143

8.4. Endpoints ........................................................................................... 145

8.4.1. What is an Endpoint? .................................................................. 145

8.6. The "IO Graphs" window ....................................................................... 148

8.7. Service Response Time ......................................................................... 150

8.7.1. The "Service Response Time DCE-RPC" window ............................ 150

8.8. The protocol specific statistics windows ................................................... 152

9. Customizing Wireshark .................................................................................... 154

9.1. Introduction ........................................................................................ 154

9.2. Start Wireshark from the command line .................................................... 155