User Guide

ManualsBrandsWireshark ManualsSoftwareWireshark Wireshark - 1.0

8.5.2. The "Endpoints" window ............................................................. 155

8.5.3. The protocol specific "Endpoint List" windows ............................... 156

8.6. The "IO Graphs" window ....................................................................... 157

8.7. WLAN Traffic Statistics ........................................................................ 159

8.8. Service Response Time ......................................................................... 160

8.8.1. The "Service Response Time DCE-RPC" window ............................ 160

8.9. The protocol specific statistics windows ................................................... 162

9. Customizing Wireshark .................................................................................... 164

9.1. Introduction ........................................................................................ 164

9.2. Start Wireshark from the command line .................................................... 165

9.3. Packet colorization ............................................................................... 171

9.4. Control Protocol dissection .................................................................... 174

9.4.1. The "Enabled Protocols" dialog box .............................................. 174

9.4.2. User Specified Decodes .............................................................. 176

9.4.3. Show User Specified Decodes ...................................................... 177

9.5. Preferences ......................................................................................... 178

9.5.1. Interface Options ....................................................................... 179

9.6. Configuration Profiles ........................................................................... 180

9.7. User Table .......................................................................................... 183

9.8. Display Filter Macros ............................................................................ 184

9.9. GeoIP Database Paths ........................................................................... 185

9.10. Tektronix K12xx/15 RF5 protocols Table ................................................ 186

9.11. SCCP users Table ............................................................................... 187

9.12. SMI (MIB and PIB) Modules ................................................................ 188

9.13. SMI (MIB and PIB) Paths .................................................................... 189

9.14. SNMP users Table .............................................................................. 190

9.15. User DLTs protocol table ..................................................................... 191

10. Lua Support in Wireshark ............................................................................... 193

10.1. Introduction ....................................................................................... 193

10.2. Example of Dissector written in Lua ....................................................... 194

10.3. Example of Listener written in Lua ........................................................ 195

10.4. Wireshark's Lua API Reference Manual .................................................. 196

10.4.1. Saving capture files .................................................................. 196

10.4.2. Obtaining dissection data ........................................................... 198

10.4.3. GUI support ............................................................................ 200

10.4.4. Post-dissection packet analysis ................................................... 205

10.4.5. Obtaining packet information ..................................................... 206

10.4.6. Functions for writing dissectors .................................................. 210

10.4.7. Adding information to the dissection tree ...................................... 222

10.4.8. Functions for handling packet data .............................................. 223

10.4.9. Utility Functions ...................................................................... 229

A. Files and Folders ............................................................................................ 233

A.1. Capture Files ...................................................................................... 233

A.1.1. Libpcap File Contents ................................................................ 233

A.1.2. Not Saved in the Capture File ...................................................... 233

A.2. Configuration Files and Folders ..............................................................235

A.3. Windows folders ................................................................................. 240

A.3.1. Windows profiles ...................................................................... 240

A.3.2. Windows Vista/XP/2000/NT roaming profiles ................................ 240

A.3.3. Windows temporary folder ......................................................... 240

B. Protocols and Protocol Fields ........................................................................... 243

C. Wireshark Messages ....................................................................................... 244

C.1. Packet List Messages ............................................................................ 244

C.1.1. [Malformed Packet] ................................................................... 244

C.1.2. [Packet size limited during capture] .............................................. 244

C.2. Packet Details Messages ....................................................................... 245

C.2.1. [Response in frame: 123] ............................................................ 245

C.2.2. [Request in frame: 123] .............................................................. 245

C.2.3. [Time from request: 0.123 seconds] .............................................. 245

C.2.4. [Stream setup by PROTOCOL (frame 123)] ................................... 245

D. Related command line tools ............................................................................. 247

D.1. Introduction ........................................................................................ 247

D.2. tshark: Terminal-based Wireshark ......................................................... 248

Wireshark User's Guide

vii