User Guide

Wireshark User's Guide

viii

11.12.3. Tvb ................................................................................................... 192

11.12.4. TvbRange .......................................................................................... 194

11.12.5. UInt .................................................................................................. 197

11.13. Utility Functions ........................................................................................... 197

11.13.1. Dir .................................................................................................... 197

11.13.2. Non Method Functions ......................................................................... 198

A. Files and Folders ........................................................................................................ 201

A.1. Capture Files ................................................................................................... 201

A.1.1. Libpcap File Contents ............................................................................. 201

A.1.2. Not Saved in the Capture File .................................................................. 201

A.2. Configuration Files and Folders .......................................................................... 202

A.2.1. Protocol help configuration ...................................................................... 206

A.3. Windows folders .............................................................................................. 208

A.3.1. Windows profiles ................................................................................... 208

A.3.2. Windows 7/Vista/XP/2000/NT roaming profiles ........................................... 209

A.3.3. Windows temporary folder ...................................................................... 209

B. Protocols and Protocol Fields ........................................................................................ 210

C. Wireshark Messages .................................................................................................... 211

C.1. Packet List Messages ........................................................................................ 211

C.1.1. [Malformed Packet] ................................................................................ 211

C.1.2. [Packet size limited during capture] ........................................................... 211

C.2. Packet Details Messages .................................................................................... 211

C.2.1. [Response in frame: 123] ......................................................................... 211

C.2.2. [Request in frame: 123] ........................................................................... 211

C.2.3. [Time from request: 0.123 seconds] ........................................................... 212

C.2.4. [Stream setup by PROTOCOL (frame 123)] ................................................ 212

D. Related command line tools .......................................................................................... 213

D.1. Introduction ..................................................................................................... 213

D.2. tshark: Terminal-based Wireshark ...................................................................... 213

D.3. tcpdump: Capturing with tcpdump for viewing with Wireshark ................................ 215

D.4. dumpcap: Capturing with dumpcap for viewing with Wireshark ............................... 215

D.5. capinfos: Print information about capture files ...................................................... 216

D.6. rawshark: Dump and analyze network traffic. ...................................................... 218

D.7. editcap: Edit capture files .................................................................................. 218

D.8. mergecap: Merging multiple capture files into one ................................................ 222

D.9. text2pcap: Converting ASCII hexdumps to network captures ................................... 223

D.10. idl2wrs: Creating dissectors from CORBA IDL files ............................................ 226

D.10.1. What is it? .......................................................................................... 226

D.10.2. Why do this? ....................................................................................... 226

D.10.3. How to use idl2wrs .............................................................................. 226

D.10.4. TODO ................................................................................................ 228

D.10.5. Limitations .......................................................................................... 228

D.10.6. Notes ................................................................................................. 228

E. This Document's License (GPL) .................................................................................... 229