Re: Global conversation

[Guy Harris <guy () alum mit edu>]

On Oct 7, 2011, at 5:51 AM, Anders Broman wrote:

> I've been contemplating the idea of making it possible to filter a "call" in the Telco world that could involve
> A multitude of protocols for example SIP, DIAMETER, H248, ISUP, BICC and a number of Mobile protocols. I suppose this 
> is
> What mate tries to do.

Has anybody written "MATE For Dummies"?  It sounds fascinating and powerful, but I've never taken the time to look at 
it in detail, and it looks as if it has a steep learning curve.

> Perhaps it could be done if we had a Global conversation to which you cold add a
> List of per protocol conversations. One problem is to make it generic enough and in this particular scenario the 
> subscriber number or similar would be the thing gluing the conversations together and that would only be
> Available in some messages. Another problem is when to create the global conversation e.g. what is the start.

Presumably by "a global conversation" you mean "a set of global conversations", i.e. that there wouldn't be a *single* 
global conversation - if you have multiple calls in a capture, each one would have a global conversation.

The notion of a conversation being associated with a "protocol" in a broader sense than "a registered Wireshark 
protocol" would appear elsewhere, e.g. an NFSv2 or NFSv3 conversation could include mount, lock manager, quota daemon, 
etc. traffic.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe