Re: [GSoC] Packet Editor and Viewer

[Guy Harris <guy () alum mit edu>]

On Apr 15, 2013, at 1:57 PM, Edwin Abraham <edwin.abraham12 () gmail com> wrote:

> I agree on the confusion. The initial thought when I saw the project details on the Wireshark GSoC page was that a 
> platform to design dissectors based on existing data.

That's an interesting idea, but that's not any of the current GSoC proposals.  Perhaps it should be.

> My thought about the Packet Editor environment was to have a UI that can be used for multiple functions. Packet 
> editing, Creating Filter/Dissectors, Tools making listener. The main function would be to extend the editcap 
> capabilities to the GUI.

...which means deleting entire packets (-A and -B; -d, -D, and -w; and the packet range arguments and -r), tweaking 
time stamps (-S and -t), removing data from all or specified packets (-C and -s).

The randomly-trash-data-in-the-packet function is there for fuzz-testing, and probably doesn't need to be in Wireshark.

The other functions are for splitting capture files up; that would probably be done in a function under the File menu 
in an Export function; it's not an interactive editing function.

The only editcap functions that involve editing packet data are the ones that chop data from the beginning or end of 
the packet; there's nothing that resembles the current (not configured in by default) packet editor UI. 

> After filtering out and selecting the required packets, they are opened in the Packet Editor UI. The packets can be a 
> capture file or a capturing device

"A capturing device" is, in effect, a capture file; if you're doing, or have done, a live capture, Wireshark has a 
capture file open that contains the captured packets.

> but the filter has to narrow down the packet editing.
> The UI will have three sets of toolbar and options (editcap,dissector,listener) to manipulate the packet. 
>
> There will also exist a viewing tools to change how the selection of packets are percieved. Like data can be 
> represented as HEX/BIN/ASCII with help of toggle switches.

To which data are you referring?  A particular field?

> Below is a rough idea of how the UI can look like.

Static views of a UI don't always indicate very much.

Could you describe a typical task that would be done with the UI, by walking through the operations that would be done 
with the UI elements?
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe