Wireshark mailing list archives

Re: Transport name resolution

From: Jeff Morriss <jeff.morriss.ws () gmail com>
Date: Tue, 17 Sep 2013 15:03:38 -0400

On 09/16/13 16:49, Guy Harris wrote:


On Sep 16, 2013, at 1:39 PM, Jeff Morriss <jeff.morriss.ws () gmail com> wrote:

On 09/16/13 16:04, Guy Harris wrote:


On Sep 16, 2013, at 12:44 PM, Anders Broman <a.broman () bredband net> wrote:

If we decide to have it default off perhaps we shouldn't default to write
User Datagram Protocol, Src Port: 60000 (60000), Dst Port: 13868 (13868) but rather
User Datagram Protocol, Src Port: 60000 , Dst Port: 13868


Yes, and the same applies for network addresses, if we're not already doing that.


Defaulted to off (i.e., a preference) or off by code?


I was thinking "off by code", i.e. stay away from the Department of Redundancy Department.

If we have a preference (for services or network addresses) I think keeping the same format:

User Datagram Protocol, Src Port: 60000 (60000), Dst Port: 13868 (13868)


is actually a good thing because then tshark output parsers don't have to worry about whether or not the preference is 
set.


TShark output parsers not made of neurons should probably be parsing "-T {psml,pdml,fields}" output.  (TShark output 
parsers made of neurons generally handle ambiguities and format differences a lot better than TShark output parsers made of code.)


Yes, I that's true.

But I can, without thinking, write up a quick script that pulls thethings I need out of the normal tshark -V output. The times (or"time"?) I tried to extract data from a *ml format I spent hours tryingto figure out how and where to *start*. Eventually I gave up.

I think others have had the same problem which is why everytshark-output-reading script I personally know of parses the "-V" output.


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Re: Transport name resolution, (continued)
- Re: Transport name resolution Guy Harris (Sep 16)
  - Re: Transport name resolution Jeff Morriss (Sep 16)
    - Re: Transport name resolution Anders Broman (Sep 16)
    - Re: Transport name resolution Guy Harris (Sep 16)
    - Re: Transport name resolution Dirk Jagdmann (Sep 16)
    - Re: Transport name resolution Bill Meier (Sep 16)
    - Re: Transport name resolution Guy Harris (Sep 16)
    - Re: Transport name resolution Dirk Jagdmann (Sep 16)
    - Re: Transport name resolution Jeff Morriss (Sep 16)
    - Re: Transport name resolution Guy Harris (Sep 16)
    - Re: Transport name resolution Jeff Morriss (Sep 17)
    - Re: Transport name resolution Jakub Zawadzki (Sep 16)