Re: Enabling/disabling ANY heuristic dissector

[Pascal Quantin <pascal.quantin () gmail com>]

Le 13 juil. 2015 3:32 PM, <mmann78 () netscape net> a écrit :
> I thought somebody might complain about something like this, but I was
more focused on the Wireshark (packet) context menu, where I was less
inclined to make changes.  This however seems like a more valid use case to
consider.  My question back would be - what "string" should be used by
tshark?  The "display name" can have some undesirable characters in it from
a command line perspective (ie probably require quotes), and the "internal"
short name string isn't otherwise exposed for users to learn what is.
> Should the "short name" be exposed on the tabbed dialog so users can
learn it to apply it to a (new) tshark option?
>

I think we should expose the short name to users.
Preferences have their internal name displayed in a pop-up. We could either
do the same, or have the internal name explicitly displayed in a column.
Should the enabled / disabled heuristic protocol given in the command line
be ephemeral or persistent? I believe it should be the former, like the DL
mapping value you can indicate manually in the command line and that does
not get stored.

Pascal.

> -----Original Message-----
> From: Pascal Quantin <pascal.quantin () gmail com>
> To: Developer support list for Wireshark <wireshark-dev () wireshark org>
> Sent: Mon, Jul 13, 2015 9:21 am
> Subject: Re: [Wireshark-dev] Enabling/disabling ANY heuristic dissector
>
>
> Le 13 juil. 2015 3:03 AM, <mmann78 () netscape net> a écrit :
> > With:
> >
> > https://code.wireshark.org/review/9508/
> > https://code.wireshark.org/review/9610/
> > (and already submitted https://code.wireshark.org/review/9602/)
> >
> > I consider this "feature complete enough for now".  If Qt wants to
provide a better "user interface" for "heuristics in general", it certainly
has some flexibility to do so.  Unless there are major issues/comments,
I'll submit in a few days (presuming all pass Petri-Dish)
> Hi Michael,
> Sorry I come late in the discussion. I do not have access to a computer
right now so I cannot easily look at the patch (the latest Gerrit diff page
is rather smartphone unfriendly) but is there a way to activate heuristic
dissectors from tshark / wireshark command line? I use an external tool
launching both programs with the right command line and it would be a real
functionality loss if it could not be done anymore.
> Note that I consider your overall goal as a good achievement (it was
frustrating not to be able to deactivate easily some weak heuristics) but I
would dislike losing the ability to activate on demand a given heuristic
that is deactivated by default for performance reasons.
> Pascal.
___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe