Re: Packet sample repository/library?

[Jirka Novak <j.novak () netsystem cz>]

Hello,

> > > > 2) Won't be good idea to allow skip a sample from automatic testing
> > > > (because it is for GUI demonstration)?
> > >
> > > You can invoke individual tests (which is most likely what you want when
> > > you are testing changes to a single dissector). GUI versus tshark
> > > single-pass and two-pass (-2) should produce the same results.
> >
> > Maybe this isn't quite what you meant but it *is* (semi-)normal that 1- and
> > 2- pass results are different.  At least for generated fields (that require
> > information from the first pass to calculate--e.g., links to frames that
> > occur later in the capture).  [Or do those fields not show up in tshark's
> > 2nd pass either?  My memory is fading...]
>
> You are right, I was a bit imprecise. In the context of VoIP calls, when
> the 1-pass recognizes a conversation, the same conversation *should*
> also be found by the 2-pass. Indeed, dissectors can add extra
> information in the 2-pass (like a "Response in frame X" link) and these
> would show in the tshark -2 output as well.

  do you think it makes sense to store/compare 1-pass and 2-pass outputs
separated?
  If so, should it be stored for each output type (text and pdml)?

                                                Sincerely yours,

                                                        Jirka Novak


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe