Wireshark mailing list archives
Re: Proposed changes to make tcp.ack and tcp.seq relative
From: Jasper Bongertz <jasper () packet-foo com>
Date: Tue, 5 May 2020 01:24:33 +0200
Hello Peter,
A request was filed earlier to add a new "tcp.ack_rel" field to ensure that color filters can be created that always work on the relative sequence numbers independent of the "Relative sequence numbers" option. Instead of adding a new field, I propose to change the existing ones.
My proposed change:
- Change the TCP sequence number-related fields to display the relative numbers when available. Fallback to raw numbers if they are simply not available (for example, when the "Analyze TCP sequence numbers" preference is disabled).
To avoid cluttering the TCP tree with redundant fields: can we only show the absolutes if the relatives are also displayed? I don't think it's useful to show the absolutes twice.
- Modify the "Relative sequence numbers" preference to affect the displayed value in the Info column only.
Good.
- The raw fields will always be available through the existing tcp.ack_abs and tcp.seq_abs fields. Previously they were only visible when "Relative sequence numbers" was disabled. This field was added in Wireshark 3.2.
I guess you mean "were only visible when "Relative sequence numbers" was **enabled**? At least that's what my Wireshark does, unless I'm not thinking straight right now (at 1:30am, it's quite possible...) :-)
- Document these changes clearly in the release notes and corresponding user guides if needed. Are there any objections to this change?
No, sounds like a good solution (the "document clearly" is indeed critical here, I guess). And I hadn't even noticed the new way of displaying the relative sequence numbers in 3.2 yet :-) Cheers, Jasper ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Proposed changes to make tcp.ack and tcp.seq relative Peter Wu (May 04)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Jasper Bongertz (May 04)
- Re: [Wireshark-dev] Proposed changes to make tcp.ack and tcp.seq relative Peter Wu (May 04)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Jasper Bongertz (May 05)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Peter Wu (May 07)
- Re: [Wireshark-dev] Proposed changes to make tcp.ack and tcp.seq relative Peter Wu (May 04)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Jasper Bongertz (May 04)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Jim Aragon (May 04)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Peter Wu (May 07)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Jim Aragon (May 08)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Peter Wu (May 07)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Lee (May 05)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Peter Wu (May 07)
- Re: [Wireshark-users] Proposed changes to make tcp.ack and tcp.seq relative Jason Cohen (May 07)
- Re: Proposed changes to make tcp.ack and tcp.seq relative Peter Wu (May 07)
- Re: [Wireshark-users] Proposed changes to make tcp.ack and tcp.seq relative Sake Blok | SYN-bit (May 11)