Wireshark-users: Re: [Wireshark-users] Right-click and open a tcp stream in anew window?
From: "Alex Lee" <Alex.Lee@xxxxxxxxxxxx>
Date: Thu, 28 Jun 2007 11:16:51 -0700
A lot of my logic usually just requires either a back button or just
open in a new window and closing it when I don't see what I'm looking
for. For our product and application behavior that we tend to look at,
its either multiple tcp streams or within a stream, we look for either
tcp.flags and/or application commands. All this analysis does effect how
the pull down menu pops/pushes the first (high level) entry we initially
apply if we're given only a single instance window. 

Also, the pull down filter menu, it doesn't display really long filter
expressions and multiple expressions tend to look alike (at least the
first 100 characters or so). 

I have a pretty strong (or I'd like to believe) PC and figured something
like this could be easily incorporated efficiently w/out having to
re-read from the disk/share?

 
Thanks,
Alex Lee
Riverbed Technology
 

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Stephen
Fisher
Sent: Thursday, June 28, 2007 10:59 AM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Right-click and open a tcp stream in anew
window?

On Wed, Jun 27, 2007 at 10:31:57PM -0700, Alex Lee wrote:

> I do a lot of these a lot for work:
> 
> Tcp.flags.syn == 1 && tcp.flags.ack == && tcp.port == <some app>
> 
> A lot of times I need to follow each new connection's stream but often
> times, I end up not finding what I need in the first few streams. Is
> it possible to add a right-click open-in-new-windows the "follow tcp
> stream"?
> 
> Or
> 
> Add a "back" button to bring you back to the original filter string?

Is the filter box drop-down list not helpful in this case?  The previous
filter string will be listed at the bottom of the list.


Steve
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users