As buckheit said:
>
> Hi,
>
> Just downloaded and compiled gtk 1.0.6 & ethereal 0.4.1 on
> PowerMac/Linuxppc. It seems to work ok (some long delays and
> lockups...but its alpha, right???). I noticed on the web page some
> mention of real-time viewing of packets, yet I can not figure out how to
> do this. Can any one help me??
You can analyze "live" data by running etheral as root and using
the capture options. That's as live as it gets right now.
The slow-downs you see might be DNS related. Try ethereal with
the "-n" command line option, which disables name-lookup, to see
if performance improves. DNS lookups will slow you down if your DNS
resolution occurs over a slow link (i.e., modem).
Lockups are definitely interesting. I had some bad code in
the BOOTP/DHCP section that caused an infinite loop. This has been fixed,
but there might be other such bugs lurking. Do you have a pcap file
(tcpdump output) that consistently causes a lockup? If so, can
you send me a copy (or send it to ethereal-dev@xxxxxxxx)? Just
make sure your packet capture didn't capture any passwords... :-)
(a note to ethereal developers: maybe we should provide a debug
mode that lists each packet to stdout as it's being dissected, so
that if a dissect() routine *is* causing a lock-up, we'll know
which frame in that pcap file is finding our bug)
--gilbert
--
Gilbert Ramirez Voice: +1 210 358 4032
Technical Services Fax: +1 210 358 1122
University Health System San Antonio, Texas, USA
