Ethereal-users: [Ethereal-users] Wouldn't it be cool if....

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Alistair.McGlinchy@xxxxxxxxxxxxxxxxxxxxx
Date: Wed, 17 Apr 2002 21:17:54 +0100
Hi All,

Having had a good "ethereal day" today. I just thought I'd post a few
wish-list ideas in the hope of stirring the imagination of the developers.
These start off as simple tweaks and get progressively more 

Wouldn't it be cool if....
1) [T]Ethereal had a trace summary option: 
EG number of packets, bytes in trace, trace duration, start time, trace file
format, trace quality.

2) Editcap's flags were tidied up a bit. 
Input Files
	ethereal [-r] file # optional flag -r 
	tethereal -r file  # mandatory -r 
	editcap file       # -r is used for frame numbers! 
Output Files
	tethereal -w file  # mandatory -w 
	ethereal  -w file  # mandatory -w
	editcap file       # -w has no meaning.

I suggest the -r option for editcap be changed to another letter and -w and
-r be applied as per ethereal's I/O flags.

3) There was a portable default config file containing such options as.
 - Whether to default to promiscuous or non promiscuous mode when tracing.
 - Whether to enable name resolution
 - Which timestamp to use.  
 - Which display column settings to use
Such a config file would be handy for site installs.

4) Editcap could read tethereal -V output to recreate a trace file.
This would be very useful when sending traces with sensitive IP addresses,
or login requests, to 3rd parties for analysis.  It'd be way groovy to
write:

tethereal -V -r  senisitive.trc | 
	perl -pe"s#1\.2\.3\.4#5\.6\.7\.8#g" | 
	editcap -w safe.trc

I'm sure there are some nasty implications for this, CRC recalculations etc.
But it looks cool like that.

5) Tethereal could write to file and STDOUT at the same time. 
I'd like to display trace summary statistics beyond frame count while traces
are going on. Also its useful to know whether your tethereal created
trace-file contains the conversations your interested in without having to
restart. My normal tethereal session is run tethereal  to STDOUT, run a ping
to ensure I can see the conversation, then restart with the -w flag. 

6) Ethereal and Tethereal could configure and download traces from RMON
compliant probes. [Ooh that's asking a bit much isn't it :-)]


Well thats my 2 cents worth...

Alistair
> ----------------------------------------------------------------------
> Alistair McGlinchy,           alistair.mcglinchy@xxxxxxxxxxxxxxxxxxxxx
> Sizing and Performance, Central IT,   ext. 5012,   ph +44 20 7268-5012
> Marks and Spencer, 3 Longwalk Rd, Stockley Park, Uxbridge UB11 1AW, UK 
> 


-----------------------------------------------------------------------


Registered Office:
Marks & Spencer p.l.c
Michael House, Baker Street,
London, W1U 8EP
Registered No. 214436 in England and Wales.

Telephone (020) 7935 4422 
Facsimile (020) 7487 2670

www.marksandspencer.com

Please note that electronic mail may be monitored.

This e-mail is confidential. If you received it by mistake, please let us know and then delete it from your system; you should not copy, disclose, or distribute its contents to anyone nor act in reliance on this e-mail, as this is prohibited and may be unlawful.

The registered office of Marks and Spencer Financial Services Limited, Marks and Spencer Unit Trust Management Limited, Marks and Spencer Life Assurance Limited and Marks and Spencer Savings and Investments Limited is Kings Meadow, Chester, CH99 9FB.