|
Thank you for the input. I think the "hosts" is what I am trying to do. Aliases is when a
name is given to a particular device to make it easier for humans to read. For
example, instead of listing a packet using its IP address, we replace the
IP address with a human readable name i.e. "backbone_router". This makes it much
easier to scan the packet window and to know which device created a particular
packet.
We reveiwed the documentation regarding hosts. (now
that we know what it is called, thank you again)
When I attempted to use the hosts definition in
Wireshark, I defined a plain text file named "hosts" and placed it in
c:\users\colfaxnet\appdata\roaming\wireshark. (yes, I'm
using Vista) The path is the one listed in "help, about Wireshark,
Folders, Personal configuration". The entries in the "hosts" file are in
the following form:
xxx.xxx.xxx.xxx backbone_router
xxx.xxx.xxx.xxx backbone_router (we have two
different subnets on the same router)
We only have two entries to start. We tried
reloading the open capture file using "view, reload" and we also closed and
reloaded Wireshark and then re-opened the capture file. Each time the packets
containing the IP address are still listed as the IP address and not
as "backbone_router".
Is this because the capture file was created
without the hosts file? It appears that the hosts file should be re-read when
Wireshark is loaded or "reload" is selected from the view menu.
Again, thank you for your input.
Corey
| 