Wireshark-users: [Wireshark-users] embed comments and notes into trace?
From: "Alan Jay Weiner" <a.weiner@xxxxxxxxxx>
Date: Wed, 19 Nov 2008 07:59:49 -0500
Hi everyone,
I want to put short notes and commentary into traces as they are being
captured:

	(time, src/dest etc normal stuff)     (in info area:)   starting
doing something-or-other
		(normal capture; lots of packets)
	(normal stuff for packet)				more things
I want to note as they happen
		(normal capture; lots of packets)
	(normal stuff for packet)				ended doing
something-or-other
	(normal stuff for packet)				several more
lines
	(normal stuff for packet)				of useful
notes
	(normal stuff for packet)				and
blah-blah-blah

 
I was thinking along the lines of sending a UDP message to an invalid MAC
address, or to myself or something like that; ignored by all hosts and
certainly not sent out to the world.
Ideally it would just show up as the message without a lot of dissection
words, and without selecting it and having to select it and look at the
dissected area.

Does anyone know of a protocol I can use in this way?  It seems to me I
remember something like this, but I’ll be darned if I can find it now.  I
can mis-use something - send a DNS query to "starting doing
something-or-other" but the info line will have other cruft on it ("standard
query A starting doing something-or-other").
 
- Al Weiner -
 
----------------------------------------------------------------------------
Alan Jay Weiner / Valid8.com, Inc. - Conform, Perform & Excel(tm)
500 W Cummings Park, Suite #2700, Woburn, MA 01801, USA
a.weiner@xxxxxxxxxx / Tel:+1-781-938-1221 x112, Fax +1-781-207-0550
http://www.VALID8.com