Ethereal-dev: Re: [ethereal-dev] Graphs

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <gharris@xxxxxxxxxxxx>
Date: Wed, 15 Sep 1999 02:03:06 -0700
> 	Note: these are all intended to be Real-Time graphs.  I intend to
> use every item listed below in Synchronous mode.

"Synchronous mode" as in the "-S" flag, where the display updates as
packets are captured?

Note that, even in that mode (which probably isn't as cheap as a
non-"-S" capture, due to e.g. time spend updating the display), doing a
full protocol tree decode might be expensive.

An alternative might be to decode just enough to get the network-layer
source and destination addresses, and TCP/UDP port number (and perhaps
its equivalent, if any, in other transport-layer protocols) - note that
all of those can be shown in the summary line for the frame, and are
also provided (at least for IP) in the "packet_info" structure, for the
benefit of decoders.