I just ran across ethereal. Thanks for a wonderful program!
One feature that I've wanted for a long time in sniffing programs is
something suitable for analyzing TCP-based ASCII protocols like http
and smtp.
When running ethereal itself, the Tools/Follow TCP Stream
feature is nice.
But it would be really handy to be able to do that with tethereal
also, via an option that takes a filter or (when reading a capture
file) a packet number to indicate which tcp stream to watch.
It would help to provide output in a format that differentiates
packets sent in each direction. The hex version of the TCP Stream
display in ethereal does that, but the ascii display doesn't provide
any differentiation. A hex/ascii format would be great.
Also, a way to save the captured stream data in a file would be
very helpful. Hmmm - maybe an XML format for describing the data
would be handy - does such a thing exist? It could provide
timestamps, separation of streams in each direction, etc.
Outputing two files, one showing the stream from A to B and the other
showing it from B to A would be easier, and also very handy.
Are there other programs that do this already?
Cheers,
Neal McBurnett <neal@xxxxxxxxxxxxxxxxx> 303-538-4852
Avaya Communication / Internet2 / Bell Labs / Lucent Technologies
http://bcn.boulder.co.us/~neal/ (with PGP key)
