Wireshark-bugs: [Wireshark-bugs] [Bug 8269] can't search hex string in the current packet and hi
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 28 Jan 2013 23:57:56 +0000

Comment # 6 on bug 8269 from 
Another class of applications that

    1) have a display with a list of items and that can open up individual
items

and

    2) support searching within the list of items and, in some cases, within
individual items

is "mail readers".

The one I'm using is Mail.app in OS X; in the Mountain Lion version:

    there's a search box in the upper left of a viewer window, into which you
can type patterns to use to search the From: field, the To: and CC: fields, the
Subject: field, or the entire message, although this is more like a display
filter than like "find frame", as it limits the message list display to show
only messages that match the filter;

    if the input focus is in a pane showing the contents of a message,
Command+F (think Control+F in Windows and non-OS X UN*X GUIs), and Edit -> Find
-> Find... (as opposed to Edit -> Find -> Mailbox Search, which gives the
aforementioned search box the input focus) opens up another search box in the
message view pane, into which you can type a text string - it highlights in the
first occurrence of that string, and subsequent Command+F highlights the next
one - Command+G highlights the previous one, and the search box also has "<|"
(backwards search, "|>" (forwards search), and "Done" buttons.

I'm not sure the equivalent of what we have now for "Find" would be as useful
for mail messages - I'm usually looking either for a particular message or for
the thread containing a particular message, not for "every message from Gerald"
or "every message that contains the string "git clone"", so limiting the
display and letting me see which one is the one I want, and the selecting it
and, if I want the thread, possibly clearing the search bar and hoping that the
message will remain selected does the trick - but I *can* see it as useful for
packet lists ("ok, what's the *next* {NFS,SMB,AFP,NCP,...} packet that refers
to the "foo.txt" file?), so exactly matching what Mail.app does probably
doesn't suffice.

One Wireshark equivalent might be to:

    if the packet list pane is selected, have "Find" do a search for packets
with a given characteristic, and, if the search involves a packet filter, also
highlight, in the matching packet's detail pane, all items that the filter
matches, with "find next" going to the next packet and "find previous" going to
the previous packet;

    if the packet detail pane is selected, have "Find" do a search for parts of
the packet with a given characteristic (detail pane item if it's a packet
filter, hex dump pane area if it's a raw hex bytes or string/regex filter),
with "find next" going to the next instance within the packet and "find
previous" going to the previous instance within the packet (and with neither of
them leaving the current packet).

Which of those are presented with dialog boxes and which are presented with
search boxes is another matter.

You are receiving this mail because:
  • You are watching all bug changes.