Wireshark · Wireshark-users: Re: [Wireshark-users] TCP Name Resolution for Well Know Ports Only (Windows)

Wireshark-users: Re: [Wireshark-users] TCP Name Resolution for Well Know Ports Only (Windows)

From: Julian Fielding <jfielding@xxxxxxxxxxxxxxx>

Date: Thu, 26 Feb 2009 18:46:59 +0000

Jeff Morriss wrote on Wed, 25 Feb 2009 15:07:27 -0500
>Jeffrey Walton wrote:
>> Hi All,
>>
>> How does one specify that Wireshark only perfrom tcp name resolution
>> for ports below 1024? Section 7 of the User Manual only offers an
>> all-or-nothing solution. I'm finding that the resolution of ephemeral
>> ports such as 3047 is distracting.
>>
>> I see that Guy Harris proposed two Wireshark resolution files [1], but
>> I can't tell if it has been implemented, and (if implemented) I don't
>> see where one would select either.
>>
>> Thanks,
>> Jeff
>>
>> [1] http://www.mail-archive.com/wireshark-users@xxxxxxxxxxxxx/msg04537.html
>
>I don't think anything like that has been implemented nor do I know of
>any plans to do it. You could open an enhancement in bugzilla to
>suggest it.

Meanwhile, as a workaround, why not edit Program Files\Wireshark\services ?
It's text, with only LF at end of line, so use WordPad instead of Notepad.

Note: I haven't tested this. You should, in any case, make a backup of the original file. I do something similar with another file, and use a small bat to switch between my edited version and the backup.

Julian.

Prev by Date: Re: [Wireshark-users] A strange problem with wireshark
Next by Date: Re: [Wireshark-users] A strange problem with wireshark
Previous by thread: Re: [Wireshark-users] TCP Name Resolution for Well Know Ports Only (Windows)
Next by thread: [Wireshark-users] Version 1.0.6 and SVN
Index(es):
- Date
- Thread