Wireshark · Wireshark-users: Re: [Wireshark-users] Wireshark V1.4 Display Filter Syntax Highlighting

Wireshark-users: Re: [Wireshark-users] Wireshark V1.4 Display Filter Syntax Highlighting

From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>

Date: Tue, 02 Nov 2010 11:00:25 -0400

Keith French wrote:

I've noticed that apart from the normal green or red background colours used for display filter syntax highlighting, a new colour of amber or yellow has been introduced. I am guessing this cam in in V1.4.0 or 1.4.1. What is its significance?


Actually it was there in 1.2 too.

If I enter a filter such as:-

rtp.p_type eq 97   it is green

If I use:-

rtp.p_type ne 97   it is amber

Is this just a warning in case you have used the classic mistake of:-

ip.addr ne 10.10.10.10

Yes. There should be a warning explaining the color in the... I guessit's a status bar in the lower-left corner (the same place that thefield explanation and the field's dfilter are shown when you select aprotocol item).

Follow-Ups:
- Re: [Wireshark-users] Wireshark V1.4 Display Filter SyntaxHighlighting
  - From: Keith French

References:
- [Wireshark-users] Wireshark V1.4 Display Filter Syntax Highlighting
  - From: Keith French

Prev by Date: [Wireshark-users] Wireshark V1.4 Display Filter Syntax Highlighting
Next by Date: Re: [Wireshark-users] Can't play back voip when the codec is speex.
Previous by thread: [Wireshark-users] Wireshark V1.4 Display Filter Syntax Highlighting
Next by thread: Re: [Wireshark-users] Wireshark V1.4 Display Filter SyntaxHighlighting
Index(es):
- Date
- Thread