Lucent Technologies Ethereal User Manual

Page 6

Advertising
background image

6.6. Finding packets .................................................................................................... 113

6.6.1. The "Find Packet" dialog box ....................................................................... 113
6.6.2. The "Find Next" command .......................................................................... 114
6.6.3. The "Find Previous" command ..................................................................... 114

6.7. Go to a specific packet .......................................................................................... 115

6.7.1. The "Go Back" command ............................................................................ 115
6.7.2. The "Go Forward" command ....................................................................... 115
6.7.3. The "Go to Packet" dialog box ..................................................................... 115
6.7.4. The "Go to Corresponding Packet" command .................................................. 115
6.7.5. The "Go to First Packet" command ............................................................... 115
6.7.6. The "Go to Last Packet" command ................................................................ 115

6.8. Marking packets ................................................................................................... 116
6.9. Time display formats and time references ................................................................. 117

6.9.1. Packet time referencing ............................................................................... 117

7. Advanced Features .......................................................................................................... 120

7.1. Introduction ........................................................................................................ 120
7.2. Following TCP streams ......................................................................................... 121

7.2.1. The "Follow TCP stream" dialog box ............................................................ 121

7.3. Packet Reassembling ............................................................................................ 123

7.3.1. What is it? ................................................................................................ 123
7.3.2. How Ethereal handles it .............................................................................. 123
7.3.3. Reassembling is disabled by default! ............................................................. 123

7.4. Name Resolution .................................................................................................. 124

7.4.1. Ethernet name resolution (MAC layer) ........................................................... 124
7.4.2. IP name resolution (network layer) ................................................................ 124
7.4.3. IPX name resolution (network layer) ............................................................. 125
7.4.4. TCP/UDP port name resolution (transport layer) .............................................. 125

8. Statistics ....................................................................................................................... 127

8.1. Introduction ........................................................................................................ 127
8.2. The "Summary" window ........................................................................................ 128
8.3. The "Protocol Hierarchy" window ........................................................................... 130
8.4. Endpoints ........................................................................................................... 132

8.4.1. What is an Endpoint? .................................................................................. 132
8.4.2. The "Endpoints" window ............................................................................. 132
8.4.3. The protocol specific "Endpoint List" windows ............................................... 133

8.5. Conversations ...................................................................................................... 134

8.5.1. What is a Conversation? .............................................................................. 134
8.5.2. The "Conversations" window ....................................................................... 134
8.5.3. The protocol specific "Conversation List" windows .......................................... 134

8.6. The "IO Graphs" window ....................................................................................... 135
8.7. Service Response Time ......................................................................................... 137

8.7.1. The "Service Response Time DCE-RPC" window ............................................ 137

8.8. The protocol specific statistics windows ................................................................... 139

9. Customizing Ethereal ...................................................................................................... 141

9.1. Introduction ........................................................................................................ 141
9.2. Start Ethereal from the command line ....................................................................... 142
9.3. Packet colorization ............................................................................................... 146
9.4. Control Protocol dissection .................................................................................... 149

9.4.1. The "Enabled Protocols" dialog box .............................................................. 149
9.4.2. User Specified Decodes .............................................................................. 151
9.4.3. Show User Specified Decodes ...................................................................... 152

9.5. Preferences ......................................................................................................... 153

A. Configuration (and other) Files and Folders ......................................................................... 156

A.1. Windows folders ................................................................................................. 159

A.1.1. Windows profiles ...................................................................................... 159
A.1.2. Windows NT/2000/XP roaming profiles ........................................................ 160
A.1.3. Windows temporary folder ......................................................................... 160

B. Protocols and Protocol Fields ........................................................................................... 162
C. Related command line tools ............................................................................................. 163

C.1. Introduction ........................................................................................................ 163
C.2. tcpdump: Capturing with tcpdump for viewing with Ethereal ...................................... 164
C.3. tethereal: Terminal-based Ethereal ......................................................................... 165
C.4. capinfos: Print information about capture files .......................................................... 166

Ethereal User's Guide

vi

Advertising
Popular Brands
Popular manuals