Ethereal-dev: RE: [Ethereal-dev] Transform "H323 Conversations" to a more gener ic "VoIP Conve

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Francisco Alcoba (TS/EEM)" <francisco.alcoba@xxxxxxxxxxxx>
Date: Wed, 27 Oct 2004 08:08:33 +0200
> I think for the "flow or analysis display" will be better to be a
> "graphic" instead of just a "list". The "conversation list" 
> will fill a
> structure when the "call" is selected to analysis. This structure is
> like:
> "Time"
> "IP:port src"
> "IP:port dst"
> "Protocol"
> "Message": with any additional info like: "SETUP 12345"
> "Comment": additional comments 
> 
> And then the "flow display" will have to display something like:
> 
> Time  Protocol       Node_A		Node_B		Node_C
> Comments
> 1:00	H323_H225      SETUP 12345 --->
> FastStart 
> 1:00  H323_H225                      SETUP 12345 --->
> FastStart
> 1:01  H323_H225                             <--- CALL PROC
>  
> The "Node_X" will be identified by just IP address (not the port). So
> the "flow display" will dynamically add more nodes if it is necessary.
> 

Hi,

Unfortunately I'm still trying to find my way around GTK, so I don't really know the difference, but "graphic" sounds to me like something that might make it impossible to select a packet. Is it so? What I mean is that, in the current "analyze" option for H323 conversations, you can click on a packet and make the main window go to it, and so you can see its complete decoding. I think that is really useful, and it would be good to maintain.

If, on the other hand, by graphic you mean that it will show the nodes and the direction the packet is taking, I totally agree. I think the easiest -and maybe most practical- way to do it would be to use the "Info" field to describe the packet, since each dissector is already putting there a summary of the most important data, so you just need to pick it out, and it is generic. The problem is the size and the way to put it in the window. It might help to do it on a specific column, something like:


  Time | 10.1.1.1 | 11.1.11.1 | 3.3.3.3 | Protocol | Info 

   1       ----------->	 			SIP/SDP	Request: INVITE sip:333...          
   2                  -----------> 		SIP/SDP	Request: INVITE sip:333...          
   3       <--------------------- 		SIP		Status: 401 Unauthorized
   4       ---------------------->		SIP		Request: ACK...

If it works like that, you can use it for any protocol, like HTTP, or WAP, anytime you think the flow display is useful. That's why I think it would be better not to make it VoIP-specific, and make it depending on the main window, not on the H323 one.

Regards,

  Francisco