Thank you again! And apologies about the confusion!
What I truly mean...
When the 'Update list of packets in real time' is checked, 'Use ring
buffer' goes gray and is unavailable. This is 'new' to this release.
This is what I meant (even though it did not come out that way!).
Jason
On Tue, 2003-12-16 at 17:12, Guy Harris wrote:
> On Dec 16, 2003, at 1:34 PM, Jason wrote:
>
> > Turned off network name resolution. Seems to be better. Of course now
> > it does not resolve the names which in turn, I can not see quickly
> > where
> > individuals are 'surfing'. (Doing audits on networks.) Is this a bug
> > of some sort?
>
> The problem is that
>
> 1) there's no upper bound, other than the name resolution client-side
> code, on the length of time it could take to do a name resolution,
> because it's often done over the network (DNS or, even worse, NetBIOS
> Name Service on Windows; the way NBNS works means that a name lookup
> that fails can take a *significantly* long time, as you do the lookup
> by sending a "who are you?" packet to the IP address you're trying to
> look up, but if they don't have NBNS code running - and non-Windows
> machines aren't likely to have it running - you get no reply back,
> other than perhaps an ICMP "port unreachable" error, but I don't know
> whether the NBNS client code on Windows sees that);
>
> 2) the standard API for doing name lookups is synchronous, meaning it
> blocks until the name is resolved;
>
> 3) that's done in the same thread of control that responds to user
> input;
>
> so the UI can become unresponsive to user input for a significant
> period of time.
>
> There are asynchronous name resolution APIs in Windows
> (WSAAsyncGetHostByName and WSAAsyncGetHostByAddr), but, as Ethereal on
> Windows doesn't use the native Windows toolkit, it might be difficult
> to use it (the async routines deliver a message to a window when the
> lookup completes).
>
> There is, unfortunately, no standard UNIX API for asynchronous name
> resolution. (APIs like the Windows one wouldn't work very well, as
> they
>
> 1) assume you *have* a window, which isn't necessarily the case - even
> on Windows (on Windows, presumably windowless server applications use
> threads, and command-line applications just block until the name
> resolution succeeds or fails)
>
> 2) assume a particular window system with a particular style of input
> event delivery.)
>
> There's the GNU ADNS API, which Ethereal can be built to use, although
> it doesn't support name resolution mechanisms other than DNS (host
> files, NIS, NBNS on Windows, etc.).
>
> > And yes - I do mean Update list of packets in real time and also
> > capturing to file.
>
> What do you mean by "capturing to file"? I'm able to specify "Update
> list of packets in real time" and specify a file name in the "File:"
> text box in Ethereal captures.
>
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users