bmcmanus wrote:
I couldn't identify where to send this from the on-line docs. I apologize if this is the wrong group. Moderator, if
this is not the appropriate group, please forward this request to the correct address.
For a relatively simple (I assume...) wish list item, I'd like to see a free-form "notes" field stored with each capture
file to allow a description of the capture conditions and specific relevant information about the capture to be
maintained with the file. Right now I encode as much as I can into the file name, but there's a lot more I'd like to
add, plus additional notes as I analyze the capture and discover important packets or sequences.
For options, it would be nice if the "notes" field included and automatically populated various significant fields,
e.g., capture time/date, interface(s) used, capture options and filter settings.
We are currently limited in this regard by the PCAP file format.
There is some work in that direction in the form of the PCAP-NG file format:
http://www.winpcap.org/ntar/default.htm