Wireshark-dev: Re: [Wireshark-dev] Packet Information

From: wsgd <wsgd@xxxxxxx>
Date: Sun, 26 Apr 2009 20:30:14 +0200
There are 3 panes into wireshark window :
- packet list pane (where there are Source and Destination columns)
- packet details pane
- hexa dump pane

Into packet details pane, for a given packet (e.g TCP packet), I can see :
+ Frame ...
+ Ethernet ...
+ Internet Protocol, Src: <ip add or hostname> (<ip add>), Dst: <ip add or hostname> (<ip add>)
+ Transmission Control Protocol ...
+ ...

So, Ip address Source and Destination are computed/managed/retrieve by the "Internet Protocol" dissector.


But I'm still not sure of what you want to do.

Do you tried Statistics/IP adresses ?


Olivier

Rohan Solanki a �crit :
Hi Oliver thanks for the reply...
      "Ip address Source and Destination are printed on the 3rd line into
packet details pane." I did not this statement . Can u explain this in more detail,,

Thanks in advance...


On Sat, Apr 25, 2009 at 11:32 AM, wsgd <wsgd@xxxxxxx <mailto:wsgd@xxxxxxx>> wrote:

    Ip address Source and Destination are printed on the 3rd line into
    packet details pane.
    -> dissector called "Internet protocol"
    So search for "Internet protocol" into the code.
    -> epan/dissectors/packet_ip.c


    Olivier


    Rohan Solanki a �crit :
    > Hey if this is still not clear then... 1) I have compiled and have
    > successfully running wireshark in my windows machine. 2) I want to
    > find in which file can i get the source and destination ip address
    > information that is being displayed in the "packet list pane " of
    > wireshark.
    >
    > Thanks
    > Rohan
    >
    >
    > On Sat, Apr 25, 2009 at 9:41 PM, Rohan Solanki
    > <solanki.rohan@xxxxxxxxx <mailto:solanki.rohan@xxxxxxxxx>
    <mailto:solanki.rohan@xxxxxxxxx <mailto:solanki.rohan@xxxxxxxxx>>>
    wrote:
    >
    >     Hi i mean  my NIC not dessector...
    >
    >     Thanks
    >     Rohan
    >
    >
    >     On Sat, Apr 25, 2009 at 9:21 PM, wsgd <wsgd@xxxxxxx
    <mailto:wsgd@xxxxxxx>
    >     <mailto:wsgd@xxxxxxx <mailto:wsgd@xxxxxxx>>> wrote:
    >
    >         packet_info.h ?
    >         What do you mean by your "interface" :
    >         - capture interface?
    >         - your dissector ?
    >
    >         Olivier
    >
    >
    >         Rohan Solanki a �crit :
    >         > Hi  Which file do i refer to get the source and
    destination
    >         ip address
    >         > of each packet that is coming to my interface....
    >         >
    >         >
    >         > Thanks
    >         > Rohan
    >         >
    >         > On Sat, Apr 25, 2009 at 4:51 AM, Rohan Solanki
    >         > <solanki.rohan@xxxxxxxxx
    <mailto:solanki.rohan@xxxxxxxxx> <mailto:solanki.rohan@xxxxxxxxx
    <mailto:solanki.rohan@xxxxxxxxx>>
    >         <mailto:solanki.rohan@xxxxxxxxx
    <mailto:solanki.rohan@xxxxxxxxx>
    >         <mailto:solanki.rohan@xxxxxxxxx
    <mailto:solanki.rohan@xxxxxxxxx>>>> wrote:
    >         >
    >         >     Hi abhik .. thanks for the reply...
    >         >       I want to get the "Source" and "Destination"
    ipaddress
    >         of each
    >         >     packet that is received by the interface.
    >         >
    >         >     Thanks in advance
    >         >
    >         >
    >         >     On Sat, Apr 25, 2009 at 4:43 AM, Abhik Sarkar
    >         >     <sarkar.abhik@xxxxxxxxx
    <mailto:sarkar.abhik@xxxxxxxxx> <mailto:sarkar.abhik@xxxxxxxxx
    <mailto:sarkar.abhik@xxxxxxxxx>>
    >         <mailto:sarkar.abhik@xxxxxxxxx
    <mailto:sarkar.abhik@xxxxxxxxx>
    >         <mailto:sarkar.abhik@xxxxxxxxx
    <mailto:sarkar.abhik@xxxxxxxxx>>>> wrote:
    >         >
    >         >         Hi Rohan,
    >         >
    >         >         "To" and "From" fields of what? Mails? If yes,
    then
    >         you will
    >         >         probably want to check out the field "imf.to
    <http://imf.to>
    >         <http://imf.to> <http://imf.to>"
    >         >         and "imf.from"... That is in the dissector of the
    >         Internet
    >         >         Message Format dissector.
    >         >
    >         >         HTH
    >         >         Abhik
    >         >
    >         >         On Sat, Apr 25, 2009 at 11:36 AM, Rohan Solanki
    >         >         <solanki.rohan@xxxxxxxxx
    <mailto:solanki.rohan@xxxxxxxxx>
    >         <mailto:solanki.rohan@xxxxxxxxx
    <mailto:solanki.rohan@xxxxxxxxx>>
    >         <mailto:solanki.rohan@xxxxxxxxx
    <mailto:solanki.rohan@xxxxxxxxx>
    >         <mailto:solanki.rohan@xxxxxxxxx
    <mailto:solanki.rohan@xxxxxxxxx>>>> wrote:
    >         >
    >         >             Hi all,
    >         >               I am new to this community.... I have
    >         successfully build
    >         >             and run wireshark(in windows).. I want the
    >         information of
    >         >             "To" and "From" field, from which file can
    i get
    >         this
    >         >             information?
    >         >
    >         >             Thanks in advance......
    >         >
    >         >             Rohan
    >         >
    >         >
> ___________________________________________________________________________
    >         >             Sent via:    Wireshark-dev mailing list
    >         >             <wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>
    >         <mailto:wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>>
    >         >             <mailto:wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>
    >         <mailto:wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>>>>
    >         >             Archives:
    >          http://www.wireshark.org/lists/wireshark-dev
    >         >             Unsubscribe:
> > https://wireshark.org/mailman/options/wireshark-dev
    >         >
    >         mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>
    >         <mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>>
> > <mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>
    >         <mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>>>?subject=unsubscribe
    >         >
    >         >
    >         >
    >         >
> ___________________________________________________________________________
    >         >         Sent via:    Wireshark-dev mailing list
    >         >         <wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>
    >         <mailto:wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>>
    >         <mailto:wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>
    >         <mailto:wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>>>>
    >         >         Archives:
    >          http://www.wireshark.org/lists/wireshark-dev
    >         >         Unsubscribe:
    >         https://wireshark.org/mailman/options/wireshark-dev
    >         >
    >         mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>
    >         <mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>>
    >         >         <mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>
    >         <mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>>>?subject=unsubscribe
    >         >
    >         >
    >         >
    >         >
> ------------------------------------------------------------------------
    >         >
    >         >
> ___________________________________________________________________________
    >         > Sent via:    Wireshark-dev mailing list
    >         <wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>
    <mailto:wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>>>
    >         > Archives:    http://www.wireshark.org/lists/wireshark-dev
    >         > Unsubscribe:
    https://wireshark.org/mailman/options/wireshark-dev
> > mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>
    >         <mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>>?subject=unsubscribe
    >
    >
    >         --
    >         Wireshark Generic Dissector http://wsgd.free.fr
    >
> ___________________________________________________________________________
    >         Sent via:    Wireshark-dev mailing list
    >         <wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>
    <mailto:wireshark-dev@xxxxxxxxxxxxx
    <mailto:wireshark-dev@xxxxxxxxxxxxx>>>
    >         Archives:    http://www.wireshark.org/lists/wireshark-dev
    >         Unsubscribe:
    https://wireshark.org/mailman/options/wireshark-dev
    >                     mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>
    >         <mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>>?subject=unsubscribe
    >
    >
    >
    >
    ------------------------------------------------------------------------
    >
    >
    ___________________________________________________________________________
    > Sent via:    Wireshark-dev mailing list
    <wireshark-dev@xxxxxxxxxxxxx <mailto:wireshark-dev@xxxxxxxxxxxxx>>
    > Archives:    http://www.wireshark.org/lists/wireshark-dev
    > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
    >              mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>?subject=unsubscribe


    --
    Wireshark Generic Dissector http://wsgd.free.fr

    ___________________________________________________________________________
    Sent via:    Wireshark-dev mailing list
    <wireshark-dev@xxxxxxxxxxxxx <mailto:wireshark-dev@xxxxxxxxxxxxx>>
    Archives:    http://www.wireshark.org/lists/wireshark-dev
    Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
                mailto:wireshark-dev-request@xxxxxxxxxxxxx
    <mailto:wireshark-dev-request@xxxxxxxxxxxxx>?subject=unsubscribe


------------------------------------------------------------------------

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


--
Wireshark Generic Dissector http://wsgd.free.fr