[Kovarththanan Rajaratnam <kovarththanan.rajaratnam@xxxxxxxxx>]

Hey,

Could someone suggest some custom column expressions to use instead of 
the following predefined columns:

* COL_DCE_CALL:  /* done by dcerpc */
* COL_DCE_CTX:   /* done by dcerpc */
* COL_BSSGP_TLLI: /* done by packet-bssgp.c */

Kovarththanan Rajaratnam wrote:
> Hey,
>
> Those that have responded seem to be in favour of this and no one has 
> objected to this so I've taken the liberty to create a wiki page to 
> document the progress:
>
> http://wiki.wireshark.org/Development/CustomColumnfication
>
> Regards,
> Kovarththanan Rajaratn
>
> Jaap Keuter wrote:
> > Hi,
> >
> > So what you say is keep the metadata and generic protocol elements, the rest is 
> > protocol specific and should go through custom columns.
> > I can agree with that.
> >
> > Thanx,
> > Jaap
> >
> > Martin Visser wrote:
> > > My take below,
> > > '
> > > With no firm evidence, I would bet that 90% of users are doing pretty 
> > > much vanilla Ethernet packet captures, which is reflected in my thoughts 
> > > below. That said, I know I often do 802.11 based captures, but am not 
> > > interested in physical layer information all that much. (And I know 
> > > someone might argue for instance why included 802.1q VLAN tags, which is 
> > > very interface specific). Knowing that I can create a custom column for 
> > > them is all I generally need. I also like to see fields 
> > > tcp.analysis.ack_rtt or even tcp.stream, but I wouldn't expect a 
> > > pre-existing column to defined for them.
> > >
> > >
> > > Regards, Martin
> > >
> > > MartinVisser99@xxxxxxxxx <mailto:MartinVisser99@xxxxxxxxx>
> > >
> > >
> > > On Sun, Aug 16, 2009 at 7:17 AM, Anders Broman <a.broman@xxxxxxxxx 
> > > <mailto:a.broman@xxxxxxxxx>> wrote:
> > >
> > >     Hi,
> > >
> > >     Now when we have custom columns could we get rid of some of the
> > >     �fixed� columns?
> > >
> > >     It seems to me that some are not of a general interest.
> > >
> > >      
> > >
> > >     This is  the column enum:
> > >
> > >       COL_8021Q_VLAN_ID,  /* 0) 802.1Q vlan ID */ ****Keep****
> > >
> > >       COL_ABS_DATE_TIME,  /* 1) Absolute date and time */ ****Keep****
> > >
> > >       COL_ABS_TIME,       /* 2) Absolute time */ ****Keep****
> > >
> > >       COL_CIRCUIT_ID,     /* 3) Circuit ID */ ****Keep****
> > >
> > >       COL_DSTIDX,         /* 4) Dst port idx - Cisco MDS-specific */*
> > >     *****Retire****
> > >
> > >       COL_SRCIDX,         /* 5) Src port idx - Cisco MDS-specific */*
> > >     *****Retire****
> > >
> > >       COL_VSAN,           /* 6) VSAN - Cisco MDS-specific */*
> > >     *****Retire****
> > >
> > >       COL_CUMULATIVE_BYTES, /* 7) Cumulative number of bytes */* ***Keep****
> > >
> > >       COL_CUSTOM,         /* 8) Custom column (any filter name's
> > >     contents) */ ****Keep****
> > >
> > >       COL_DCE_CALL,       /* 9) DCE/RPC connection oriented call id OR
> > >     datagram sequence number */* *****Retire****
> > >
> > >       COL_DCE_CTX,        /* 10) DCE/RPC connection oriented context id
> > >     */* *****Retire****
> > >
> > >       COL_DELTA_TIME,     /* 11) Delta time */* ***Keep****
> > >
> > >       COL_DELTA_CONV_TIME,/* 12) Delta time to last frame in
> > >     conversation */* ***Keep****
> > >
> > >       COL_DELTA_TIME_DIS, /* 13) Delta time displayed*/* ***Keep****
> > >
> > >       COL_RES_DST,        /* 14) Resolved dest */* ***Keep****
> > >
> > >       COL_UNRES_DST,      /* 15) Unresolved dest */* ***Keep****
> > >
> > >       COL_RES_DST_PORT,   /* 16) Resolved dest port */* ***Keep****
> > >
> > >       COL_UNRES_DST_PORT, /* 17) Unresolved dest port */* ***Keep****
> > >
> > >       COL_DEF_DST,        /* 18) Destination address */* ***Keep****
> > >
> > >       COL_DEF_DST_PORT,   /* 19) Destination port */* ***Keep****
> > >
> > >       COL_EXPERT,         /* 20) Expert Info */* ***Keep****
> > >
> > >       COL_IF_DIR,         /* 21) FW-1 monitor interface/direction */*
> > >     *****Retire****
> > >
> > >       COL_OXID,           /* 22) Fibre Channel OXID */* *****Retire****
> > >
> > >       COL_RXID,           /* 23) Fibre Channel RXID */* *****Retire****
> > >
> > >       COL_FR_DLCI,        /* 24) Frame Relay DLCI */* *****Retire****
> > >
> > >       COL_FREQ_CHAN,      /* 25) IEEE 802.11 (and WiMax?) - Channel */*
> > >     *****Retire****
> > >
> > >       COL_BSSGP_TLLI,     /* 26) GPRS BSSGP IE TLLI */* *****Retire****
> > >
> > >       COL_HPUX_DEVID,     /* 27) HP-UX Nettl Device ID */* *****Retire****
> > >
> > >       COL_HPUX_SUBSYS,    /* 28) HP-UX Nettl Subsystem */* *****Retire****
> > >
> > >       COL_DEF_DL_DST,     /* 29) Data link layer dest address */*
> > >     ***Keep****
> > >
> > >       COL_DEF_DL_SRC,     /* 30) Data link layer source address */*
> > >     ***Keep****
> > >
> > >       COL_RES_DL_DST,     /* 31) Resolved DL dest */* ***Keep****
> > >
> > >       COL_UNRES_DL_DST,   /* 32) Unresolved DL dest */* ***Keep****
> > >
> > >       COL_RES_DL_SRC,     /* 33) Resolved DL source */* ***Keep****
> > >
> > >       COL_UNRES_DL_SRC,   /* 34) Unresolved DL source */* ***Keep****
> > >
> > >       COL_RSSI,           /* 35) IEEE 802.11 - received signal strength
> > >     */* *****Retire****
> > >
> > >       COL_TX_RATE,        /* 36) IEEE 802.11 - TX rate in Mbps */*
> > >     *****Retire****
> > >
> > >       COL_DSCP_VALUE,     /* 37) IP DSCP Value */* *****Retire****
> > >
> > >       COL_INFO,           /* 38) Description */* ***Keep****
> > >
> > >       COL_COS_VALUE,      /* 39) L2 COS Value */* *****Retire****
> > >
> > >       COL_RES_NET_DST,    /* 40) Resolved net dest */* ***Keep****
> > >
> > >       COL_UNRES_NET_DST,  /* 41) Unresolved net dest */* ***Keep****
> > >
> > >       COL_RES_NET_SRC,    /* 42) Resolved net source */* ***Keep****
> > >
> > >       COL_UNRES_NET_SRC,  /* 43) Unresolved net source */* ***Keep****
> > >
> > >       COL_DEF_NET_DST,    /* 44) Network layer dest address */* ***Keep****
> > >
> > >       COL_DEF_NET_SRC,    /* 45) Network layer source address */*
> > >     ***Keep****
> > >
> > >       COL_NUMBER,         /* 46) Packet list item number */* ***Keep****
> > >
> > >       COL_PACKET_LENGTH,  /* 47) Packet length in bytes */* ***Keep****
> > >
> > >       COL_PROTOCOL,       /* 48) Protocol */* ***Keep****
> > >
> > >       COL_REL_TIME,       /* 49) Relative time */* ***Keep****
> > >
> > >       COL_REL_CONV_TIME,  /* 50) Relative time to beginning of
> > >     conversation */* ***Keep****
> > >
> > >       COL_DEF_SRC,        /* 51) Source address */* ***Keep****
> > >
> > >       COL_DEF_SRC_PORT,   /* 52) Source port */* ***Keep****
> > >
> > >       COL_RES_SRC,        /* 53) Resolved source */* ***Keep****
> > >
> > >       COL_UNRES_SRC,      /* 54) Unresolved source */* ***Keep****
> > >
> > >       COL_RES_SRC_PORT,   /* 55) Resolved source port */* ***Keep****
> > >
> > >       COL_UNRES_SRC_PORT, /* 56) Unresolved source port */* ***Keep****
> > >
> > >       COL_TEI,            /* 57) Q.921 TEI */* *****Retire****
> > >
> > >       COL_CLS_TIME,       /* 58) Command line-specified time (default
> > >     relative) */* ***Keep****
> > >
> > >       NUM_COL_FMTS        /* 59) Should always be last */* ***Keep****
> > >
> > >      
> > >
> > >     Could some be retired? If so suggestions would be welcome J
> > >
> > >     Regards
> > >
> > >     Anders
> > >
> > >      
> > ___________________________________________________________________________
> > Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> > Archives:    http://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe