Wireshark · Wireshark-dev: [Wireshark-dev] Transport name resolution considered harmful?

Wireshark-dev: [Wireshark-dev] Transport name resolution considered harmful?

From: Gerald Combs <gerald@xxxxxxxxxxxxx>

Date: Mon, 23 Apr 2012 10:56:52 -0700

Wireshark has transport name resolution enabled by default.
Unfortunately protocol numbers often get mapped to the wrong name, which
can lead to confusion:

https://ask.wireshark.org/questions/10380/what-is-commplex-main

It seems like the "services" file has effectively become "a list of
things not running on the network". This is especially true for OSes
that use the old-style (1024 - 4999) ephemeral port range. Is there any
reason we shouldn't disable transport name resolution by default for the
1.8 release?

-- 
Join us for Sharkfest ’12! · Wireshark® Developer and User Conference
Berkeley, CA, June 24-27 · sharkfest.wireshark.org

Follow-Ups:
- Re: [Wireshark-dev] Transport name resolution considered harmful?
  - From: Guy Harris
- Re: [Wireshark-dev] Transport name resolution considered harmful?
  - From: Stephen Fisher

Prev by Date: Re: [Wireshark-dev] Capturing CAN packets
Next by Date: Re: [Wireshark-dev] Transport name resolution considered harmful?
Previous by thread: Re: [Wireshark-dev] Capturing CAN packets
Next by thread: Re: [Wireshark-dev] Transport name resolution considered harmful?
Index(es):
- Date
- Thread