Wireshark-dev: Re: [Wireshark-dev] Being a mentor from Facebook Open Academy

From: Richard Sharpe <realrichardsharpe@xxxxxxxxx>
Date: Fri, 20 Dec 2013 07:32:57 -0800
On Thu, Dec 19, 2013 at 11:23 PM, Jay Borenstein
<borenstein@xxxxxxxxxxxxxxx> wrote:
> Hello,
>
> I am Jay Borenstein from Stanford's Computer Science Department.  I'm
> teaching software engineering through Facebook's generosity to hundreds of
> top international computer science students in collaboration with open
> source mentors.  I would very much like to have WireShark involved if we can
> find a suitable mentor.
>
> I've attached a document that details more about the program and what is
> involved from a mentor's perspective.  Please let me know if we can get
> WireShark involved in which case I would need to talk to whomever would
> serve as the mentor to the students.  I look forward to hearing from you!

I noticed during a quick scan that it mentions low-hanging fruit, but
there are a bunch of other improvements that would make things more
productive for me.

One of the things I am often doing these days is loading up a large
SMB/SMB2 capture and focusing on when files are opened and what
happens to them.

It would be useful to be able to:

1. Select sets of packets that are related because they are all those
associated with a particular file (including the Create request and
the close response).

2. Maybe collapse them all under a subtree similar to what the latest
versions of NetMon does.

3. Then it would be useful to be able to colorize different such opens
of the same file so I can easily see nesting and sequential
relationships between opens.

I am sure other things will suggest themselves as well.

-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)