On 27-11-2017 14:41, João Valverde wrote:
On 27-11-2017 13:50, Maynard, Chris wrote:
-----Original Message-----
From: Wireshark-dev [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On
Behalf Of João Valverde
Sent: Thursday, November 23, 2017 7:14 PM
To: wireshark-dev@xxxxxxxxxxxxx
Subject: Re: [Wireshark-dev] Processing packet before exporting it.
On 22-11-2017 17:02, Pascal Quantin wrote:
Le 22 nov. 2017 17:36, "Dario Lombardo" <dario.lombardo.ml@xxxxxxxxx
<mailto:dario.lombardo.ml@xxxxxxxxx>> a écrit :
On Wed, Nov 22, 2017 at 5:21 PM, Manik Khandelwal
<manik123khandelwal@xxxxxxxxx
<mailto:manik123khandelwal@xxxxxxxxx>>
wrote:
I want to edit the bytes with full knowledge of structure.
There was such a feature in wireshark GTK gui. It has not been
ported to QT yet and there are no plans at the moment for that.
Maybe you could try to compile it or use some bin package that
provide the old gui and play a little bit with it. For the sake of
completeness: it's just a bit more than an hex editor, by the way.
But points to the actual packet bytes, that makes some of the job
you should do yourself with an hex editor.
Hope it helps.
There was indeed an experimental packet editor, but it was very
limited (basically as far as I can remember it could edit values like
what you could do with an hex editor, but was not a generic encoder
for any given protocol).
Change proposing removal: https://code.wireshark.org/review/#/c/24563
I guess I'm late to the party because I was on vacation, but what was
the point of removing this feature? Wireshark Gtk UI development is
no longer active, so there's no reason to expect any new features to
be added, but I wouldn't expect working, useful features to be removed
either, especially when there's no Qt equivalent.
Understood. It's still up for discussion. I don't have any problem with
removing features. I have objections with #ifdef'ed out code without
continuous testing.
Oops, the code was default enabled. My bad. I was sure this was default
off for some reason. Sorry for that oversight.