[Guy Harris <guy@xxxxxxxxxxxx>]

Vijay Sitaram wrote:

>     I am not sure why you think GUI is lost when running on Linux.  
> There is an equivalent 'wireshark' command also available on Linux
(and on other UN*X systems that support X11, including Solaris, various 
BSDs, and Mac OS X)
> which 
> is basically a X-client.  So you will need X-Server running on your 
> desktop (Cygwin provides one for free!).  Not sure though whether the 
> Linux version of the GUI has the specific feature implemented...
The Unix+X11 and Windows versions of Wireshark use the same source base, 
with small changes for the GUI; that feature is available independently 
of the platform for which Wireshark was built.
However, it might be useful to have the endpoints information available 
in TShark (on UN*X and Windows); it would probably be possible to 
implement it as a tap.
(This is why a general framework for statistics taps, so that a lot of 
taps can be implemented in Wireshark *and* TShark by code that plugs 
into the Wireshark version of the framework and the TShark version of 
the framework, would be useful - you'd only have to write the statistics 
code once, and the framework would do all the display/output work for 
you, and it'd work in Wireshark and TShark.)