Wireshark.....wonderful tool!!
Is there a way to define labels for packets that
meet certain criteria and have them labeled in the capture display?
For example, packets that contain IP address
1.2.3.4 could have the IP address (1.2.3.4) replaced with a label of our
chosing i.e. test computer, etc. This may also be used for MAC address,
etc.
Once something about a packet is identified, we
could then label the packets that contain the same criteria as a name such
as "test computer", etc. This would make is much easier to be able to
glance at the capture window and to determine what device is creating that
particular packet. This labeling would also be able to be viewed in the
different report screens.
One of the other capture programs calls this
function creating an alias.
Your thoughts and efforts are greatly
appreciated.
Corey
|