Thanks, Gerald,
That may be useful for post-processing notes.
For during capture, there are setups where I want to log messages from
several computers other than the one running Wireshark.
- Al -
----------------------------------------------------------------------------
Alan Jay Weiner / Valid8.com, Inc. - Conform, Perform & Excel(tm)
500 W Cummings Park, Suite #2700, Woburn, MA 01801, USA
a.weiner@xxxxxxxxxx / Tel:+1-781-938-1221 x112, Fax +1-781-207-0550
http://www.VALID8.com
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Gerald Combs
Sent: Wednesday, November 19, 2008 12:03 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] embed comments and notes into trace?
Alan Jay Weiner wrote:
> Does anyone know of a protocol I can use in this way? It seems to me I
> remember something like this, but I'll be darned if I can find it now. I
> can mis-use something - send a DNS query to "starting doing
> something-or-other" but the info line will have other cruft on it
("standard
> query A starting doing something-or-other").
Instead of using a dummy protocol, you might want to use a file format that
lets
you add comments directly to packets, such as pcap-ng:
http://www.winpcap.org/ntar/draft/PCAP-DumpFileFormat.html
http://wiki.wireshark.org/Development/PcapNg
Experimental support is currently in Wireshark, in wiretap/pcapng.[ch].
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-users