["Panagiotis Georgopoulos" <panos@xxxxxxxxxxxxxxxx>]

That’s an excellent pointer, thanks Jaap!

 

I’ve created an ethers file with the appropriate mac address and the name I want and works like a charm!

 

However, do you have any idea why it works only when it is in /etc/ethers and not in wireshark/ethers ?

 

It seems that Wireshark keeps neglecting the ethers file if it is in its installation directory, but consults it fine if it is moved in /etc/

 

Thanks,

panos

 

 

From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jaap Keuter
Sent: 11 May 2010 13:24
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Mac Address -> human friendly string

 

Hi,

That's where the ethers file comes in, see the User's Guide 7.7.2

Thanks,
Jaap

 

On Tue, 11 May 2010 11:25:36 +0100, "Panagiotis Georgopoulos" <panos@xxxxxxxxxxxxxxxx> wrote:

Hello all,

 

What I am willing basically, is to be able to see a human friendly string in the source and destination files in my Wireshark captures so that I can debug easier what I see.

 

I checked that I can enforce Wireshark to do a mac/ip layer resolution, however I don’t want it to try and do arp or dns request (and see the relevant packets in my log) and also because these requests won’t help (I don’t have a dns server and although IPs are a bit more readable they are not what I want).

 

Is there  a way to statically direct Wireshark to change e.g. Netgear_2d:00:85 to “server” and Netgear_2c:ae:45 to “client” etc? Some settings somewhere or apply an appropriate filter ?

 

Thanks a lot in advance,

Panos

 

Ps. I am working in linux, so I was thinking whether there is a local file that linux checks before an arp request so that I can set the info I want there…?