Re: [Wireshark-commits] rev 37859: /trunk/ /trunk/gtk/: color_dlg.c /trunk/: color_filters.c color_filters.h

[Guy Harris <guy () alum mit edu>]

On Jul 4, 2011, at 8:49 AM, Sake Blok wrote:

> Where do you need that info, in the frame section of the packet details we list the following:
>
> Coloring Rule Name: ___tmp_color_filter___01
> Coloring Rule String: (ip.addr eq 192.168.0.104 and ip.addr eq 208.117.232.170) and (tcp.port eq 50388 and tcp.port 
> eq 80)

If the rule isn't saved in the colorfilters file, does the rule's name serve any purpose other than to identify the 
rule in places such as the Frame section of the packet details?  Can you, for example, edit the rule, by name, to 
change its color?

If the rule name is not useful, just calling that one "Conversation rule" might suffice...

> Or (when using a field to create the temporary coloring filter):
>
> Coloring Rule Name: ___tmp_color_filter___01
> Coloring Rule String: ip.id == 0x59fe

...and calling that one "Field rule" might suffice.

If the name is useful, the name of the first rule might be

        Conversation 192.168.0.104:50388 <-> 208.117.232.170:80

to summarize the conversation endpoints (if there are multiple such rules, a number could, for example, be added after 
"Conversation"), and the name of the second rule might just be its rule string.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe