Wireshark mailing list archives
Re: What is "Export PDUs to File..." intended to do?
From: Guy Harris <guy () alum mit edu>
Date: Wed, 16 Jul 2014 02:59:31 -0700
On Jul 15, 2014, at 10:55 PM, Pascal Quantin <pascal.quantin () gmail com> wrote:
Le 16/07/2014 03:05, Guy Harris a écrit :Currently, it writes something to a temporary file, and then closes the current file and reads the new file in. 1) What do the four choices it offers mean? I tried it with "OSI Layer 3" on an HTTP capture and no packets were written.The idea is to strip the lower layers or create a new pcap with the deciphered payload for example. As of today, if you select "OSI layer 3" it will export PDUs from IPSec and SCTP.
Those aren't the only protocols in the universe at the transport layer - and I'm not sure IPSec is a transport-layer protocol. Perhaps it should say "IPSec and SCTP" instead?
If you select "OSI layer 7", it will export the (eventually deciphered) payload for credssp, diameter, DTLS, reload, SIP and SSL.
Ditto.
2) Why does it replace the current capture, rather than writing out to a new file with a specified name? That's not what I'd expect a menu item that begins with "Export" to do.I *think* the idea was to be able to visualize the output immediately. If you are happy with it you can save the new capture. If you are not, you can close the file and reopen the previous capture. It the parent capture is not saved, you get a popup dialog asking you whether you want to save it or not, avoiding to lose any data.
If that's the intent, it should probably have a name other than "Export PDUs to File", as, unlike the other operations that begin with "Export", it has a side-effect of closing the current file and opening and reading a new file. (If we supported having multiple files open in the same process, perhaps it should open a new window with the new file.) ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- What is "Export PDUs to File..." intended to do? Guy Harris (Jul 15)
- Re: What is "Export PDUs to File..." intended to do? Pascal Quantin (Jul 15)
- Re: What is "Export PDUs to File..." intended to do? Guy Harris (Jul 16)
- Re: What is "Export PDUs to File..." intended to do? Anders Broman (Jul 17)
- Re: What is "Export PDUs to File..." intended to do? Guy Harris (Jul 16)
- Re: What is "Export PDUs to File..." intended to do? Pascal Quantin (Jul 15)