Re: UI Proposal for better Analysis for Android devices

[Anders Broman <anders.broman () ericsson com>]

From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of VIKRAM 
VENKATESH HEGDE
Sent: den 29 december 2015 06:57
To: wireshark-dev () wireshark org
Subject: [Wireshark-dev] UI Proposal for better Analysis for Android devices


Dear All,



Its my pleasure to contribute to Wireshark Open Source community. Off late our team is contributing to Zigbee cluster 
dissectors.

We have a UI feature proposal to contribute to open source which will result in improved and better analysis of issues 
with respect to android devices also providing user with a good use experience. Below are the details of the proposed 
solution, also attached are the screenshots of the idea in which one reflects the existing flow graph available in 
Wireshark, and the other screenshot represents the change we are proposing to enhance the UI and separate packet  and 
system logs and show the system logs in separate panel:



Title


UI Feature in Wireshark for better analysis


Abstract


The proposed solution addresses enhancement of UI for GTK, in which unlike the existing Wireshark, the logs which are 
generated from the android device connected via usb to system and the packet data are separated out to show it in 
different panes. Thus providing an additional functionality of viewing the log data and packet data separately and also 
having a time synchronization functionality to map the packet data with the log entry and vice-versa. This will be 
useful for user to analyze the particular scenario in more depth as the user will be able to analyze whether the issue 
lies in network based on the packets or whether the issue lies in the device software implementation based on the 
system logs.


Background (if necessary)


The code contribution is an enhancement of existing Wireshark to provide user with more functionality and better 
analysis of the issues. Also enhancing the user experience by showing the log data and packet data together and mapping 
functionality based on the time.








Detailed Description


Added the below functionalities:

v  Modified the UI to show device system logs and packet logs separately.

v  Time Synchronization and mapping between packet data and system logs so that user can get the issues addressed more 
clearly.

The system logs that are captured using the existing android dump are shown in the form of packets along with the other 
network traffic in the Wireshark main packet window.  This implementation adds large number of additional packets in 
the Wireshark packet window as every log line is shown as a packet. To reduce this overhead we are segregating the log 
viewer and the network traffic by adding additional UI component Logviewer. The log viewer will display the system logs 
as simple text data . The user can map between the log viewer window and main packet pane by selecting a packet in the 
Wireshark main packet panel or selecting a line in the log window by which the other window corresponding entry will be 
highlighted.  Our implementation requires a few modification in the existing code of the Wireshark so as to fit our new 
component log viewer as a part of Wireshark. To feed the data in the logviwer we are adding  an additional interface in 
the androiddump which will be listed along with the other interfaces in the Wireshark interface list. The capture 
filter option  in the interface can be used to specify the logtags.  We are also providing the facility of storing the 
logdata  for the offline use.

The logviewer functionality is similar to the flow graph that assist user  in seeing whether there are any issues on 
the network such as dropped frames, timeouts or dropped connections. Flow graph  also provide the time mapping 
functionality similar to the logviewer window.


If the feature looks promising then we would like to open source this. Please let me know if the feature looks 
interesting. If so would send more details and the changes involved in architecture and also some addons which we would 
be contributing along with the main UI enhancement..



Thanks & Regards,

Vikram



Hi,

Yes it looks interesting, the best would be to upload the code changes to gerrit so we can have a look at it. Note that 
GTK is being deprecated so

The GUI part has to be ported to Qt too otherwise the functionality may be lost when GTK is removed. But in my opinion 
we could integrate the GTK version

First and worry about the GUI part later. If it’s possible to add the feature as a series of smaller patches that would 
make the review easier rather than

A humongous patch adding all at once.

Best regards

Anders

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe