Lucent Technologies Ethereal Network Card User Manual


  Open as PDF
of 199
 
6.6. Finding packets .................................................................................................... 113
6.6.1. The "Find Packet" dialog box ....................................................................... 113
6.6.2. The "Find Next" command .......................................................................... 114
6.6.3. The "Find Previous" command ..................................................................... 114
6.7. Go to a specific packet .......................................................................................... 115
6.7.1. The "Go Back" command ............................................................................ 115
6.7.2. The "Go Forward" command ....................................................................... 115
6.7.3. The "Go to Packet" dialog box ..................................................................... 115
6.7.4. The "Go to Corresponding Packet" command .................................................. 115
6.7.5. The "Go to First Packet" command ............................................................... 115
6.7.6. The "Go to Last Packet" command ................................................................ 115
6.8. Marking packets ................................................................................................... 116
6.9. Time display formats and time references ................................................................. 117
6.9.1. Packet time referencing ............................................................................... 117
7. Advanced Features .......................................................................................................... 120
7.1. Introduction ........................................................................................................ 120
7.2. Following TCP streams ......................................................................................... 121
7.2.1. The "Follow TCP stream" dialog box ............................................................ 121
7.3. Packet Reassembling ............................................................................................ 123
7.3.1. What is it? ................................................................................................ 123
7.3.2. How Ethereal handles it .............................................................................. 123
7.3.3. Reassembling is disabled by default! ............................................................. 123
7.4. Name Resolution .................................................................................................. 124
7.4.1. Ethernet name resolution (MAC layer) ........................................................... 124
7.4.2. IP name resolution (network layer) ................................................................ 124
7.4.3. IPX name resolution (network layer) ............................................................. 125
7.4.4. TCP/UDP port name resolution (transport layer) .............................................. 125
8. Statistics ....................................................................................................................... 127
8.1. Introduction ........................................................................................................ 127
8.2. The "Summary" window ........................................................................................ 128
8.3. The "Protocol Hierarchy" window ........................................................................... 130
8.4. Endpoints ........................................................................................................... 132
8.4.1. What is an Endpoint? .................................................................................. 132
8.4.2. The "Endpoints" window ............................................................................. 132
8.4.3. The protocol specific "Endpoint List" windows ............................................... 133
8.5. Conversations ...................................................................................................... 134
8.5.1. What is a Conversation? .............................................................................. 134
8.5.2. The "Conversations" window ....................................................................... 134
8.5.3. The protocol specific "Conversation List" windows .......................................... 134
8.6. The "IO Graphs" window ....................................................................................... 135
8.7. Service Response Time ......................................................................................... 137
8.7.1. The "Service Response Time DCE-RPC" window ............................................ 137
8.8. The protocol specific statistics windows ................................................................... 139
9. Customizing Ethereal ...................................................................................................... 141
9.1. Introduction ........................................................................................................ 141
9.2. Start Ethereal from the command line ....................................................................... 142
9.3. Packet colorization ............................................................................................... 146
9.4. Control Protocol dissection .................................................................................... 149
9.4.1. The "Enabled Protocols" dialog box .............................................................. 149
9.4.2. User Specified Decodes .............................................................................. 151
9.4.3. Show User Specified Decodes ...................................................................... 152
9.5. Preferences ......................................................................................................... 153
A. Configuration (and other) Files and Folders ......................................................................... 156
A.1. Windows folders ................................................................................................. 159
A.1.1. Windows profiles ...................................................................................... 159
A.1.2. Windows NT/2000/XP roaming profiles ........................................................ 160
A.1.3. Windows temporary folder ......................................................................... 160
B. Protocols and Protocol Fields ........................................................................................... 162
C. Related command line tools ............................................................................................. 163
C.1. Introduction ........................................................................................................ 163
C.2. tcpdump: Capturing with tcpdump for viewing with Ethereal ...................................... 164
C.3. tethereal: Terminal-based Ethereal ......................................................................... 165
C.4. capinfos: Print information about capture files .......................................................... 166
Ethereal User's Guide
vi
 previous next