wireshark-dev October 2010 archive
Main Archive Page > Month Archives  > wireshark-dev archives
wireshark-dev: Re: [Wireshark-dev] Stripping Dissectors from wir

Re: [Wireshark-dev] Stripping Dissectors from wireshark.

From: Kaul <mykaul_at_nospam>
Date: Sat Oct 23 2010 - 09:12:42 GMT
To: Developer support list for Wireshark <wireshark-dev@wireshark.org>

On Fri, Oct 22, 2010 at 4:32 PM, Hadriel Kaplan <HKaplan@acmepacket.com>wrote:

>
> In wireshark, select "analyze" -> "enabled protocols..." and uncheck
> everything you don't need. (though you will need to keep the lower layers
> dissected - e.g., for HTTP you'd need to keep Ethernet, IP, TCP selected,
> and possibly IPv6, and of course HTTP and possibly SSL, etc)
>

There are so many protocols, that it's useless to even try.
Would be nice if they were:
(1) grouped by 'families' (example: all the ZigBee protocols)
(2) grouped by layers (example: all the ATM stuff)

Y.

>
> If all you want is HTTP, and only for port 80 or 443 or whatever, you could
> use a BPF capture filter to only capture the right packets to begin with -
> that'll speed it up.
>
> -hadriel
>
> On Oct 21, 2010, at 9:56 PM, rishab gupta wrote:
>
> Hi,
> I want to speed up wireshark. I am concerned with only the major protocols
> such as http. Will it be a good idea to remove the dissectors that serve
> no purpose for me? If so how do I go about it, because every dissector
> seems to have a lot of dependencies wrapped around it...
> Any help will be much appreciated.
>
> Best,
> Rishabh Gupta
>
> <ATT00001..c>
>
>
>
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe
>

___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe