|Main Archive Page > Month Archives > wireshark-dev archives|
On Fri, Oct 22, 2010 at 4:32 PM, Hadriel Kaplan <HKaplan@acmepacket.com>wrote:
> In wireshark, select "analyze" -> "enabled protocols..." and uncheck
> everything you don't need. (though you will need to keep the lower layers
> dissected - e.g., for HTTP you'd need to keep Ethernet, IP, TCP selected,
> and possibly IPv6, and of course HTTP and possibly SSL, etc)
There are so many protocols, that it's useless to even try.
Would be nice if they were:
(1) grouped by 'families' (example: all the ZigBee protocols)
(2) grouped by layers (example: all the ATM stuff)
> If all you want is HTTP, and only for port 80 or 443 or whatever, you could
> use a BPF capture filter to only capture the right packets to begin with -
> that'll speed it up.
> On Oct 21, 2010, at 9:56 PM, rishab gupta wrote:
> I want to speed up wireshark. I am concerned with only the major protocols
> such as http. Will it be a good idea to remove the dissectors that serve
> no purpose for me? If so how do I go about it, because every dissector
> seems to have a lot of dependencies wrapped around it...
> Any help will be much appreciated.
> Rishabh Gupta
> Sent via: Wireshark-dev mailing list <email@example.com>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
Sent via: Wireshark-dev mailing list <firstname.lastname@example.org>