The Wireshark Analyze menu contains the fields shown in Table 3.7, “Analyze menu items”.
Table 3.7. Analyze menu items
| Menu Item | Accelerator | Description |
|---|---|---|
This menu item brings up a dialog box that allows you to create and edit display filters. You can name filters, and you can save them for future use. More detail on this subject is provided in Section 6.6, “Defining and saving filters” | ||
This menu item brings up a dialog box that allows you to create and edit display filter macros. You can name filter macros, and you can save them for future use. More detail on this subject is provided in Section 6.7, “Defining and saving filter macros” | ||
This menu item adds the selected protocol item in the packet details pane as a column to the packet list. | ||
→ | These menu items will change the current display filter and apply the changed filter immediately. Depending on the chosen menu item, the current display filter string will be replaced or appended to by the selected protocol field in the packet details pane. | |
→ | These menu items will change the current display filter but won’t apply the changed filter. Depending on the chosen menu item, the current display filter string will be replaced or appended to by the selected protocol field in the packet details pane. | |
Shift+Ctrl+E | This menu item allows the user to enable/disable protocol dissectors, see Section 10.4.1, “The “Enabled Protocols” dialog box” | |
This menu item allows the user to force Wireshark to decode certain packets as a particular protocol, see Section 10.4.2, “User Specified Decodes” | ||
This menu item allows the user to force Wireshark to decode certain packets as a particular protocol, see Section 10.4.3, “Show User Specified Decodes” | ||
This menu item brings up a separate window and displays all the TCP segments captured that are on the same TCP connection as a selected packet, see Section 7.2, “Following TCP streams” | ||
Same functionality as “Follow TCP Stream” but for UDP streams. | ||
Same functionality as “Follow TCP Stream” but for SSL streams. See the wiki page on SSL for instructions on providing SSL keys. | ||
Open a dialog showing some expert information about the captured packets. The amount of information will depend on the protocol and varies from very detailed to non-existent. XXX - add a new section about this and link from here | ||
→ | In this menu you will find conversation filter for various protocols. |