WSUG: Update the packet details and bytes sections.

Update images and text. Change-Id: If024a37a01cd7ab40ae2d5f50f26ca41a159fd41 Reviewed-on: https://code.wireshark.org/review/13173 Reviewed-by: Gerald Combs <gerald@wireshark.org>
2016-01-10 11:11:09 -08:00 · 2016-01-10 11:11:09 -08:00 · 472c29d18c
parent 2440f534b1
commit 472c29d18c
4 changed files with 23 additions and 27 deletions
--- a/docbook/wsug_graphics/ws-bytes-pane-tabs.png
+++ b/docbook/wsug_graphics/ws-bytes-pane-tabs.png
--- a/docbook/wsug_graphics/ws-bytes-pane.png
+++ b/docbook/wsug_graphics/ws-bytes-pane.png
--- a/docbook/wsug_graphics/ws-details-pane.png
+++ b/docbook/wsug_graphics/ws-details-pane.png
--- a/docbook/wsug_src/WSUG_chapter_use.asciidoc
+++ b/docbook/wsug_src/WSUG_chapter_use.asciidoc
@ -836,10 +836,10 @@ image:wsug_graphics/related-first.png[height="18px"]::
  First packet in a conversation.

 image:wsug_graphics/related-current.png[height="18px"]::
-  Part of the selected conversation
+  Part of the selected conversation.

 image:wsug_graphics/related-other.png[height="18px"]::
-  _Not_ part of the selected conversation
+  _Not_ part of the selected conversation.

 image:wsug_graphics/related-last.png[height="18px"]::
  Last packet in a conversation.
@ -884,24 +884,23 @@ pane) in a more detailed form.
 image::wsug_graphics/ws-details-pane.png[]

 This pane shows the protocols and protocol fields of the packet selected in the
-``Packet List'' pane. The protocols and fields of the packet are displayed using a
-tree, which can be expanded and collapsed.
+``Packet List'' pane. The protocols and fields of the packet shown in a tree
+which can be expanded and collapsed.

-There is a context menu (right mouse click) available, see details in
+There is a context menu (right mouse click) available. See details in
 <<ChWorkPacketDetailsPanePopUpMenu>>.

-Some protocol fields are specially displayed.
+Some protocol fields have special meanings.

-* *Generated fields* Wireshark itself will generate additional protocol fields
-  which are surrounded by brackets. The information in these fields is derived
-  from the known context to other packets in the capture file. For example,
-  Wireshark is doing a sequence/acknowledge analysis of each TCP stream, which
-  is displayed in the [SEQ/ACK analysis] fields of the TCP protocol.
+* *Generated fields.* Wireshark itself will generate additional protocol
+  information which isn't present in the captured data. This information is
+  enclosed in square brackets (`[' and `]'). Generated information includes
+  response times, TCP analysis, GeoIP information, and checksum validation.

-* *Links* If Wireshark detected a relationship to another packet in the capture
-  file, it will generate a link to that packet. Links are underlined and
-  displayed in blue. If double-clicked, Wireshark jumps to the corresponding
-  packet.
+* *Links.* If Wireshark detects a relationship to another packet in the capture
+  file it will generate a link to that packet. Links are underlined and
+  displayed in blue. If you double-clicked on a link  Wireshark will jump to the
+  corresponding packet.

 [[ChUsePacketBytesPaneSection]]

@ -915,25 +914,22 @@ The packet bytes pane shows the data of the current packet (selected in the
 .The ``Packet Bytes'' pane
 image::wsug_graphics/ws-bytes-pane.png[]

-As usual for a hexdump, the left side shows the offset in the packet data, in
-the middle the packet data is shown in a hexadecimal representation and on the
-right the corresponding ASCII characters (or . if not appropriate) are
-displayed.
+The ``Packet Bytes'' pane shows a canonical
+https://en.wikipedia.org/wiki/Hex_dump[hex dump] of the packet data. Each line
+contains the data offset, sixteen hexadecimal bytes, and sixteen ASCII bytes.
+Non-printalbe bytes are replaced with a period (`.').

 Depending on the packet data, sometimes more than one page is available, e.g.
-when Wireshark has reassembled some packets into a single chunk of data, see
-<<ChAdvReassemblySection>>. In this case there are some additional tabs shown at
-the bottom of the pane to let you select the page you want to see.
+when Wireshark has reassembled some packets into a single chunk of data. (See
+<<ChAdvReassemblySection>> for details). In this case you can see each data
+source by clicking its corresponding tab at the bottom of the pane.

 [[ChUseWiresharkBytesPaneTabs]]
 .The ``Packet Bytes'' pane with tabs
 image::wsug_graphics/ws-bytes-pane-tabs.png[]

-[NOTE]
-====
-The additional pages might contain data picked from multiple packets.
-====
-
+Additional pages typically contain data reassembled from multiple packets or
+decrypted data.

 The context menu (right mouse click) of the tab labels will show a list of all
 available pages. This can be helpful if the size in the pane is too small for