2018-02-05 16:59:45 +00:00
// WSUG Appendix Files
2014-11-09 06:05:52 +00:00
[[AppFiles]]
[appendix]
== Files and Folders
[[ChAppFilesCaptureFilesSection]]
=== Capture Files
To understand which information will remain available after the captured packets
2018-02-04 23:15:02 +00:00
are saved to a capture file, it’ s helpful to know a bit about the capture file
2014-11-09 06:05:52 +00:00
contents.
Wireshark uses the
2015-08-25 01:46:56 +00:00
link:https://github.com/pcapng/pcapng[pcapng] file
2014-11-09 06:05:52 +00:00
format as the default format to save captured packets. It is very flexible
but other tools may not support it.
Wireshark also supports the
2015-03-10 17:46:50 +00:00
link:https://wiki.wireshark.org/Development/LibpcapFileFormat[libpcap] file
2014-11-09 06:05:52 +00:00
format. This is a much simpler format and is well established. However, it has
2018-02-04 23:15:02 +00:00
some drawbacks: it’ s not extensible and lacks some information that would be
2018-02-26 01:50:01 +00:00
really helpful (e.g. being able to add a comment to a packet such as “the
problems start here” would be really nice).
2014-11-09 06:05:52 +00:00
In addition to the libpcap format, Wireshark supports several different capture
file formats. However, the problems described above also applies for these
formats.
[[ChIOFileContentSection]]
==== Libpcap File Contents
At the start of each libpcap capture file some basic information is stored like
a magic number to identify the libpcap file format. The most interesting
information of this file start is the link layer type (Ethernet, 802.11,
MPLS, etc).
The following data is saved for each packet:
* The timestamp with millisecond resolution
2018-02-26 01:50:01 +00:00
* The packet length as it was “on the wire”
2014-11-09 06:05:52 +00:00
2018-02-04 23:15:02 +00:00
* The packet length as it’ s saved in the file
2014-11-09 06:05:52 +00:00
2018-02-04 23:15:02 +00:00
* The packet’ s raw bytes
2014-11-09 06:05:52 +00:00
A detailed description of the libpcap file format can be found at:
2015-03-10 17:46:50 +00:00
link:$$https://wiki.wireshark.org/Development/LibpcapFileFormat$$[]
2014-11-09 06:05:52 +00:00
[[ChIOFileNotContentSection]]
==== Not Saved in the Capture File
You should also know the things that are _not saved_ in capture files:
* Current selections (selected packet, ...)
* Name resolution information. See <<ChAdvNameResolutionSection>> for details
+
--
Pcapng files can optionally save name resolution information. Libpcap files
2018-02-26 01:50:01 +00:00
can’ t. Other file formats have varying levels of support.
2014-11-09 06:05:52 +00:00
--
* The number of packets dropped while capturing
2018-02-26 01:50:01 +00:00
* Packet marks set with “Edit/Mark Packet”
2014-11-09 06:05:52 +00:00
2018-02-26 01:50:01 +00:00
* Time references set with “Edit/Time Reference”
2014-11-09 06:05:52 +00:00
* The current display filter
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
[[ChConfigurationPluginFolders]]
2014-11-09 06:05:52 +00:00
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
=== Configuration File and Plugin Folders
2014-11-09 06:05:52 +00:00
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
To match the different policies for Unix-like systems and Windows, and
different policies used on different Unix-like systems, the folders
containing configuration files and plugins are different on different
platforms. We indicate the location of the top-level folders under
which configuration files and plugins are stored here, giving them
placeholder names independent of their actual location, and use those
names later when giving the location of the folders for configuration
files and plugins.
2014-11-09 06:05:52 +00:00
[TIP]
====
A list of the folders Wireshark actually uses can be found under the _Folders_
tab in the dialog box shown when you select _About Wireshark_ from the _Help_
menu.
====
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
==== Folders on Windows
2018-02-04 19:39:56 +00:00
_%APPDATA%_ is the personal application data folder, e.g.:
_C:\Users{backslash}**username**\AppData\Roaming\Wireshark_ (details can be
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
found at: <<ChWindowsProfiles>>).
2018-02-04 19:39:56 +00:00
_WIRESHARK_ is the Wireshark program folder, e.g.: _C:\Program
Files\Wireshark_.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
==== Folders on Unix-like systems
2018-02-04 19:39:56 +00:00
_$XDG_CONFIG_HOME_ is the folder for user-specific configuration files.
2018-02-04 23:15:02 +00:00
It’ s usually _$HOME/.config_, where _$HOME_ is the user’ s home folder, which
2020-03-08 08:22:30 +00:00
is usually something such as _/home/**username**_, or
2018-02-04 19:39:56 +00:00
_/Users/**username**_ on macOS.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
If you are using macOS and you are running a copy of Wireshark
installed as an application bundle, _APPDIR_ is the top-level directory
of the Wireshark application bundle, which will typically be
2018-02-04 19:39:56 +00:00
_/Applications/Wireshark.app_. Otherwise, _INSTALLDIR_ is the top-level
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
directory under which reside the subdirectories in which components of
Wireshark are installed. This will typically be `/usr` if Wireshark is
bundled with the system (for example, provided as a package with a Linux
2018-02-26 01:50:01 +00:00
distribution) and _/usr/local_ if, for example, you’ ve build Wireshark
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
from source and installed it.
[[ChAppFilesConfigurationSection]]
=== Configuration Files
Wireshark uses a number of configuration files while it is running. Some of these
reside in the personal configuration folder and are used to maintain information
between runs of Wireshark, while some of them are maintained in system areas.
2014-11-09 06:05:52 +00:00
The content format of the configuration files is the same on all platforms.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
On Windows:
2014-11-09 06:05:52 +00:00
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
* The personal configuration folder for Wireshark is the
2018-02-04 19:39:56 +00:00
_Wireshark_ sub-folder of that folder, i.e. _%APPDATA%\Wireshark_.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
* The global configuration folder for Wireshark is the Wireshark program
folder and is also used as the system configuration folder.
On Unix-like systems:
* The personal configuration folder is
2018-02-04 19:39:56 +00:00
_$XDG_CONFIG_HOME/wireshark_. For backwards compatibility with
Wireshark before 2.2, if _$XDG_CONFIG_HOME/wireshark_ does not
exist and _$HOME/.wireshark_ is present, then the latter will be used.
2014-11-09 06:05:52 +00:00
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
* If you are using macOS and you are running a copy of Wireshark
installed as an application bundle, the global configuration folder is
2018-02-04 19:39:56 +00:00
_APPDIR/Contents/Resources/share/wireshark_. Otherwise, the
global configuration folder is _INSTALLDIR/share/wireshark_.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
2018-02-04 19:39:56 +00:00
* The _/etc_ folder is the system configuration folder. The folder
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
actually used on your system may vary, maybe something like:
2018-02-04 19:39:56 +00:00
_/usr/local/etc_.
2014-11-09 06:05:52 +00:00
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
[[AppFilesTabFolders]]
.Configuration files overview
[options="header"]
2019-09-16 17:27:45 +00:00
|===
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
|File/Folder|Description
|_cfilters_|Capture filters.
|_colorfilters_|Coloring rules.
2020-05-25 18:26:43 +00:00
|__dfilter_buttons__|Display filter buttons.
|__dfilter_macros__|Display filter macros.
|_dfilters_|Display filters.
|__disabled_protos__|Disabled protocols.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
|_ethers_|Ethernet name resolution.
|_hosts_|IPv4 and IPv6 name resolution.
2020-05-25 18:26:43 +00:00
|_ipxnets_|IPX name resolution.
|_manuf_|Ethernet name resolution.
|_preferences_|Settings from the Preferences dialog box.
|_recent_|Per-profile GUI settings.
|__recent_common__|Common GUI settings.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
|_services_|Network services.
2020-05-25 18:26:43 +00:00
|_ss7pcs_|SS7 point code resolution.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
|_subnets_|IPv4 subnet name resolution.
|_vlans_|VLAN ID name resolution.
2019-09-16 17:27:45 +00:00
|===
2014-11-09 06:05:52 +00:00
2020-04-24 20:09:13 +00:00
[discrete]
2014-11-09 06:05:52 +00:00
===== File contents
2020-05-25 18:26:43 +00:00
cfilters::
2014-11-09 06:05:52 +00:00
+
--
This file contains all the capture filters that you have defined and saved. It
consists of one or more lines, where each line has the following format:
2020-05-25 18:26:43 +00:00
2014-11-09 06:05:52 +00:00
----
"<filter name>" <filter string>
----
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
At program start, if there is a _cfilters_ file in the personal
2018-02-26 01:50:01 +00:00
configuration folder, it is read. If there isn’ t a _cfilters_ file in
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
the personal configuration folder, then, if there is a _cfilters_ file
in the global configuration folder, it is read.
2018-02-26 01:50:01 +00:00
When you press the Save button in the “Capture Filters” dialog box,
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
all the current capture filters are written to the personal capture
filters file.
2014-11-09 06:05:52 +00:00
--
2020-05-25 18:26:43 +00:00
colorfilters::
2014-11-09 06:05:52 +00:00
+
--
2020-05-25 18:26:43 +00:00
This file contains all the color filters that you have defined and saved. It
consists of one or more lines, where each line has the following format:
2014-11-09 06:05:52 +00:00
----
2020-05-25 18:26:43 +00:00
@<filter name>@<filter string>@[<bg RGB(16-bit)>][<fg RGB(16-bit)>]
2014-11-09 06:05:52 +00:00
----
2020-05-25 18:26:43 +00:00
At program start, if there is a _colorfilters_ file in the personal
configuration folder, it is read. If there isn’ t a _colorfilters_ file
in the personal configuration folder, then, if there is a _colorfilters_
file in the global configuration folder, it is read.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
2020-05-25 18:26:43 +00:00
When you press the Save button in the “Coloring Rules” dialog box,
all the current color filters are written to the personal color filters
file.
2014-11-09 06:05:52 +00:00
--
2020-03-22 15:12:53 +00:00
dfilter_buttons::
2020-05-25 18:26:43 +00:00
+
--
2020-03-22 15:12:53 +00:00
This file contains all the display filter buttons that you have defined and
saved. It consists of one or more lines, where each line has the following
format:
2020-05-25 18:26:43 +00:00
2020-03-22 15:12:53 +00:00
----
"TRUE/FALSE","<button label>","<filter string>","<comment string>"
----
where the first field is TRUE if the button is enabled (shown).
2020-05-25 18:26:43 +00:00
At program start, if there is a __dfilter_buttons__ file in the personal
configuration folder, it is read. If there isn’ t a __dfilter_buttons__ file
in the personal configuration folder, then, if there is a __dfilter_buttons__
2020-03-22 15:12:53 +00:00
file in the global configuration folder, it is read.
When you save any changes to the filter buttons, all the current display
filter buttons are written to the personal display filter buttons file.
--
2019-12-14 19:47:44 +00:00
dfilter_macros::
2019-08-11 19:00:17 +00:00
+
--
2020-05-25 18:26:43 +00:00
This file contains all the display filter macros that you have defined and saved.
It consists of one or more lines, where each line has the following format:
2019-08-11 19:00:17 +00:00
----
"<macro name>" <filter string>
----
2020-05-25 18:26:43 +00:00
At program start, if there is a __dfilter_macros__ file in the personal
configuration folder, it is read. If there isn’ t a __dfilter_macros__ file
in the personal configuration folder, then, if there is a __dfilter_macros__
2019-08-11 19:00:17 +00:00
file in the global configuration folder, it is read.
When you press the Save button in the "Display Filter Macros" dialog box,
2020-03-22 15:12:53 +00:00
all the current display filter macros are written to the personal display
2019-08-11 19:00:17 +00:00
filter macros file.
More information about Display Filter Macros is available in
<<ChDisplayFilterMacrosSection>>
--
2020-05-25 18:26:43 +00:00
dfilters::
2014-11-09 06:05:52 +00:00
+
--
2020-05-25 18:26:43 +00:00
This file contains all the display filters that you have defined and saved. It
consists of one or more lines, where each line has the following format:
2014-11-09 06:05:52 +00:00
----
2020-05-25 18:26:43 +00:00
"<filter name>" <filter string>
2014-11-09 06:05:52 +00:00
----
2020-05-25 18:26:43 +00:00
At program start, if there is a _dfilters_ file in the personal
configuration folder, it is read. If there isn’ t a _dfilters_ file in
the personal configuration folder, then, if there is a _dfilters_ file
in the global configuration folder, it is read.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
2020-05-25 18:26:43 +00:00
When you press the Save button in the “Display Filters” dialog box,
all the current display filters are written to the personal display
filters file.
2014-11-09 06:05:52 +00:00
--
2019-12-14 19:47:44 +00:00
disabled_protos::
2014-11-09 06:05:52 +00:00
+
--
2020-05-25 18:26:43 +00:00
Each line in this file specifies a disabled protocol name. The following are
some examples:
2014-11-09 06:05:52 +00:00
----
tcp
udp
----
2020-05-25 18:26:43 +00:00
At program start, if there is a __disabled_protos__ file in the global
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
configuration folder, it is read first. Then, if there is a
2020-05-25 18:26:43 +00:00
__disabled_protos__ file in the personal configuration folder, that is
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
read; if there is an entry for a protocol set in both files, the setting
in the personal disabled protocols file overrides the setting in the
global disabled protocols file.
2018-02-26 01:50:01 +00:00
When you press the Save button in the “Enabled Protocols” dialog box,
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
the current set of disabled protocols is written to the personal
disabled protocols file.
2014-11-09 06:05:52 +00:00
--
2019-12-14 19:47:44 +00:00
ethers::
2020-05-25 18:26:43 +00:00
+
--
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
When Wireshark is trying to translate an hardware MAC address to
a name, it consults the _ethers_ file in the personal configuration
folder first. If the address is not found in that file, Wireshark
consults the _ethers_ file in the system configuration folder.
2020-05-25 18:26:43 +00:00
This file has the same format as the _/etc/ethers_ file on some Unix-like systems.
2014-11-09 06:05:52 +00:00
Each line in these files consists of one hardware address and name separated by
whitespace. The digits of hardware addresses are separated by colons (:), dashes
(-) or periods(.). The following are some examples:
----
ff-ff-ff-ff-ff-ff Broadcast
c0-00-ff-ff-ff-ff TR_broadcast
00.2b.08.93.4b.a1 Freds_machine
----
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
The settings from this file are read in when a MAC address is to be
translated to a name, and never written by Wireshark.
2014-11-09 06:05:52 +00:00
--
2020-05-25 18:26:43 +00:00
hosts::
2014-11-09 06:05:52 +00:00
+
--
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
Wireshark uses the entries in the _hosts_ files to translate IPv4 and
2014-11-09 06:05:52 +00:00
IPv6 addresses into names.
2020-05-25 18:26:43 +00:00
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
At program start, if there is a _hosts_ file in the global configuration
folder, it is read first. Then, if there is a _hosts_ file in the
personal configuration folder, that is read; if there is an entry for a
given IP address in both files, the setting in the personal hosts file
overrides the entry in the global hosts file.
2020-05-25 18:26:43 +00:00
2018-02-04 19:39:56 +00:00
This file has the same format as the usual _/etc/hosts_ file on Unix systems.
2014-11-09 06:05:52 +00:00
An example is:
----
# Comments must be prepended by the # sign!
192.168.0.1 homeserver
----
The settings from this file are read in at program start and never written by
Wireshark.
--
2020-05-25 18:26:43 +00:00
ipxnets::
+
--
When Wireshark is trying to translate an IPX network number to
a name, it consults the _ipxnets_ file in the personal configuration
folder first. If the address is not found in that file, Wireshark
consults the _ipxnets_ file in the system configuration folder.
An example is:
----
C0.A8.2C.00 HR
c0-a8-1c-00 CEO
00:00:BE:EF IT_Server1
110f FileServer3
----
The settings from this file are read in when an IPX network number is to
be translated to a name, and never written by Wireshark.
--
manuf::
+
--
At program start, if there is a _manuf_ file in the global configuration folder, it is read.
The entries in this file are used to translate MAC address prefixes into short and long manufacturer names.
2020-09-05 20:14:59 +00:00
Each line consists of a MAC address prefix followed by an abbreviated manufacturer name and the full manufacturer name.
2020-05-25 18:26:43 +00:00
Prefixes 24 bits long by default and may be followed by an optional length.
Note that this is not the same format as the _ethers_ file.
Examples are:
----
00:00:01 Xerox Xerox Corporation
00:50:C2:00:30:00/36 Microsof Microsoft
----
The settings from this file are read in at program start and never written by Wireshark.
--
preferences::
+
--
This file contains your Wireshark preferences, including defaults for capturing
and displaying packets. It is a simple text file containing statements of the
form:
----
variable: value
----
At program start, if there is a _preferences_ file in the global
configuration folder, it is read first. Then, if there is a
_preferences_ file in the personal configuration folder, that is read;
if there is a preference set in both files, the setting in the personal
preferences file overrides the setting in the global preference file.
If you press the Save button in the “Preferences” dialog box, all the
current settings are written to the personal preferences file.
--
recent::
+
--
This file contains GUI settings that are specific to the current profile, such as column widths and toolbar visibility.
It is a simple text file containing statements of the form:
----
variable: value
----
It is read at program start and written when preferences are saved and at program exit.
It is also written and read whenever you switch to a different profile.
--
recent_common::
+
--
2020-09-05 20:14:59 +00:00
This file contains common GUI settings, such as recently opened capture files, recently used filters, and window geometries.
2020-05-25 18:26:43 +00:00
It is a simple text file containing statements of the form:
----
variable: value
----
It is read at program start and written when preferences are saved and at program exit.
--
2019-12-14 19:47:44 +00:00
services::
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
+
2020-05-25 18:26:43 +00:00
--
Wireshark uses the _services_ files to translate port numbers into names.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
At program start, if there is a _services_ file in the global
configuration folder, it is read first. Then, if there is a _services_
file in the personal configuration folder, that is read; if there is an
entry for a given port number in both files, the setting in the personal
hosts file overrides the entry in the global hosts file.
2020-05-25 18:26:43 +00:00
2014-11-09 06:05:52 +00:00
An example is:
----
mydns 5045/udp # My own Domain Name Server
mydns 5045/tcp # My own Domain Name Server
----
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
The settings from these files are read in at program start and never
written by Wireshark.
2014-11-09 06:05:52 +00:00
--
2020-05-25 18:26:43 +00:00
ss7pcs::
+
--
Wireshark uses the _ss7pcs_ file to translate SS7 point codes to node names.
At program start, if there is a _ss7pcs_ file in the personal
configuration folder, it is read.
Each line in this file consists of one network indicator followed by a dash followed by a point code in decimal and a node name separated by whitespace or tab.
An example is:
----
2-1234 MyPointCode1
----
The settings from this file are read in at program start and never written by
Wireshark.
--
2019-12-14 19:47:44 +00:00
subnets::
2020-05-25 18:26:43 +00:00
+
--
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
Wireshark uses the __subnets__ files to translate an IPv4 address into a
subnet name. If no exact match from a __hosts__ file or from DNS is
found, Wireshark will attempt a partial match for the subnet of the
address.
2020-05-25 18:26:43 +00:00
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
At program start, if there is a _subnets_ file in the personal
configuration folder, it is read first. Then, if there is a _subnets_
file in the global configuration folder, that is read; if there is a
preference set in both files, the setting in the global preferences file
overrides the setting in the personal preference file.
2020-05-25 18:26:43 +00:00
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
Each line in one of these files consists of an IPv4 address, a subnet
2018-02-04 23:15:02 +00:00
mask length separated only by a “/” and a name separated by whitespace.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
While the address must be a full IPv4 address, any values beyond the
mask length are subsequently ignored.
2014-11-09 06:05:52 +00:00
An example is:
----
# Comments must be prepended by the # sign!
192.168.0.0/24 ws_test_network
----
2018-02-04 23:15:02 +00:00
A partially matched name will be printed as “subnet-name.remaining-address”.
For example, “192.168.0.1” under the subnet above would be printed as
2018-02-26 01:50:01 +00:00
“ws_test_network.1”; if the mask length above had been 16 rather than 24, the
2018-02-04 23:15:02 +00:00
printed address would be “ws_test_network.0.1”.
2014-11-09 06:05:52 +00:00
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
The settings from these files are read in at program start and never
written by Wireshark.
2014-11-09 06:05:52 +00:00
--
2020-05-25 18:26:43 +00:00
vlans::
2014-11-09 06:05:52 +00:00
+
--
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
Wireshark uses the _vlans_ file to translate VLAN tag IDs into names.
2020-05-25 18:26:43 +00:00
2019-05-27 19:51:07 +00:00
If there is a _vlans_ file in the currently active profile folder, it is used. Otherwise the _vlans_ file in the personal configuration folder is used.
2020-05-25 18:26:43 +00:00
2016-03-22 13:11:51 +00:00
Each line in this file consists of one VLAN tag ID and a describing name separated by whitespace or tab.
An example is:
----
123 Server-LAN
2049 HR-Client-LAN
----
2019-05-27 19:51:07 +00:00
The settings from this file are read in at program start or when changing
the active profile and are never written by Wireshark.
2016-03-22 13:11:51 +00:00
--
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
[[ChPluginFolders]]
=== Plugin folders
Wireshark supports plugins for various purposes. Plugins can either be
2018-02-04 19:39:56 +00:00
scripts written in Lua or code written in C or {cpp} and compiled to
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
machine code.
Wireshark looks for plugins in both a personal plugin folder and a
global plugin folder. Lua plugins are stored in the plugin folders;
compiled plugins are stored in subfolders of the plugin folders, with
2017-09-30 23:56:03 +00:00
the subfolder name being the Wireshark minor version number (X.Y). There is
2019-02-03 02:15:13 +00:00
another hierarchical level for each Wireshark plugin type (libwireshark,
libwiretap and codecs). So for example the location for a libwireshark plugin
2018-02-04 19:39:56 +00:00
_foo.so_ (_foo.dll_ on Windows) would be _PLUGINDIR/X.Y/epan_
(libwireshark used to be called libepan; the other folder names are _codecs_
and _wiretap_).
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
On Windows:
2018-02-04 19:39:56 +00:00
* The personal plugin folder is _%APPDATA%\Wireshark\plugins_.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
2018-02-04 19:39:56 +00:00
* The global plugin folder is _WIRESHARK\plugins_.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
On Unix-like systems:
2018-02-04 19:39:56 +00:00
* The personal plugin folder is _~/.local/lib/wireshark/plugins_.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
2017-09-19 11:12:31 +00:00
[NOTE]
====
To provide better support for binary plugins this folder changed in Wireshark 2.5.
It is recommended to use the new folder but *for lua scripts only* you may
2018-02-04 19:39:56 +00:00
continue to use _$XDG_CONFIG_HOME/wireshark/plugins_ for backward-compatibility.
2017-09-19 11:12:31 +00:00
This is useful to have older versions of Wireshark installed side-by-side. In case
of duplicate file names between old and new the new folder wins.
====
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
* If you are running on macOS and Wireshark is installed as an
application bundle, the global plugin folder is
2018-02-04 23:15:02 +00:00
_%APPDIR%/Contents/PlugIns/wireshark_, otherwise it’ s
2018-02-04 19:39:56 +00:00
_INSTALLDIR/lib/wireshark/plugins_.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
2014-11-09 06:05:52 +00:00
[[ChWindowsFolder]]
=== Windows folders
Here you will find some details about the folders used in Wireshark on different
Windows versions.
2018-02-26 01:50:01 +00:00
As already mentioned, you can find the currently used folders in the “About
Wireshark” dialog.
2014-11-09 06:05:52 +00:00
[[ChWindowsProfiles]]
==== Windows profiles
Windows uses some special directories to store user configuration files which
2018-02-26 01:50:01 +00:00
define the “user profile”. This can be confusing, as the default directory
2014-11-09 06:05:52 +00:00
location changed from Windows version to version and might also be different for
English and internationalized versions of Windows.
[NOTE]
====
2018-02-26 01:50:01 +00:00
If you’ ve upgraded to a new Windows version, your profile might be kept in the
2014-11-09 06:05:52 +00:00
former location. The defaults mentioned here might not apply.
====
2018-02-04 23:15:02 +00:00
The following guides you to the right place where to look for Wireshark’ s
2014-11-09 06:05:52 +00:00
profile data.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Vista, and associated server editions::
2018-02-04 19:39:56 +00:00
_C:\Users{backslash}**username**\AppData\Roaming\Wireshark_.
2014-11-09 06:05:52 +00:00
2020-01-13 02:11:40 +00:00
Windows XP and Windows Server 2003 footnote:historical[No longer supported by Wireshark. For historical reference only.]::
2018-02-26 01:50:01 +00:00
_C:\Documents and Settings{backslash}**username**\Application Data_. “Documents and
Settings” and “Application Data” might be internationalized.
2014-11-09 06:05:52 +00:00
[[ChWindowsRoamingProfiles]]
==== Windows roaming profiles
Some larger Windows environments use roaming profiles. If this is the case the
2018-02-26 01:50:01 +00:00
configurations of all programs you use won’ t be saved on your local hard drive.
2014-11-09 06:05:52 +00:00
They will be stored on the domain server instead.
Your settings will travel with you from computer to computer with one exception.
2018-02-26 01:50:01 +00:00
The “Local Settings” folder in your profile data (typically something like:
2018-02-04 19:39:56 +00:00
_C:\Documents and Settings{backslash}**username**\Local Settings_) will not be
2014-11-09 06:05:52 +00:00
transferred to the domain server. This is the default for temporary capture
files.
[[ChWindowsTempFolder]]
==== Windows temporary folder
Wireshark uses the folder which is set by the TMPDIR or TEMP environment
variable. This variable will be set by the Windows installer.
Clean up configuration file and plugin folder description.
Have a separate section, before all the others, giving the top-level
directories under which those folders are placed, with names for use in
later sections.
Update the example personal application data folder on Windows to the NT
6.x-and-beyond standard.
Don't give the pathnames for configuration files in the table, just give
the name and the description.
For the global files, distinguish between macOS and other Unix-like
systems, and, for the latter, mention both /usr/XXX and /usr/local/XXX.
The preferences file isn't "wireshark.conf", and hasn't been that for
quite a while.
For all the configuration files, give the details of personal vs. global
files - they're different for different files.
Have separate sections for configuration files and plugin folders. For
plugin folders, note both the use of the top-level plugin folder for Lua
scripts and the use of the per-Wireshark-version subfolder for compiled
plugins.
Use fixed-format text for the non-variable parts of pathnames, and
italics for the variable parts.
This should, among other things, make it easier for other documents,
such as the Lua documentation in the Wireshark wiki, to refer to folders
such as the configuration file and plugin folders.
Change-Id: I133c1e159e992827458bee64c4f37be5b50f9b6f
Reviewed-on: https://code.wireshark.org/review/23060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-08-13 08:46:51 +00:00
Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Vista, and associated server editions::
2018-02-04 19:39:56 +00:00
_C:\Users{backslash}**username**\AppData\Local\Temp_
2014-11-09 06:05:52 +00:00
2020-01-13 02:11:40 +00:00
Windows XP and Windows Server 2003 footnote:historical[]::
2018-02-04 19:39:56 +00:00
_C:\Documents and Settings{backslash}**username**\Local Settings\Temp_
2014-11-09 06:05:52 +00:00
2018-02-05 16:59:45 +00:00
// End of WSUG Appendix Files