osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Add sections for SMI and GeoIP. Sort the UAT sections. 

svn path=/trunk/; revision=26582
This commit is contained in:
Gerald Combs 2008-10-27 18:55:27 +00:00
parent 749f4359eb
commit 2c964392a7
1 changed files with 198 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

320
docbook/wsug_src/WSUG_chapter_customize.xml
View File

@ -600,7 +600,7 @@ standard libpcap format.
create a coloring rule based on the currently selected conversation. It will
try to create a conversation filter based on TCP first, then UDP, then IP
and at last Ethernet. Temporary filters can also be created by selecting
the "Colorize with Filter > Color X" menu items when rightclicking in the
the "Colorize with Filter > Color X" menu items when rightclicking in the
packet-detail pane.
</para>
@ -944,9 +944,9 @@ standard libpcap format.
<section id="ChCustInterfaceOptionsSection"><title>Interface Options</title>
<para>
In the Capture preferences it is possible to configure several options for the interfaces
available on your computer. Select the <command>Capture</command> pane and press the
available on your computer. Select the <command>Capture</command> pane and press the
Interfaces: <command>Edit</command> button. In this window it is possible to change the
default link-layer header type for the interface, add a comment or choose to hide a
default link-layer header type for the interface, add a comment or choose to hide a
interface from other parts of the program.
</para>
<figure id="ChCustInterfaceOptionsPage">
@ -962,15 +962,15 @@ standard libpcap format.
<para><command>Description</command>: provided by the operating system.</para>
</listitem>
<listitem>
<para><command>Default link-layer</command>: each interface may provide several
link-layer header types. The default link-layer chosen here is the one used when you
first start Wireshark. It is also possible to change this value in
<para><command>Default link-layer</command>: each interface may provide several
link-layer header types. The default link-layer chosen here is the one used when you
first start Wireshark. It is also possible to change this value in
<xref linkend="ChCapCaptureOptions"/> when you start a capture.
For a detailed description, see <xref linkend="ChCapLinkLayerHeader"/>.</para>
</listitem>
<listitem>
<para><command>Comment</command>: a user provided description of the interface.
This comment will be used as a description instead of the operating system
<para><command>Comment</command>: a user provided description of the interface.
This comment will be used as a description instead of the operating system
description.</para>
</listitem>
<listitem>
@ -985,7 +985,7 @@ standard libpcap format.
<para>
Configuration Profiles can be used to configure and use more than one set of preferences
and configurations. Select the <command>Configuration Profiles...</command> menu item from
the <command>Edit</command> menu, or simply press Shift-Ctrl-A; and Wireshark will pop up the
the <command>Edit</command> menu, or simply press Shift-Ctrl-A; and Wireshark will pop up the
Configuration Profiles dialog box as shown in <xref linkend="ChCustGUIConfigProfilesPage"/>.
It is also possible to click in the "Profile" part of the statusbar to popup a menu with
available Configuration Profiles (<xref linkend="ChUseWiresharkStatusbarProfile"/>).
@ -1027,6 +1027,11 @@ standard libpcap format.
Display Filter Macros (dfilter_macros) (<xref linkend="ChDisplayFilterMacrosSection"/>)
</para>
</listitem>
<listitem>
<para>
GeoIP Database Paths (geoip_db_paths) (<xref linkend="ChGeoIPDbPaths"/>)
</para>
</listitem>
<listitem>
<para>
K12 Protocols (k12_protos) (<xref linkend="ChK12ProtocolsSection"/>)
@ -1034,7 +1039,17 @@ standard libpcap format.
</listitem>
<listitem>
<para>
User DLTs Table (user_dlts) (<xref linkend="ChUserDLTsSection"/>)
SCCP Users Table (sccp_users) (<xref linkend="ChSccpUsers"/>)
</para>
</listitem>
<listitem>
<para>
SMI Modules (smi_modules) (<xref linkend="ChSNMPSMIModules"/>)
</para>
</listitem>
<listitem>
<para>
SMI Paths (smi_paths) (<xref linkend="ChSNMPSMIPaths"/>)
</para>
</listitem>
<listitem>
@ -1044,7 +1059,7 @@ standard libpcap format.
</listitem>
<listitem>
<para>
SCCP Users Table (sccp_users) (<xref linkend="ChSccpUsers"/>)
User DLTs Table (user_dlts) (<xref linkend="ChUserDLTsSection"/>)
</para>
</listitem>
</itemizedlist>
@ -1052,7 +1067,7 @@ standard libpcap format.
</listitem>
<listitem>
<para>
Some recent settings (recent), such as pane sizes in the Main window
Some recent settings (recent), such as pane sizes in the Main window
(<xref linkend="ChUseMainWindowSection"/>), column widths in the packet list
(<xref linkend="ChUsePacketListPaneSection"/>), all selections in the "View" menu
(<xref linkend="ChUseViewMenuSection"/>) and the last directory navigated to in the
@ -1084,7 +1099,7 @@ standard libpcap format.
<varlistentry><term><command>Delete</command></term>
<listitem>
<para>
This button deletes the selected profile, including all configuration
This button deletes the selected profile, including all configuration
files used in this profile. It is not possible to delete the "Default" profile.
</para>
</listitem>
@ -1092,7 +1107,7 @@ standard libpcap format.
<varlistentry><term><command>Configuration Profiles</command></term>
<listitem>
<para>
You can select a configuration profile from this list (which will fill
You can select a configuration profile from this list (which will fill
in the profile name in the fields down at the bottom of the dialog box).
</para>
</listitem>
@ -1104,7 +1119,7 @@ standard libpcap format.
</para>
<note><title>Used as a folder name</title>
<para>
The profile name will be used as a folder name in the configured
The profile name will be used as a folder name in the configured
"Personal configurations" folder. If adding multiple profiles with the
same name, only one profile will be created.
</para>
@ -1194,6 +1209,31 @@ standard libpcap format.
</section>
<section id="ChGeoIPDbPaths"><title>GeoIP Database Paths</title>
<para>
If your copy of Wireshark supports <ulink url="http://www.maxmind.com/">MaxMind's</ulink> GeoIP library, you can use their databases to match IP addresses to countries, cites, autonomous system numbers, ISPs, and other bits of information. Some databases are <ulink url="http://www.maxmind.com/download/geoip/database/">available at no cost</ulink>, while others require a licensing fee. See <ulink url="http://www.maxmind.com/app/ip-location">the MaxMind web site</ulink> for more information.
</para>
<para>
This table is handled by an <xref linkend="ChUserTable"/> with the following fields.
</para>
<variablelist>
<varlistentry><term><command>path</command></term>
<listitem>
<para>
This specifies a directory containing GeoIP data files. Any files
beginning with <filename>Geo</filename> and ending with
<filename>.dat</filename> will be automatically loaded. A total of 8
files can be loaded.
</para>
<para>
The locations for your data files are up to you, but <filename class='directory'>/usr/share/GeoIP</filename> (Linux), <filename class='directory'>C:\GeoIP</filename> (Windows), <filename class='directory'>C:\Program Files\Wireshark\GeoIP</filename> (Windows) might be good choices.
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section id="ChK12ProtocolsSection"><title>Tektronix K12xx/15 RF5 protocols Table</title>
<para>
The Tektronix K12xx/15 rf5 file format uses helper files (*.stk) to identify the various protocols that are
@ -1225,6 +1265,149 @@ standard libpcap format.
</section>
<section id="ChSccpUsers"><title>SCCP users Table</title>
<para>
Wireshark uses this table to map specific protocols to a certain DPC/SSN combination for SCCP.
</para>
<para>
This table is handled by an <xref linkend="ChUserTable"/> with the following fields.
</para>
<variablelist>
<varlistentry><term><command>ni</command></term>
<listitem>
<para>
An Integer representing the network indicator for which this association is valid.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>called_pc</command></term>
<listitem>
<para>
An range of integers representing the dpcs for which this association is valid.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>called_ssn</command></term>
<listitem>
<para>
An range of integers representing the ssns for which this association is valid.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>user</command></term>
<listitem>
<para>
The protocol that is carried over this association
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section id="ChSNMPSMIModules"><title>SMI (MIB and PIB) Modules</title>
<para>
If your copy of Wireshark supports libSMI, you can specify a list of MIB
and PIB modules here. The COPS and SNMP dissectors can use them to resolve
OIDs.
</para>
<variablelist>
<varlistentry><term><command>name</command></term>
<listitem>
<para>
The name of the module, e.g. <database>IF-MIB</database>.
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section id="ChSNMPSMIPaths"><title>SMI (MIB and PIB) Paths</title>
<para>
If your copy of Wireshark supports libSMI, you can specify one or more
paths to MIB and PIB modules here.
</para>
<variablelist>
<varlistentry><term><command>name</command></term>
<listitem>
<para>
A module directory, e.g. <filename
class='directory'>/usr/local/snmp/mibs</filename>. Wireshark
automatically uses the standard SMI path for your system, so you
usually don't have to add anything here.
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section id="ChSNMPUsersSection"><title>SNMP users Table</title>
<para>
Wireshark uses this table to verify authentication and to decrypt encrypted SNMPv3 packets.
</para>
<para>
This table is handled by an <xref linkend="ChUserTable"/> with the following fields.
</para>
<variablelist>
<varlistentry><term><command>engine_id</command></term>
<listitem>
<para>
If given this entry will be used only for packets whose engine id is this.
This field takes an hexadecimal string in the form 0102030405.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>userName</command></term>
<listitem>
<para>
This is the userName. When a single user has more than one password
for different SNMP-engines the first entry to match both is taken, if you
need a catch all engine-id (empty) that entry should be the last one.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>auth_model</command></term>
<listitem>
<para>
Which auth model to use (either "MD5" or "SHA1").
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>authPassword</command></term>
<listitem>
<para>
The authentication password. Use '\xDD' for unprintable characters.
An hexadecimal password must be entered as a sequence of '\xDD' characters.
For example the hex password 010203040506 must be entered as '\x01\x02\x03\x04\x05\x06'.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>priv_proto</command></term>
<listitem>
<para>
Which encryption algorithm to use (either "DES" or "AES").
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>privPassword</command></term>
<listitem>
<para>
The privacy password. Use '\xDD' for unprintable characters.
An hexadecimal password must be entered as a sequence of '\xDD' characters.
For example the hex password 010203040506 must be entered as '\x01\x02\x03\x04\x05\x06'.
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section id="ChUserDLTsSection"><title>User DLTs protocol table</title>
<para>
When a pcap file uses one of the user DLTs (147 to 162) wireshark uses this table to know which protocol(s) to use for each user DLT.
@ -1280,113 +1463,6 @@ standard libpcap format.
</section>
<section id="ChSNMPUsersSection"><title>SNMP users Table</title>
<para>
Wireshark uses this table to verify authentication and to decrypt encrypted SNMPv3 packets.
</para>
<para>
This table is handled by an <xref linkend="ChUserTable"/> with the following fields.
</para>
<variablelist>
<varlistentry><term><command>engine_id</command></term>
<listitem>
<para>
If given this entry will be used only for packets whose engine id is this.
This field takes an hexadecimal string in the form 0102030405.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>userName</command></term>
<listitem>
<para>
This is the userName. When a single user has more than one password
for different SNMP-engines the first entry to match both is taken, if you
need a catch all engine-id (empty) that entry should be the last one.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>auth_model</command></term>
<listitem>
<para>
Which auth model to use (either "MD5" or "SHA1").
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>authPassword</command></term>
<listitem>
<para>
The authentication password. Use '\xDD' for unprintable characters.
An hexadecimal password must be entered as a sequence of '\xDD' characters.
For example the hex password 010203040506 must be entered as '\x01\x02\x03\x04\x05\x06'.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>priv_proto</command></term>
<listitem>
<para>
Which encryption algorithm to use (either "DES" or "AES").
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>privPassword</command></term>
<listitem>
<para>
The privacy password. Use '\xDD' for unprintable characters.
An hexadecimal password must be entered as a sequence of '\xDD' characters.
For example the hex password 010203040506 must be entered as '\x01\x02\x03\x04\x05\x06'.
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section id="ChSccpUsers"><title>SCCP users Table</title>
<para>
Wireshark uses this table to map specific protocols to a certain DPC/SSN combination for SCCP.
</para>
<para>
This table is handled by an <xref linkend="ChUserTable"/> with the following fields.
</para>
<variablelist>
<varlistentry><term><command>ni</command></term>
<listitem>
<para>
An Integer representing the network indicator for which this association is valid.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>called_pc</command></term>
<listitem>
<para>
An range of integers representing the dpcs for which this association is valid.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>called_ssn</command></term>
<listitem>
<para>
An range of integers representing the ssns for which this association is valid.
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>user</command></term>
<listitem>
<para>
The protocol that is carried over this association
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
</chapter>
<!-- End of WSUG Chapter Customizing -->