04-11-2012 12:14 AM - edited 11-18-2020 02:58 AM
- Now the coloring rule file supports Wireshark 2.4.0. Fixed some old obsolete syntax which is no longer supported in 2.4.0.
- Added some 802.11 and Cisco proprietary frames.
- Disabled CAPWAP_Control to pay attention to CAPWAP Heartbeat frames. You can enable it again at anytime.
These files are coloring rule files for Wireshark version 1.6.0 - 2.2.8 and version 2.4.0.
(Verified on Mac OS X10.6, 10.11.6, X Window System, and the latest Windows 7 Professional)
Note: The order of each coloring rule is important. You may override existing rules by changing the order. Some protocols like TCP, HTTP, and FCS checksum which are default rule are disabled intentionally in order to give your attention to more important frames.
This rule has been described by hosaki and may contain old/wrong formula. Please feel free to contact me on CSC if you had noticed anything.
Coloring Rule Snapshot
Result of colored sniffer file
Really useful and worth to recommend.
Thank you for the comment! Please feel free to suggest any enhancements for this ruling file.
It's greatly appreciated if you could rate my work by adding Stars
Regards,
Hideyuki
Coloring rule is updated.
- Minor bug fix
- Added some wireless protocols
Verified at Version 1.9.2 running on OSX 10.8.6
Fixed a broken link for attachment. Apologize for inconvenience.
Hello Hideyuki,
Could you upload the "Coloring_Rule_Snapshot.png" and "Result_of_coloring.png" as it is showing error and file is missing.
Thank you for sharing such an vital information with community users +5 :-)
Regards,
Vinay Sharma
Community Manager
CCIE#44972
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: