James_inthe_box

Wireshark Columns

Sep 30th, 2017
495
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. this goes in your wireshark/preferences file.
  2. the TCP Flags requires this: https://blog.didierstevens.com/2014/04/28/tcp-flags-for-wireshark/
  3.  
  4. # Packet list column format
  5. # Each pair of strings consists of a column title and its format
  6. gui.column.format:
  7. "No.", "%m",
  8. "Time", "%t",
  9. "Source", "%s",
  10. "SrcPrt", "%uS",
  11. "Destination", "%d",
  12. "DstPrt", "%uD",
  13. "Protocol", "%p",
  14. "Size", "%L",
  15. "data.len", "%Cus:data.len:0:U",
  16. "tcplen", "%Cus:tcp.len:0:U",
  17. "udplen", "%Cus:udp.length:0:R",
  18. "host", "%Cus:http.host:0:U",
  19. "sni", "%Cus:ssl.handshake.extensions_server_name:0:R",
  20. "Info", "%i",
  21. "UA", "%Cus:http.user_agent:0:U",
  22. "http.auth", "%Cus:http.authorization:0:U",
  23. "Syn", "%Cus:tcp.seq:0:U",
  24. "Ack", "%Cus:tcp.ack:0:U",
  25. "cipher", "%Cus:ssl.handshake.ciphersuite:0:R",
  26. "TCP Flags", "%Cus:tcpflags.flags:0:U"
RAW Paste Data