James_inthe_box

Wireshark Columns

Sep 30th, 2017
558
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. this goes in your wireshark/preferences file.
  2. the TCP Flags requires this: https://blog.didierstevens.com/2014/04/28/tcp-flags-for-wireshark/
  3.  
  4. # Packet list column format
  5. # Each pair of strings consists of a column title and its format
  6. gui.column.format:
  7. "No.", "%m",
  8. "Time", "%t",
  9. "Source", "%s",
  10. "SrcPrt", "%uS",
  11. "Destination", "%d",
  12. "DstPrt", "%uD",
  13. "Protocol", "%p",
  14. "Size", "%L",
  15. "data.len", "%Cus:data.len:0:U",
  16. "tcplen", "%Cus:tcp.len:0:U",
  17. "udplen", "%Cus:udp.length:0:R",
  18. "host", "%Cus:http.host:0:U",
  19. "sni", "%Cus:ssl.handshake.extensions_server_name:0:R",
  20. "Info", "%i",
  21. "UA", "%Cus:http.user_agent:0:U",
  22. "http.auth", "%Cus:http.authorization:0:U",
  23. "Syn", "%Cus:tcp.seq:0:U",
  24. "Ack", "%Cus:tcp.ack:0:U",
  25. "cipher", "%Cus:ssl.handshake.ciphersuite:0:R",
  26. "TCP Flags", "%Cus:tcpflags.flags:0:U"
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×