On Apr 19, 2014, at 12:24 PM, Richard Sharpe
wrote:
> One think I would like to be able to do is "Show me all the SMB2
> requests where the smb2.flags.is_response == true && smb2.nt_status !=
> NT_STATUS_SUCCESS"
Presumably you mean "show me all the SMB2 transactions (requests and matching
re
Hi folks,
I use Wireshark a lot, but of late I am coming across more and more
deficiencies.
One think I would like to be able to do is "Show me all the SMB2
requests where the smb2.flags.is_response == true && smb2.nt_status !=
NT_STATUS_SUCCESS"
One way to achieve this might be to split the upp
On Apr 19, 2014, at 11:58 AM, Ateeth Kumar Thirukkovulur
wrote:
> Not exactly.
>
> Suppose I want to include a NOT operator in the display filter. Say "! tcp".
> Which code must I change? I know it already exists. Where do I include the
> symbols n expressions for newly added terms.
>
> Do
Not exactly.
Suppose I want to include a NOT operator in the display filter. Say "!
tcp". Which code must I change? I know it already exists. Where do I
include the symbols n expressions for newly added terms.
Do you get what I am saying?
On Apr 18, 2014 4:38 PM, "Guy Harris" wrote:
>
> On Apr
