On Jul 11, 2019, at 2:32 PM, Christian Kreibich <christ...@corelight.com> wrote:
> How do people here feel about adding the ability to see Community ID flow > hashes in Wireshark? I.e., compute the community ID for the flow to which a packet belongs, and add it to the protocol tree as a calculated field? > For context, this is a standardized implementation of flow hashing, to > simplify linking/pivoting flows across data sets. There's more detail below, > including a Python implementation How about a higher-level pseudo-code description of the algorithm? That way, it 1) doesn't require the implementer to know Python, 2) doesn't include irrelevant details such as code to use dpkt to read a pcap file, etc.. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
