On Mon, 24 May 2021 at 16:22, Jason Cohen <kryojen...@gmail.com> wrote:
> One thing that has bothered me for years has been the TCP flags filters. > > The 6 primary TCP flags are: > SYN > ACK > PSH > RST > URG > FIN > > Then you get into the CWR, NS, ECE (ECN), etc... > > The filters in Wireshark all use the accepted, known abbreviations save > for RST and PSH. Those are spelled out as tcp.flags.reset and > tcp.flags.push. > > Is there history, reasoning for this? Should there be some level of > consistency? I certainly do not advocate for tcp.flags.acknowledgement or > tcp.flags.syncronize. However, I think it would be reasonable for reset > and push to be replaced with "rst" and "psh" respectively. Perhaps an > alias to allow the spelled out filters to continue to work. > > While consistency is good and the change seems simple, it will break many existing workflows and "muscle memory" and all the many guides\manuals etc. out there. An alias would help going forwards but I think users may still become confused. I class this as the type of change that really needs a time machine to allow the correct implementation at the start or maybe a Neuralyzer ( https://meninblack.fandom.com/wiki/Neuralyzer) -- Graham Bloice
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
