This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.

Attachment 'Arv_Coloring_Rules.txt'

Download

   1 # DO NOT EDIT THIS FILE!  It was created by Ethereal
   2 @HSRP state change@hsrp.state != 8 && hsrp.state != 16@[0,0,0][65535,63222,0]
   3 @SpanningTree Topology  Change@stp.type == 0x80@[0,0,0][65535,63222,0]
   4 @ospf state change@ospf.msg != 1@[0,0,0][65535,63222,0]
   5 @TCP Analysis@tcp.analysis.flags@[37008,0,0][65535,65535,65535]
   6 @Low TTL@ip.ttl < 5@[37008,0,0][65535,65535,65535]
   7 @Bad IP CRC@ip.checksum_bad@[37008,0,0][65535,65535,65535]
   8 @Bad UDP CRC@udp.checksum_bad@[37008,0,0][65535,65535,65535]
   9 @Bad TCP CRC@tcp.checksum_bad@[37008,0,0][65535,65535,65535]
  10 @TCP Seg Conflict@tcp.segment.overlap.conflict@[37008,0,0][65535,65535,65535]
  11 @TCP Long Frag Seg@tcp.segment.toolongfragment@[37008,0,0][65535,65535,65535]
  12 @TCP Seg Overlap@tcp.segment.overlap@[37008,0,0][65535,65535,65535]
  13 @TCP Seg Error@tcp.segment.error@[37008,0,0][65535,65535,65535]
  14 @ICMP Destination Unreachable@icmp.type == 3@[65535,26214,26214][65535,65535,65535]
  15 @ICMP Source Quench@icmp.type == 4@[65535,26214,26214][65535,65535,65535]
  16 @ICMP Time Exceeded@icmp.type == 11@[65535,26214,26214][65535,65535,65535]
  17 @ICMP Parameter Problem@icmp.type == 12@[65535,26214,26214][65535,65535,65535]
  18 @HTTP Server error@http.response.code >= 500 and http.response.code < 600@[65535,43690,43690][514,0,27756]
  19 @HTTP Client error@http.response.code >= 400 and http.response.code < 500@[65535,65535,43690][514,0,27756]
  20 @FTP error@ftp.response.code >= 500 and ftp.response.code < 600@[65535,43690,43690][514,0,27756]
  21 @FTP error@ftp.response.code >= 400 and ftp.response.code < 500@[65535,65535,43690][514,0,27756]
  22 @SMTP error@smtp.response.code >= 500 and smtp.response.code < 600@[65535,43690,43690][514,0,27756]
  23 @SMTP error@smtp.response.code >= 400 and smtp.response.code < 500@[65535,65535,43690][514,0,27756]
  24 @DNS error@dns.flags.rcode > 0@[64250,43690,43690][514,0,27756]
  25 @LDAP error@ldap.result.code > 0x0@[64250,43690,43690][514,0,27756]
  26 @SSL error@pct.msg_error_code@[64250,43690,43690][0,0,0]
  27 @Tcp.RST@tcp.flags.reset==1@[65021,56797,56797][0,0,0]
  28 @Unwanted Protocols@spx || ipx || aarp || aim@[65535,65535,65535][65535,0,0]
  29 @from my PC@eth.src == Yo:ur:MA:C_:ad:dr@[62194,65535,65535][36739,2963,0]
  30 @to my PC@eth.dst == Yo:ur:MA:C_:ad:dr@[62194,65535,65535][457,0,27802]
  31 @http request@http.request@[65535,65535,65535][36751,3084,0]
  32 @http response@http.response@[65535,65535,65535][514,0,27756]
  33 @TCP General Client@tcp.srcport >= 1024 && tcp.dstport <= 1024@[65535,65535,65535][36751,3084,0]
  34 @TCP General Server@tcp.srcport <= 1024 && tcp.dstport >=1024@[65535,65535,65535][514,0,27756]
  35 @ICMP request@icmp && icmp.type == 8 || icmp.type == 13 || icmp.type == 15 || icmp.type == 17 || icmp.type == 35 || icmp.type == 37@[65535,65535,65535][36751,3084,0]
  36 @ICMP response@icmp && icmp.type == 0 || icmp.type == 14 || icmp.type == 16 || icmp.type == 18 || icmp.type == 36 || icmp.type == 38@[65535,65535,65535][514,0,27756]
  37 @DNS query@dns.flags.response == 0@[65535,65535,65535][36751,3084,0]
  38 @DNS response@dns.flags.response == 1@[65535,65535,65535][514,0,27756]
  39 @BOOTP/DHCP request@bootp.type == 1@[65535,65535,65535][36751,3084,0]
  40 @BOOTP/DHCP response@bootp.type == 2@[65535,65535,65535][514,0,27756]
  41 @NW Traf@stp.protocol || cdp || hsrp || vrrp || ospf || bgp || eigrp || rip || rtmp || eth.addr == 01:00:0c:cc:cc:cc@[65535,65535,65535][21845,21845,21845]

Attached Files

To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.
  • [get | view] (2004-09-24 00:28:39, 1.3 KB) [[attachment:Another Color Filter]]
  • [get | view] (2004-09-24 00:35:11, 1.3 KB) [[attachment:Another_Color_Filter]]
  • [get | view] (2004-11-28 15:19:45, 3.3 KB) [[attachment:Arv Coloring Rules.txt]]
  • [get | view] (2004-11-28 15:37:09, 3.3 KB) [[attachment:Arv_Coloring_Rules.txt]]
  • [get | view] (2005-01-29 12:53:02, 1.0 KB) [[attachment:DCE_RPC_Coloring_Rules.txt]]
  • [get | view] (2004-09-30 15:20:36, 0.8 KB) [[attachment:JaysEtherealColorFilters]]
  • [get | view] (2004-09-10 22:21:20, 0.6 KB) [[attachment:Sample_color_filter.txt]]
  • [get | view] (2005-07-28 15:10:05, 2.0 KB) [[attachment:Wireless_Etherealcolor_Pedrick]]
  • [get | view] (2008-05-27 16:02:48, 0.0 KB) [[attachment:Wireless_Wiresharkcolor_Pedrick]]
  • [get | view] (2015-04-16 07:20:42, 1.6 KB) [[attachment:Wireshark-Wlan-ColouringRules.txt]]
  • [get | view] (2004-10-22 18:19:02, 1.8 KB) [[attachment:Yet_Another_Color_Filter.txt]]
  • [get | view] (2005-02-08 18:26:50, 1.8 KB) [[attachment:Yet_Another_Color_Filter2.txt]]
  • [get | view] (2005-02-08 18:35:13, 1.9 KB) [[attachment:Yet_Another_Color_Filter3.txt]]
  • [get | view] (2005-01-18 20:36:20, 0.3 KB) [[attachment:iscsicolor.txt]]
 All files | Selected Files: delete move to page copy to page

You are not allowed to attach a file to this page.