MATE: Getting Started

MATE needs testers, modules for matelib, example files etc. So if you know the protocols you are working with and want to help making MATE work, you are welcome on board.

Other Ideas on what MATE should do might come from other people using it, see Mate/Discussion.

These are the steps to try out MATE:

  • get a configuration file e.g. tcp.mate (see Mate/Examples for more) and place it somewhere on your harddisk (e.g. D:\tcp.mate on win32)

  • go to Preferences->mate and set the config filename to the file you want to use (e.g. D:\tcp.mate on win32), you don't have to restart Wireshark smiley

  • load a corresponding capture file (e.g. SampleCaptures/http.cap) and see if MATE has added some new display filter fields, something like: mate tcp_pdu:1->tcp_ses:1

  • or, at prompt: path_to/wireshark -o "mate.config: tcp.mate" -r http.cap

If anything went well, your packet details might look something like this:

mate-tcp-output.png


Imported from https://wiki.wireshark.org/Mate/GettingStarted on 2020-08-11 23:16:33 UTC