This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 1 and 2
Revision 1 as of 2007-08-31 10:43:31
Size: 4042
Editor: SakeBlok
Comment:
Revision 2 as of 2007-08-31 11:02:00
Size: 5675
Editor: SakeBlok
Comment:
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:
== Sake Blok == = Sake Blok =
Line 8: Line 8:
In february 2006 I wished to be able to filter on the "X-Forwarded-For:" http=header and joined the mailing-lists. First I wanted to ask for that functionality, but then I realised that I might be able to add it myself. Well, one thing led to another and after submitting a few of my own patches, I started working on bug-reports too. Resulting in being invited to the core development team in august 2007. In february 2006 I wished to be able to filter on the "X-Forwarded-For:" http-header and joined the mailing-lists. First I wanted to ask for that functionality, but then I realised that I might be able to add it myself. Well, one thing led to another and after submitting a few of my own patches, I started working on bug-reports too. Resulting in being invited to the core development team in august 2007.
Line 10: Line 10:
I live in The Netherlands near Amsterdam and work as "Research and Development Engineer" at ion-ip in Veenendaal. In my job I am involved in troubleshooting complex networking problems in Application delivery infra-structures. This involves quite a bit of bug-chasing :-). I am also involved in putting new and existing products from our vendors on a testbed in our testlab (which I maintain as well). I live in The Netherlands near Amsterdam and work as "Research and Development Engineer" at [http://www.ionip.com ion-ip] in Veenendaal. In my job I am involved in troubleshooting complex networking problems in Application delivery infra-structures. This involves quite a bit of bug-chasing :-). I am also involved in putting new and existing products from our vendors on a testbed in our testlab (which I maintain as well).
Line 14: Line 14:
=== Main development areas === == Main development areas ==
Line 19: Line 19:
=== Contributions so far === == Contributions so far ==
Line 21: Line 21:
|| 20060220 || 17356 || Add filter http.x_forwarded_for ||
|| 20060415 || 17869 || Added support for certain Sniffer Format file ||
|| 20061029 || 19729 || Some textual changes in the development guide ||
|| 20061029 || 19734 || Add support for Cisco proprietary MST format ||
|| 20061225 || 20212 || Added ssl-id to the packet-detail-list ||
|| 20070309 || 21005 || Added "Copy as Filter" ||
|| 20070323 || 21140 || Added accelerated key for "Copy as Filter" and correct the documentation ||
|| 20070323 || 21154 || Fix for bug 491: "unexpected frame.time_delta behaviour" ||
|| 20070330 || 21277 || Fix for bug 598: "Double linefeed when copying from 'follow tcp stream'" ||
|| 20070401 || 21295 || Fix for bug 1136: "tcp checksum 0xffff" ||
|| 20070410 || 21372 || Fix in dfvm.c (found while fixing SSL things in bug 1503) ||
|| 20070410 || 21373 || Fix for bug 1503: "SSL enhancements" ||
|| 20070414 || 21438 || Fix for malformed SSL-handshake message after change cipher spec ||
|| 20070429 || 21618 || Enhancements to packet-http.c for proxied ssl connections ||
|| 20070520 || 21867 || Fix for bug 1056: "Timestamping seems to be broken" ||
|| 20070817 || 22533 || Added support for NetScreen snoop output ||
|| 20060220 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=17356 17356] || Add filter http.x_forwarded_for ||
|| 20060415 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=17869 17869] || Added support for certain Sniffer Format file ||
|| 20061029 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=19729 19729] || Some textual changes in the development guide ||
|| 20061029 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=19734 19734] || Add support for Cisco proprietary MST format ||
|| 20061225 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=20212 20212] || Added ssl-id to the packet-detail-list ||
|| 20070309 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21005 21005] || Added "Copy as Filter" ||
|| 20070323 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21140 21140] || Added accelerated key for "Copy as Filter" and correct the documentation ||
|| 20070323 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21154 21154] || Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=491 bug 491]: "unexpected frame.time_delta behaviour" ||
|| 20070330 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21277 21277] || Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=598 bug 598]: "Double linefeed when copying from 'follow tcp stream'" ||
|| 20070401 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21295 21295] || Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1136 bug 1136]: "tcp checksum 0xffff" ||
|| 20070410 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21372 21372] || Fix in dfvm.c (found while fixing SSL things in [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1503 bug 1503]) ||
|| 20070410 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21373 21373] || Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1503 bug 1503]: "SSL enhancements" ||
|| 20070414 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21438 21438] || Fix for malformed SSL-handshake message after change cipher spec ||
|| 20070429 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21618 21618] || Enhancements to packet-http.c for proxied ssl connections ||
|| 20070520 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21867 21867] || Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1056 bug 1056]: "Timestamping seems to be broken" ||
|| 20070817 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=22533 22533] || Added support for NetScreen snoop output ||
Line 40: Line 40:
=== List of things I want to fix/enhance/add in the (near) future === == List of things I want to fix/enhance/add in the (near) future ==
Line 43: Line 43:
 * Add a tcp.time_delta field that shows the time since the first SYN of the current tcp-session  * Add a tcp.time_relative field that shows the delta time since the start (SYN) of the current tcp-session
 * Add a tcp.time_delta field that shows the delta time since the last seen packet of the current tcp-session
Line 51: Line 52:
=== Other interests === == Other interests ==

Sake Blok

My interest in Networking was first raised when I started working for one of the first ISP's in The Netherlands (back in 1995). My L2/L3 knowlegde was gathered while working for a large bank. I then switched teams within that bank to manage their redundant internet gateway based on a loadbalanced firewall cluster, loadbalancers, ssl-offloaders, caches and proxies.

In that time (2000) I started using Ethereal to troubleshoot problems within that environment. After my switch to a reseller, my skills developped towards bug-chasing and Ethereal/Wireshark has been an invaluable tool for me. I use it on a daily basis.

In february 2006 I wished to be able to filter on the "X-Forwarded-For:" http-header and joined the mailing-lists. First I wanted to ask for that functionality, but then I realised that I might be able to add it myself. Well, one thing led to another and after submitting a few of my own patches, I started working on bug-reports too. Resulting in being invited to the core development team in august 2007.

I live in The Netherlands near Amsterdam and work as "Research and Development Engineer" at [http://www.ionip.com ion-ip] in Veenendaal. In my job I am involved in troubleshooting complex networking problems in Application delivery infra-structures. This involves quite a bit of bug-chasing :-). I am also involved in putting new and existing products from our vendors on a testbed in our testlab (which I maintain as well).

Main development areas

As I am more a networking person than a programmer, I mainly contribute by solving issues I encounter while working with Wireshark. I also submitted a few enhancements and solved some bugs reported by others. My development skills are growing, but for now I consider myself skilled at looking at what other people have built and reusing and combining things to solve the issues I want to solve.

Contributions so far

Date

SVN

Description

20060220

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=17356 17356]

Add filter http.x_forwarded_for

20060415

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=17869 17869]

Added support for certain Sniffer Format file

20061029

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=19729 19729]

Some textual changes in the development guide

20061029

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=19734 19734]

Add support for Cisco proprietary MST format

20061225

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=20212 20212]

Added ssl-id to the packet-detail-list

20070309

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21005 21005]

Added "Copy as Filter"

20070323

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21140 21140]

Added accelerated key for "Copy as Filter" and correct the documentation

20070323

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21154 21154]

Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=491 bug 491]: "unexpected frame.time_delta behaviour"

20070330

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21277 21277]

Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=598 bug 598]: "Double linefeed when copying from 'follow tcp stream'"

20070401

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21295 21295]

Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1136 bug 1136]: "tcp checksum 0xffff"

20070410

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21372 21372]

Fix in dfvm.c (found while fixing SSL things in [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1503 bug 1503])

20070410

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21373 21373]

Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1503 bug 1503]: "SSL enhancements"

20070414

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21438 21438]

Fix for malformed SSL-handshake message after change cipher spec

20070429

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21618 21618]

Enhancements to packet-http.c for proxied ssl connections

20070520

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21867 21867]

Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1056 bug 1056]: "Timestamping seems to be broken"

20070817

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=22533 22533]

Added support for NetScreen snoop output

List of things I want to fix/enhance/add in the (near) future

  • Build an "anonymizer" framework within Wireshark (once my development skills permit ;-))
  • Add a "session-duration" column in the conversation lists
  • Add a tcp.time_relative field that shows the delta time since the start (SYN) of the current tcp-session
  • Add a tcp.time_delta field that shows the delta time since the last seen packet of the current tcp-session
  • Don't treat new SYN with same ports as "previous segment lost"
  • Add the option "-o <file-with-preferences>" to tshark

  • Add a filter like "conversation(<proto>,<filter>)" that will show all packets belonging to the <proto> conversation for which at least one packet matches <filter>

  • Some fixes to the SSL dissector

Other interests

  • Scuba diving
  • Photography (also while Diving)
  • Arthouse movies

Email: sake (at) euronet (dot) nl

SakeBlok (last edited 2010-07-28 22:08:28 by SakeBlok)