This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 3 and 4
Revision 3 as of 2007-08-31 11:03:01
Size: 5681
Editor: SakeBlok
Comment:
Revision 4 as of 2007-08-31 15:14:33
Size: 5916
Editor: SakeBlok
Comment:
Deletions are marked like this. Additions are marked like this.
Line 22: Line 22:
== List of things I want to fix/enhance/add in the (near) future ==
 * Build an "anonymizer" framework within Wireshark (once my development skills permit ;-))
 * Add a "session-duration" column in the conversation lists
 * Add a tcp.time_relative field that shows the delta time since the start (SYN) of the current tcp-session
 * Add a tcp.time_delta field that shows the delta time since the last seen packet of the current tcp-session
 * Add the option "-o <file-with-preferences>" to tshark
 * Add a filter like "conversation(<proto>,<filter>)" that will show all packets belonging to the <proto> conversation for which at least one packet matches <filter>
 * Some fixes to the SSL dissector
 

Line 40: Line 51:
|| 20070831 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=22761 22761] || Fix two errors when compiling with "--without-plugins" ||
|| 20070831 || [http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=22762 22762] || Enhance tcp-analysis with "reused tcp session" ||
Line 41: Line 54:


== List of things I want to fix/enhance/add in the (near) future ==
 * Build an "anonymizer" framework within Wireshark (once my development skills permit ;-))
 * Add a "session-duration" column in the conversation lists
 * Add a tcp.time_relative field that shows the delta time since the start (SYN) of the current tcp-session
 * Add a tcp.time_delta field that shows the delta time since the last seen packet of the current tcp-session
 * Don't treat new SYN with same ports as "previous segment lost"
 * Add the option "-o <file-with-preferences>" to tshark
 * Add a filter like "conversation(<proto>,<filter>)" that will show all packets belonging to the <proto> conversation for which at least one packet matches <filter>
 * Some fixes to the SSL dissector
 

Sake Blok

My interest in Networking was first raised when I started working for one of the first ISP's in The Netherlands (back in 1995). My L2/L3 knowlegde was gathered while working for a large bank. I then switched teams within that bank to manage their redundant internet gateway based on a loadbalanced firewall cluster, loadbalancers, ssl-offloaders, caches and proxies.

In that time (2000) I started using Ethereal to troubleshoot problems within that environment. After my switch to a reseller, my skills developped towards bug-chasing and Ethereal/Wireshark has been an invaluable tool for me. I use it on a daily basis.

In february 2006 I wished to be able to filter on the "X-Forwarded-For:" http-header and joined the mailing-lists. First I wanted to ask for that functionality, but then I realised that I might be able to add it myself. Well, one thing led to another and after submitting a few of my own patches, I started working on bug-reports too. Resulting in being invited to the core development team in august 2007.

I live in The Netherlands near Amsterdam and work as "Research and Development Engineer" at [http://www.ionip.com ion-ip] in Veenendaal. In my job I am involved in troubleshooting complex networking problems in Application delivery infra-structures. This involves quite a bit of bug-chasing :-). I am also involved in putting new and existing products from our vendors on a testbed in our testlab (which I maintain as well).

Main development areas

As I am more a networking person than a programmer, I mainly contribute by solving issues I encounter while working with Wireshark. I also submitted a few enhancements and solved some bugs reported by others. My development skills are growing, but for now I consider myself skilled at looking at what other people have built and reusing and combining things to solve the issues I want to solve.

List of things I want to fix/enhance/add in the (near) future

  • Build an "anonymizer" framework within Wireshark (once my development skills permit ;-))
  • Add a "session-duration" column in the conversation lists
  • Add a tcp.time_relative field that shows the delta time since the start (SYN) of the current tcp-session
  • Add a tcp.time_delta field that shows the delta time since the last seen packet of the current tcp-session
  • Add the option "-o <file-with-preferences>" to tshark

  • Add a filter like "conversation(<proto>,<filter>)" that will show all packets belonging to the <proto> conversation for which at least one packet matches <filter>

  • Some fixes to the SSL dissector

Contributions so far

Date

SVN

Description

20060220

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=17356 17356]

Add filter http.x_forwarded_for

20060415

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=17869 17869]

Added support for certain Sniffer Format file

20061029

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=19729 19729]

Some textual changes in the development guide

20061029

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=19734 19734]

Add support for Cisco proprietary MST format

20061225

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=20212 20212]

Added ssl-id to the packet-detail-list

20070309

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21005 21005]

Added "Copy as Filter"

20070323

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21140 21140]

Added accelerated key for "Copy as Filter" and correct the documentation

20070323

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21154 21154]

Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=491 bug 491]: "unexpected frame.time_delta behaviour"

20070330

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21277 21277]

Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=598 bug 598]: "Double linefeed when copying from 'follow tcp stream'"

20070401

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21295 21295]

Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1136 bug 1136]: "tcp checksum 0xffff"

20070410

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21372 21372]

Fix in dfvm.c (found while fixing SSL things in [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1503 bug 1503])

20070410

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21373 21373]

Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1503 bug 1503]: "SSL enhancements"

20070414

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21438 21438]

Fix for malformed SSL-handshake message after change cipher spec

20070429

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21618 21618]

Enhancements to packet-http.c for proxied ssl connections

20070520

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=21867 21867]

Fix for [http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1056 bug 1056]: "Timestamping seems to be broken"

20070817

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=22533 22533]

Added support for NetScreen snoop output

20070831

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=22761 22761]

Fix two errors when compiling with "--without-plugins"

20070831

[http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=22762 22762]

Enhance tcp-analysis with "reused tcp session"

Other interests

  • Scuba diving
  • Photography (also while Diving)
  • Arthouse movies

Email: sake (at) euronet (dot) nl

SakeBlok (last edited 2010-07-28 22:08:28 by SakeBlok)