 | 1 | initial version |
Have you seen the "Conversaton Coloring" functionality (FKA Temporary Coloring)? It let's you colorize TCP/UDP/IP/Eth conversations with the click of a button or keystroke. It also gives you the option to pick any field+value from the packet details to create a temporary (dynamic?) color. It might not match to 100% of your use-cases, but I think it can come close.
From the Users Guide:
There are two types of coloring rules in Wireshark: temporary rules that are only in effect until you quit the program, and permanent rules that are saved in a preference file so that they are available the next time you run Wireshark.
Temporary rules can be added by selecting a packet and pressing the Ctrl key together with one of the number keys. This will create a coloring rule based on the currently selected conversation. It will try to create a conversation filter based on TCP first, then UDP, then IP and at last Ethernet. Temporary filters can also be created by selecting the Colorize with Filter → Color X menu items when right-clicking in the packet detail pane.
