| 2021-07-05 17:31:16 +0000 | commented question | Option to control default follow stream view? Those are both very helpful as well. Thank you :). |
| 2021-07-05 17:30:35 +0000 | commented answer | Option to control default follow stream view? Thank you :). |
| 2021-07-05 17:30:14 +0000 | marked best answer | Option to control default follow stream view? Is there an option to set the follow stream view to something other than ASCII by default? I'm looking at a packet capture of traffic that involves sending multi-MB XML blobs, and the blobs have no newline characters in them. Even on a recent laptop, WireShark is very slow to parse the stream when viewed in ASCII mode, on the order of 4 packets per second. I assume this is because of inefficiencies in soft-word-wrapping code either in WireShark itself or the OS. The total amount of traffic is something like 65MB, so even after a few hours, WireShark wasn't done following the stream. It runs at a reasonable speed in Hex Dump mode, but until I figured out the workaround below, I didn't think I could use that because the "Show data as" dropdown is greyed out until the stream has been parsed. This is the workaround I'm using in the meantime: follow a different, shorter stream first. Wait for it to finish parsing. Switch to Hex Dump view. Change the Stream ID in the stream viewer to the ID of the problematic stream. |
| 2021-07-05 17:30:14 +0000 | received badge | ● Scholar (source) |
| 2021-06-30 21:07:32 +0000 | asked a question | Option to control default follow stream view? Option to control default follow stream view? Is there an option to set the follow stream view to something other than A |
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.