Presented by

  • Aurélien Aptel

    Aurélien Aptel

    Aurélien is a software engineer working on open source SMB-related things (cifs.ko kernel client, samba server, wireshark) at SUSE. He also happens to be an Emacs fanatic.

Abstract

While debugging network protocol issues we often have to look at network captures. Wireshark is an excellent tool to make and analyze network captures which we rely on. A common scenario is to compare a capture of a "working" case and a "failing" case, possibly made by different client/server implementation. But when you are looking at hundreds of packets holding hundreds of fields it quickly becomes problematic. To help with this problem I have come up with a new open source tool that reuses Wireshark and allows you to look at captures side-by-side and diff packet details similar to a diff for source code. This talk will cover how the tool works, present more advanced features and how I personally use it for my work the Linux SMB client.