1 $Id: TODO,v 1.9 2001/04/21 07:49:24 guy Exp $
6 *) Protocol dispatchers, allowing run-time setting of protocol "chaining"
7 (i.e., UDP port X calls dissector Y)
9 *) Work on packet capturing in wiretap
11 *) Either as part of the previous item, or as a capture-filter
12 translator that generates "libpcap"-style capture filter expressions,
13 provide a capture filter syntax similar to the display filter syntax.
14 (The syntax differences get in the way of users; the fact that you have
15 to construct some filters by hand, e.g. looking only for initial SYN
16 packets for TCP connections by doing bit-testing of the flags in a TCP
17 header has been a pain for some users; and people have asked for
18 capabilities that aren't conveniently available, or aren't available at
19 all, in "libpcap"-style capture filters:
21 the ability to filter on characteristics of IPX packets;
23 the ability to select, for example, TCP packets with port
24 numbers *greater than* a particular value, which in "libpcap"
25 filters you have to do by explicitly testing subfields of the
26 TCP header rather than doing "tcp.port > 1000";
30 *) I just discovered that sshd sets the SSH_CLIENT variable to source IP,
31 sort port, and destination port. That coupled with a destination IP
32 would give us enough information to carry out remote protocol capturing,
35 ssh remotehost tcpdump -s 2000 -w - filter,
37 where "filter" filters out our own ssh packets (using the infromation
38 from $SSH_CLIENT). Any takers?
40 *) Of course, packet defragmentating. IP fragments are now reassembled,
41 but IPv6 fragments need to be reassembled and re-analyzed; we would also
42 want to support reassembling TCP data streams and breaking the resulting
43 stream into higher-level packets. Other protocols where we might want
44 to reassemble packets include NBDS and OSI CLNP.
46 *) I'd like to someday re-write the display filter routines to have a more
49 *) More on-line help, and neato things with the protocol tree and
52 *) A GtkClist replacement, with dynamic columns, allowing columns to be
53 added, removed, or moved without having to exit and restart Ethereal.
56 *) A GUI capture/display filter creator.
58 *) Run-time configuration of tunnelling protocols -- display tunnelled
59 protocol as data or as a full-fledged protocol (which subtree do we put
62 *) Run-time configuration of data shown in capture statistics window.
64 *) A GtkWidget for authors in the About box. We've got a lot of authors!
65 We've currently banished the list of authors to the AUTHORS file and the
66 man page, which may be the right solution here.
68 *) Finish moving GTK-dependent code into gtk/ subdirectory.
70 *) Provide alternative user interfaces, e.g. other toolkits (Qt/KDE,
71 full GNOME, native Windows, etc.) and text-mode "curses".
73 *) Kerberos version 4 dissector - standard krb4 - from tcpdump (nneul);
74 we have krb5, but not krb4
76 *) Display filters: allow filtering on "enumerated" data types by name,
77 i.e. if a field has a "value_string" array associated with it, allow
78 users to specify the string associated with a value.
80 *) Display filters: add regexes to strings and byte ranges