diff options
author | Gerald Combs <gerald@wireshark.org> | 2005-06-17 18:41:02 +0000 |
---|---|---|
committer | Gerald Combs <gerald@wireshark.org> | 2005-06-17 18:41:02 +0000 |
commit | 6126a01eb960e2ef66fce71fca1dbc3b3860dc73 (patch) | |
tree | 79759469f1d32cbb135e2a5d2c2c44034ce2c4a3 /colorfilters | |
parent | c014cc7973a2560fa8615b2e006fd897488ccd1a (diff) |
Tweak the global coloring rules a bit. Give "normal" traffic pastel
backgrounds and "bad" traffic bold backgrounds, which is the strategy
used in some of the sample coloring rules. Include a few rules from
the samples as well.
svn path=/trunk/; revision=14685
Diffstat (limited to 'colorfilters')
-rw-r--r-- | colorfilters | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/colorfilters b/colorfilters index 5ab506d0d5..302962092f 100644 --- a/colorfilters +++ b/colorfilters @@ -1,11 +1,20 @@ -@tcp.analysis.flags@tcp.analysis.flags@[65535,0,19789][0,0,0] +# DO NOT EDIT THIS FILE! It was created by Ethereal +@Bad TCP@tcp.analysis.flags@[0,0,0][65535,24383,24383] +@HSRP State Change@hsrp.state != 8 && hsrp.state != 16@[0,0,0][65535,63222,0] +@Spanning Tree Topology Change@stp.type == 0x80@[0,0,0][65535,63222,0] +@OSPF State Change@ospf.msg != 1@[0,0,0][65535,63222,0] +@ICMP errors@icmp.type eq 3 || icmp.type eq 4 || icmp.type eq 11@[0,0,0][0,65535,3616] @ARP@arp@[55011,59486,65534][0,0,0] -@ICMP@icmp@[31062,31186,65534][0,0,0] +@ICMP@icmp@[49680,49737,65535][0,0,0] +@TCP RST@tcp.flags.reset eq 1@[37008,0,0][65535,63121,32911] +@Low TTL@ip.ttl < 5@[37008,0,0][65535,65535,65535] +@Checksum Errors@ip.checksum_bad || tcp.checksum_bad || udp.checksum_bad@[0,0,0][65535,24383,24383] @SMB@smb || nbss || nbns || nbipx || ipxsap || netbios@[65534,64008,39339][0,0,0] -@HTTP@http || tcp.port == 80@[26820,65534,22193][0,0,0] +@HTTP@http || tcp.port == 80@[36107,65535,32590][0,0,0] @IPX@ipx || stp@[65534,58325,58808][0,0,0] -@Routing@hsrp || eigrp || cdp || vrrp || gvrp || igmp || ismp@[65534,62325,54808][0,0,0] @DCERPC@dcerpc@[51199,38706,65533][0,0,0] -@TCP syn/fin@tcp.flags.syn == 1 || tcp.flags.fin == 1 || tcp.flags.reset == 1@[39040,49264,65534][0,0,0] +@Routing@hsrp || eigrp || || ospf || bgp || cdp || vrrp || gvrp || igmp || ismp@[65534,62325,54808][0,0,0] +@TCP SYN/FIN@tcp.flags & 0x02 || tcp.flags.fin == 1@[41026,41026,41026][0,0,0] @TCP@tcp@[59345,58980,65534][0,0,0] -@TCP@udp@[28834,57427,65533][0,0,0] +@UDP@udp@[28834,57427,65533][0,0,0] +@Broadcast@eth[0] & 1@[65535,65535,65535][32768,32768,32768] |