Wireshark 序

1. Foreword 前言

2. Who should read this document? 谁适合读该文档？

3. Acknowledgements 致谢

4. About this document 关于本文档

5. Where to get the latest copy of this document? 哪里获取本文档最新副版

6. Providing feedback about this document 反馈

7. Typographic Conventions 版式约定

7.1. Admonitions 期望

7.2. Shell Prompt and Source Code Examples 源码案例

1. https://wiki.wireshark.org/.

By reading this book, you will learn how to install Wireshark, how to use the basic elements of the graphical user interface (such as the menu) and what’s behind some of the advanced features that are not always obvious at first sight. It will hopefully guide you around some common problems that frequently appear for new (and sometimes even advanced) Wireshark users.

本书的目标读者是任何一个Wireshark的使用者。

本书解释了Wireshark的素有基本特性和部分高级特性。由于Wireshark是如此的复杂，所以此书并未包含所有的特性。

本书不会解释常见的网络嗅探，也不会对特定的网络协议提供详细解说。在Wireshark Wiki上可以找到很多与此主题相关的信息，Wiki地址 https://wiki.wireshark.org/。

阅读本书，你将学会如何安装Wireshark，如何使用图形界面上的基本元素（例如菜单），以及隐藏在部分高级功能背后的特性，这些往往没法一目了然。希望这本书能帮你解决一些Wireshark新用户经常遇到的问题。

3. Section D.8, “mergecap: Merging multiple capture files into one” is derived.

Ashok Narayanan from whose text2pcap man page Section D.9, “text2pcap: Converting ASCII hexdumps to network captures”is derived.

作者感谢整个Wireshark团队的工作支持。尤其要感谢：

• Gerald Combs, for initiating the Wireshark project and funding to do this documentation.
• Guy Harris, for many helpful hints and a great deal of patience in reviewing this document.
• Gilbert Ramirez, for general encouragement and helpful hints along the way.

作者同样感谢以下人员对本书的有效反馈：

• Pat Eyler, for his suggestions on improving the example on generating a backtrace.
• Martin Regner, for his various suggestions and corrections.
• Graeme Hewson, for many grammatical corrections.

4. Richard Sharpe with funds provided from the Wireshark Fund. It was updated by Ed Warnicke and more recently redesigned and updated by Ulf Lamping.

It was originally written in DocBook/XML and converted to AsciiDoc by Gerald Combs.

 此书最初由 Richard Sharpe 创建，Wireshark基金会提供资金支持。后来由Ed Warnicke 更新，最近由Ulf Lamping重新设计和更新。本书最初以DocBook/XML编写，由Gerald Combs转成AsciiDoc。

5. https://www.wireshark.org/docs/.

 本文档的最新版本可以在https://www.wireshark.org/docs/找到

6. wireshark-dev[AT]wireshark.org.

 如果你对本文档有任何反馈，请发送给作者。wireshark-dev[AT]wireshark.org

7. Typographic Conventions

The following table shows the typographic conventions that are used in this guide.

以下表格列出了本文档中用到的约定版式

Table 1. Typographic Conventions 约定版式

7.1. Admonitions

Important and notable items are marked as follows:重要事项和注意事项如下标记：

	This is a warning 警告
	You should pay attention to a warning, otherwise data loss might occur.

	This is a note 注意
	A note will point you to common mistakes and things that might not be obvious.

	This is a tip 提示
	Tips are helpful for your everyday work using Wireshark.

7.2. Shell Prompt and Source Code Examples 提示符和源码案例

Bourne shell, normal user. 运行脚本，普通用户

$ # This is a comment
$ git config --global log.abbrevcommit true

Bourne shell, root user. 运行脚本，root用户

# # This is a comment
# ninja install

Command Prompt (cmd.exe).  命令提示符

>rem This is a comment
>cd C:\Development

PowerShell.  全新命令行

PS$># This is a comment
PS$>choco list -l

C Source Code. C语言代码

#include "config.h"

/* This method dissects foos */
static int
dissect_foo_message(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_)
{
    /* TODO: implement your dissecting code */
    return tvb_captured_length(tvb);
}