There are many tables in Wireshark that are used to show data and statistics to the user. Most of the tables show data related to captured packets in Wireshark. The summarized data displayed in tables reduce the complexity of the information and make it easy for the user to analyze. For managing and editing these tables in Wireshark, the User Table editor is used.
Common Controls in User Table:
Some common controls available in all user tables are :
- “ +” : For adding a new entry in the user table.
- “—”: For removing any existing entry from the user table
- “ ∧ “: For moving up in the entries.
- “ ∨ “: For down in the entries.
- Copy: For creating a duplicate of the selected entry.
- Clear: For clearing all the existing entries.
Note: To edit any of the fields of an entry present in the user table Double-Click on it.
User Table Editor in Wireshark:
The user table editor look works very similar to Wireshark’s “Coloring Rules” dialog box. The “Coloring Rules” dialog box is an example of a user table editor for permanently setting the coloring rules in Wireshark.
Wireshark’s “SNMP users Table” dialog box is another example of a user table editor. Wireshark uses this table to verify authentication and decrypt encrypted SNMPv3 packets.
One more example of a user table editor in Wireshark is the “SCCP users Table”. Wireshark uses this table to map specific protocols to a certain DPC/SSN combination for SCCP.
