We understand that fields enclosed in square brackets [ ] are calculated by Wireshark. What type of fields are enclosed in “greater than / less than” < > signs? An example is shown below. We have two Wireshark installs (same version). One Wireshark instance is displaying these two true/false values for FTP, the other is not. We are using the same trace file in both. We cannot locate the Wireshark setting that controls the display of these < > lines. File Transfer Protocol (FTP) <request: true=""> <response: false=""> asked 23 Apr '15, 14:47  David99 edited 23 Apr '15, 14:49 |
One Answer:
Go to Edit > Preferences > Protocols and uncheck "Display hidden protocol items" to return Wireshark to the default setting and turn off display of those fields. answered 23 Apr '15, 14:55  Jim Aragon |
Thanks Jim, that fixed the issue.