 |
 |
 |
 |
 |
 |
 |
| WLAN Analyzer and Protocol Decoder - CommView for WiFi |
|
| |
|
||||||||||
|
|
 |
You can configure some of the program's options by selecting Settings => Options in the menu. General
Display
Driver Buffer - sets the driver buffer size. This setting affects the program's performance: the more memory allocated for the driver buffer, the fewer packets the program drops. For low traffic LANs and dial-up connections, the buffer size is not critical. For high traffic WLANs, you may want to increase the buffer size if the program drops packets. To check the number of dropped packets, use the File => Performance Data menu command while capturing is on. Latest IP Connections Display Logic – allows you to select the Latest IP Connections layout that best suits your needs. Selecting an item from the drop-down list will display the description of the selected logic. In most cases, it is recommended to use the default Smart logic. Define Local IP Addresses – you should use this tool if you monitor WLAN traffic with many pass-through packets and a mixture of external and internal IP addresses. In such a situation, CommView for WiFi doesn't "know" which IP addresses should be treated as local and might reverse the IP addresses in the Source and Destination IP columns. This tool allows you to define the local network addresses and subnet masks to make sure the Latest IP Connections window works correctly. This will work only if you use the default Smart logic. Colors Packet color – sets the colors for displaying different kinds of packets (Normal, Bad CRC, Bad ICV) on the Packets tab. Colorize Packet Headers – check this box if you want CommView to colorize packet contents. If this box is checked, the program displays the first eight packet layers using different colors. To change a color, select the type of header for which you want to change the color and click on the colored rectangle. Formula syntax highlighting – sets the colors for highlighting keywords in formulas in the Advanced Rules window. Selected byte sequence color – sets the font and background color for displaying the byte sequence that was selected in the decoder tree. For example, when you select the "TCP" tree node, the corresponding part of the packet will be highlighted using these colors. Management frame color – sets the colors for different types of Management frames. Color is used in the Protocol column of the Packets tab to show the corresponding frame types Decoding Always fully expand all nodes in the decoder window – check this box if you would like to have all nodes in the decoder windows automatically expanded when you select a new packet in the packet list. Expand the last node – check this box if you would like to have the last node in the decoder window automatically expanded when you select a new packet in the packet list. By default, the first node is expanded. This setting has no effect if the Always fully expand all nodes in the decoder window box is checked. Decode up to the first level only in ASCII export – this option affects the decoding format used when you export a packet log or individual packet as an ASCII file with decoding. If this box is checked, only the top-level nodes will be saved. For example, if you save a TCP/IP packet when this option is disabled, all Type of service sub-nodes are saved. When this option is enabled, these sub-nodes are not saved. Checking this box makes the output ASCII file less detailed and more compact. Ignore incorrect checksums when reconstructing TCP sessions – this option affects the way CommView treats malformed TCP/IP packets when reconstructing TCP sessions. By default, this option is on, and packets with incorrect checksums are not discarded in the process of reconstruction. If you turn off this option, packets with incorrect checksums will be discarded and not displayed in the TCP reconstruction window. Include packet numbers when reconstructing TCP sessions – check this box if you'd like the chunks of data shown in the TCP session reconstruction window to be prepended by the packet numbers that correspond to these chunks of data. Search for the session start when reconstructing TCP sessions – if this box is checked, the program will attempt to find the beginning of the TCP session when you reconstruct it. If it is not checked, the session will be reconstructed only from the selected packet, i.e. earlier packets will be discarded. Decompress GZIP content – check this box if you want CommView to convert GZIP-compressed HTTP content into readable text in the TCP Session Reconstruction windows. GZIP content is decompressed only when the display type in the window is set to "ASCII." Reconstruct images – check this box if you want CommView to convert binary HTTP streams that represent images into viewable JPG, BMP, PNG, and GIF pictures in the TCP Session Reconstruction windows. Images are shown only when the display type in the window is set to "HTML." Images are never shown within the HTML pages to which they belong, as they are transferred by the server in a separate HTTP session. Use IPv4-style endings in IPv6 addresses – if this box is not checked, IPv6 addresses are shown using hexadecimal symbols only, e.g. fe80::02c0:26ff:fe2d:edb5. If this box is checked, the last 4 bytes of IPv6 addresses are shown using the IPv4-style dotted notation, e.g. fe80::02c0:26ff:254.45.237.181. Reassemble fragmented IP packets – check this box if you'd like the program to reassemble IP packets that are fragmented. By default, fragmented IP packets are displayed as they were received from the wire, in their original form. If this option is turned on, the program will maintain an internal buffer of fragments and will attempt to "glue" them, displaying only the results of successful reassembly. Display signal level in dBm – check this box if you'd like the program to display signal strength in dBm rather than in percentile format. The availability of signal level in dBm depends on the wireless adapter model being used. Please refer to the Understanding Signal Strength chapter for more information. Default display type – select the display type value from the drop-down list that you want to set as default for the TCP Session Reconstruction function. The available values are ASCII, HEX, HTML, and EBCDIC. VoIP Note: The VoIP analysis module is only available to VoIP license users or evaluation version users who selected VoIP evaluation mode. Disable VoIP analysis – disables capture and analysis of VoIP data. Check this box if you don't plan to work with VoIP and want to minimize the usage of computer resources by the application. Maximum records in the list – limits the number of displayed and processed VoIP events. When the number of records exceed the specified limit, older records are deleted from the lists. Ignore orphan RTP streams – when this box is enabled, VoIP analyzer will ignore captured RTP data streams that don't have a parent signaling session. Orphan RTP streams typically appear if packet capturing was started in the middle of a call, or the signaling protocol is unknown to the application (i.e. not SIP and not H.323), or the signaling protocol was sent in a non-standard manner (e.g. encrypted or as part of some other session). Such streams are still available for analysis, and sometimes for playback. Please see the Call Playback chapter for more detailed information on playing VoIP calls. If you are not interested in such orphan streams and want to save on computer resources, please disable this option. Note that when orphan streams are not ignored, VoIP analyzer may mistakenly identify data transferred over UDP protocol as RTP streams. Generally, this is not an error, as RTP packets don't have a standard uniform signature, so such "false positives" are ok. Geolocation Geolocation is IP-to-country mapping for IP addresses. When this functionality is enabled, CommView checks the internal database to provide information on the country any IP address belongs to. You can configure the program to show ISO country code, Country name, or Country flag next to any IP address. You can also disable geolocation. For some IP addresses, such as reserved ones (e.g. 192.168.*.* or 10.*.*.*) no information on the country can be provided. In such cases, the country name is not shown, or if you use the Country flag option, a flag with a question mark is displayed. As IP allocation is constantly changing, it's important that you always have an up-to-date version of CommView. A fresh, up-to-date database is included in every CommView build. A fresh database has 98% accuracy. Without updates, the accuracy percentage falls by approximately 15% every year. Miscellaneous Hide from the taskbar on minimization – check this box if you don't want to see the program's button on the Windows taskbar when you minimize the program. If this box is checked, use the program's system tray icon to restore it after minimization. Prompt for confirmation when exiting the application – check this box if you would like the program to ask you for a confirmation when you close it. Auto-scroll packet data window – if this box is checked, the program scrolls the text of the packet data window automatically when you select a new packet from the packets list (but only if the text does not fit into the window). This is useful when you want to see the contents of a long packet without manually scrolling the window. Auto-scroll packet list to the last packet – if this box is checked, the program automatically scrolls the packet list in the Packets tab down to the last received packet. Auto-sort new records in Latest IP Connections – if this box is checked, the program auto-sorts new records on the Latest IP Connections tab based on the user-defined sorting criterion (e.g. ascending order of remote IP addresses). Smart CPU utilization control – if this box is checked, the program tries to decrease CPU utilization when capturing high-volume traffic by decreasing the quality and frequency of the screen updates. Run on Windows startup – if this box is checked, the program is launched automatically every time you start Windows. Run minimized – if this box is checked, the program is launched minimized and the main window is not displayed until you click on the tray icon or taskbar button. Enable automatic application updates – check this box to let the program connect to the TamoSoft Web site periodically and check for updates. Use the Interval between checks box to configure how often the checks should be made. Plug-ins This tab is used by 3rd party plug-ins for performing configuration tasks. Please see Custom Decoding for more information. |
