####### Capture ########
# Default capture device
# A string
#capture.device:
# Interface link-layer header types (Ex: en0(1),en1(143),...)
# A string
#capture.devices_linktypes:
# Interface descriptions (Ex: eth0(eth0 descr),eth1(eth1 descr),...)
# A string
#capture.devices_descr:
# Hide interface? (Ex: eth0,eth3,...)
# A string
#capture.devices_hide:
# By default, capture in monitor mode on interface? (Ex: eth0,eth3,...)
# A string
#capture.devices_monitor_mode:
# Interface buffer size (Ex: en0(1),en1(143),...)
# A string
#capture.devices_buffersize:
# Interface snap length (Ex: en0(65535),en1(1430),...)
# A string
#capture.devices_snaplen:
# Interface promiscuous mode (Ex: en0(0),en1(1),...)
# A string
#capture.devices_pmode:
# Capture in promiscuous mode?
# TRUE or FALSE (case-insensitive)
#capture.prom_mode: TRUE
# Interface capture filter (Ex: en0(tcp),en1(udp),...)
# A string
#capture.devices_filter:
# Capture in pcapng format?
# TRUE or FALSE (case-insensitive)
#capture.pcap_ng: TRUE
# Update packet list in real time during capture?
# TRUE or FALSE (case-insensitive)
#capture.real_time_update: TRUE
# Disable external capture modules (extcap)
# TRUE or FALSE (case-insensitive)
#capture.no_extcap: FALSE
# Scroll packet list during capture?
# TRUE or FALSE (case-insensitive)
#capture.auto_scroll: TRUE
# Show capture info dialog while capturing?
# TRUE or FALSE (case-insensitive)
#capture.show_info: FALSE
####### Name Resolution ########
# Resolve Ethernet MAC addresses to host names from the preferences or system's Ethers file, or to a manufacturer based name.
# TRUE or FALSE (case-insensitive)
#nameres.mac_name: TRUE
# Resolve TCP/UDP ports into service names
# TRUE or FALSE (case-insensitive)
#nameres.transport_name: FALSE
# Resolve IPv4, IPv6, and IPX addresses into host names. The next set of check boxes determines how name resolution should be performed. If no other options are checked name resolution is made from Wireshark's host file, capture file name resolution blocks and DNS packets in the capture.
# TRUE or FALSE (case-insensitive)
#nameres.network_name: FALSE
# Whether address/name pairs found in captured DNS packets should be used by Wireshark for name resolution.
# TRUE or FALSE (case-insensitive)
#nameres.dns_pkt_addr_resolution: TRUE
# Use your system's configured name resolver (usually DNS) to resolve network names. Only applies when network name resolution is enabled.
# TRUE or FALSE (case-insensitive)
#nameres.use_external_name_resolver: TRUE
# The maximum number of DNS requests that may be active at any time. A large value (many thousands) might overload the network or make your DNS server behave badly.
# A decimal number
#nameres.name_resolve_concurrency: 500
# By default "hosts" files will be loaded from multiple sources. Checking this box only loads the "hosts" in the current profile.
# TRUE or FALSE (case-insensitive)
#nameres.hosts_file_handling: FALSE
# Resolve VLAN IDs to network names from the preferences "vlans" file. Format of the file is: "ID<Tab>Name". One line per VLAN, e.g.: 1 Management
# TRUE or FALSE (case-insensitive)
#nameres.vlan_name: FALSE
# Resolve SS7 Point Codes to node names from the profiles "ss7pcs" file. Format of the file is: "Network_Indicator<Dash>PC_Decimal<Tab>Name". One line per Point Code, e.g.: 2-1234 MyPointCode1
# TRUE or FALSE (case-insensitive)
#nameres.ss7_pc_name: FALSE
# Resolve Object IDs to object names from the MIB and PIB modules defined below. You must restart Wireshark for this change to take effect
# TRUE or FALSE (case-insensitive)
#nameres.load_smi_modules: FALSE
# While loading MIB or PIB modules errors may be detected, which are reported. Some errors can be ignored. If unsure, set to false.
# TRUE or FALSE (case-insensitive)
#nameres.suppress_smi_errors: FALSE
####### Protocols ########
aim.desegment: FALSE
aol.desegment: FALSE
atp.desegment: FALSE
bzr.desegment: FALSE
bgp.desegment: FALSE
bitcoin.desegment: FALSE
bittorrent.desegment: FALSE
bthci_acl.hci_acl_reassembly: FALSE
bmp.desegment: FALSE
c1222.desegment: FALSE
capwap.reassemble: FALSE
cast.reassembly: FALSE
cflow.desegment: FALSE
clnp.reassemble: FALSE
cmp.desegment: FALSE
cops.desegment: FALSE
cotp.reassemble: FALSE
couchbase.desegment_pdus: TRUE
db-lsp.desegment_pdus: TRUE
dcerpc.desegment_dcerpc: TRUE
dcerpc.reassemble_dcerpc: TRUE
dhcpfo.desegment: TRUE
#dhcpv6.bulk_leasequery.desegment: TRUE
diameter.desegment: TRUE
dicom.pdv_reassemble: FALSE
distcc.desegment_distcc_over_tcp: FALSE
djiuav.desegment: FALSE
dnp3.desegment: FALSE
dns.desegment_dns_messages: TRUE
drda.desegment: FALSE
dsi.desegment: FALSE
edonkey.desegment: FALSE
enip.desegment: FALSE
fc.reassemble: TRUE
fcip.desegment: TRUE
fix.desegment: TRUE
gadu-gadu.desegment: FALSE
gearman.desegment: FALSE
ged125.desegment_body: FALSE
giop.desegment_giop_messages: TRUE
giop.reassemble: TRUE
git.desegment: TRUE
grpc.streaming_reassembly_mode: TRUE
gryphon.desegment: FALSE
gsm_sms.reassemble: TRUE
gsm_sms.reassemble_with_lower_layers_info: TRUE
gss-api.gssapi_reassembly: FALSE
h225.reassembly: TRUE
h245.reassembly: TRUE
h501.desegment: TRUE
h248.desegment: TRUE
hart_ip.desegment: TRUE
hzlcst.desegment: TRUE
hpfeeds.desegment_hpfeeds_messages: FALSE
http.desegment_headers: TRUE
http.desegment_body: TRUE
ifcp.desegment: FALSE
ilp.desegment_ilp_messages: FALSE
ipdc.desegment_ipdc_messages: FALSE
iscsi.desegment_iscsi_messages: FALSE
isns.desegment: FALSE
jxta.desegment: FALSE
kpasswd.desegment: TRUE
kerberos.desegment: TRUE
lg8979.desegment: FALSE
lapdm.reassemble: TRUE
laplink.desegment_laplink_over_tcp: TRUE
ldap.desegment_ldap_messages: TRUE
ldp.desegment_ldp_messages: TRUE
memcache.desegment_headers: TRUE
memcache.desegment_pdus: TRUE
mbrtu.desegment: FALSE
mbtcp.desegment: FALSE
mq.desegment: TRUE
mq.reassembly: TRUE
mysql.desegment_buffers: TRUE
nasdaq_soup.desegment: TRUE
nbd.desegment_nbd_messages: FALSE
nbss.desegment_nbss_commands: FALSE
ncp.desegment: FALSE
ndmp.desegment: FALSE
ndps.desegment_tcp: FALSE
ndps.desegment_spx: FALSE
netsync.desegment_netsync_messages: FALSE
opa.mad.reassemble_rmpp: FALSE
openflow.desegment: FALSE
openwire.desegment: FALSE
opsi.desegment_opsi_messages: FALSE
rtse.reassemble: FALSE
idmp.desegment_idmp_messages: FALSE
idmp.reassemble: FALSE
p_mul.reassemble: FALSE
pn_rt.desegment: FALSE
pop.desegment_data: TRUE
ppi.reassemble: FALSE
pvfs.desegment: FALSE
q931.desegment_h323_messages: TRUE
q931.reassembly: TRUE
rlc.perform_reassembly: FALSE
rlc-lte.reassembly: FALSE
rpc.desegment_rpc_over_tcp: TRUE
rpcap.desegment_pdus: FALSE
rsync.desegment: TRUE
rtmpt.desegment: FALSE
rtp.desegment_rtp_streams: TRUE
rtsp.desegment_headers: FALSE
rtsp.desegment_body: FALSE
sametime.reassemble: FALSE
sasp.desegment_sasp_messages: FALSE
sctp.reassembly: TRUE
selfm.desegment: FALSE
ses.desegment: TRUE
sip.desegment_headers: TRUE
sip.desegment_body: TRUE
skinny.desegment: FALSE
smb.trans_reassembly: TRUE
smb.dcerpc_reassembly: TRUE
smb2.pipe_reassembly: TRUE
smb_direct.reassemble_smb_direct: TRUE
sml.reassemble: TRUE
smp.desegment: TRUE
smpp.reassemble_smpp_over_tcp: TRUE
smtp.desegment_lines: TRUE
smtp.desegment_data: TRUE
snmp.desegment: TRUE
someip.reassemble_tp: FALSE
slsk.desegment: FALSE
soupbintcp.desegment: FALSE
srvloc.desegment_tcp: TRUE
ssh.desegment_buffers: TRUE
s5066dts.proto_desegment: FALSE
s5066sis.desegment_pdus: FALSE
starteam.desegment: FALSE
stt.reassemble: FALSE
t38.reassembly: FALSE
tacplus.desegment: FALSE
tali.reassemble: FALSE
tcp.desegment_tcp_streams: TRUE
tcpros.desegment_tcpros_messages: FALSE
tds.desegment_buffers: FALSE
tibia.reassemble_tcp_segments: FALSE
tipc.desegment: FALSE
tls.desegment_ssl_records: TRUE
tls.desegment_ssl_application_data: TRUE
tns.desegment_tns_messages: FALSE
tpkt.desegment: FALSE
transum.reassembly: FALSE
ucp.desegment_ucp_messages: FALSE
ulp.desegment_ulp_messages: FALSE
uma.desegment_ucp_messages: FALSE
vnc.desegment: FALSE
winsrepl.reassemble: FALSE
wow.desegment: FALSE
x25.reassemble: FALSE
x11.desegment: FALSE
xmpp.desegment: FALSE
xot.desegment: FALSE
yami.desegment: FALSE
ymsg.desegment: FALSE
z3950.desegment_buffers: FALSE