Using Packet Log Viewer





The style of the list view is not different from the traffic log viewer, but the TCP flag data is added here. And the time data is extended to milli-second units.

TCP Flags
U : Urgent Flag
A : Acknowledgment Flag
P : Push Flag
R : Reset Flag
S : Synchronize Flag
F : Fin Flag



Viewing Log

You can follow the same procedure as one on the Traffic Log Viewer. Just press the Read button, then the log data is displayed on the list view. The filter function is also available ( >>Using Filter ). But the Filter List is ineffectual here.



Viewing Packet

To open the Packet Viewer dialog ( below ), select one event in the list, and double-click ( or Ctrl + W ).


This viewer keeps the data of multiple packets. The series of packets are related to each other like a sequence of packets in one session. For example, in the case of TCP this background list consists of packets from SYN to FIN-ACK. You can find the index number on the top of this window and control this with the arrow buttons.

The tree view on the left side ( Packet Decode Field ) provides the analysis of protocol headers in each packet data. The edit box on the right side ( Packet Dump Field ) displays packet dumps in hexadecimal numbers. Message Field displays message data other than protocol headers.

When you select one tree item in the Decode Field or text characters in the Message Field, the selection mark is set in the Dump Field. You can recognize the actual raw data and compare the two.

You can save the packet data to a file from the context menu on the tree view (Save to File). To save the data you must select one tree item that you need.


You can search data in packets with the magnifying glass button. When you search a sentence, check the radio button to "String". Remember that this mode performs a case-sensitive search.

"Hex" mode is used for hexadecimal data search. You can specify hexadecimal numbers marked off by a space in the edit box.

[Hex data example]
5B 53 79 67 61 74 65 2E 5D 00
5b 53 79 67 61 74 65 2E 5d 0


Decodable Protocols

  • Ethernet
  • IP
  • TCP, UDP, ICMP, IGMP
  • DHCP, TFTP

    LookupMAC.dll

    This library provides a search function to get a vendor name from the OUI ( Organizationally Unique Identifier ) of the MAC address, but you may not get the correct information, because this registration status changes sometimes and some manufacturers subcontract component manufacture. You can get more information about the OUI here.

    If you don't need this information, you may delete this file.



    Top Page