Files used by Ethereal

This file contains all your Ethereal preferences, including defaults for capturing and displaying packets. It is a simple text file containing statements of the form variable: value.

This file contains all the filters that you have defined and saved. It consists of one or more lines, where each line has the following format:

"<filter name>" <filter string>

This file contains all the color filters that you have defined and saved. It consists of one or more lines, where each line has the following format:

@<filter name>@<filter string>@[<bg RGB(16-bit)>][<fg RGB(16-bit)>]

Ethereal searches for plugins in the directories listed above. They are searched in the order listed.

When Ethereal is trying to translate Ethernet hardware addresses to names, it consunts the files listed above in the order listed. If an address is not found in /etc/ethers, Etherereal looks in $HOME/.ethereal/etheres

Each line in these files consists of one hardware address and name separated by whitespace. The digits of hardware addressses are spearated by colons (:), dashes (-) or periods(.). The following are some examples:

  ff-ff-ff-ff-ff-ff    Broadcast
  c0-00-ff-ff-ff-ff    TR_broadcast
  00.2b.08.93.4b.a1    Freds_machine

Ethereal uses the file listed above to translate the first three bytes of an Ethernet address into a manufacturers name. This file has the same format as the ethers file, except addresses are three bytes long.

Ethereal uses the above file to translate IPX network numbers into names.

An example is:

  
  C0.A8.2C.00      HR
  c0-a8-1c-00      CEO
  00:00:BE:EF      IT_Server1
  110f             FileServer3