These are the steps to try out MATE:
- Run Wireshark and check if the plugin is installed (MATE should appear in Help→About Wireshark:Plugins)
- Get a configuration file e.g., tcp.mate (see Mate/Examples for more) and place it somewhere on your harddisk.
- Go to Edit→Preferences…→Protocols→MATE and set the Configuration Filename to the file you want to use and restart Wireshark.
-
Load a corresponding capture file (e.g.,
http.cap) and see if MATE
has added some new display filter fields, something like:
mate tcp_pdu:1→tcp_ses:1or, at prompt:path_to/wireshark -o "mate.config: tcp.mate" -r http.cap.
If everything went well, your packet details might look something like this:
