Improvement: Show port number directly within the log!

[esrat]

Hi, I just submitted a bug report, for which I had to extensively use Rethink's log to look at single connection attempts.

To distinguish different types of requests the port number is inherently necessary! The little information tag ("HTTP" if the service uses a known standard port or "TCP" if not) is not sufficient! For analysing the network problems caused by Rethink I had to tip on hundreds of list entries, just to see the port of the connection request. That is really not quite motivating (but quite frustrating)!

Please add the port number to the entries of the log's list view!

[ignoramous]

The little information tag ("HTTP" if the service uses a known standard port or "TCP" if not) is not sufficient!

Please use Configure -> Settings -> Packet capture to do analysis with any tool that is capable of analysing .pcap output (like WireShark). Network Log is mostly meant for realtime flow of connections and not much else.

Please add the port number to the entries of the log's list view!

The port number can be appended to its corresponding IP address. We'll consider doing so, but no guarantees.

[esrat]

Please use Configure -> Settings -> Packet capture to do analysis with any tool that is capable of analysing .pcap output (like WireShark). Network Log is mostly meant for realtime flow of connections and not much else.

Thanks for the hint! I would love to get further filtering methods. But somehow there is nothing written into the created .pcap-file!? I've chosen to write the the log file to the Downloads and can see the created directory and file. - But this file does stay at a size of 0 Byte, even after restarting the device and waiting for some time. It also keeps its creation timestamp even though I see connections pouring in to the Network Log! (A new file is being created every time I disable and enable the option - but it never gets any content.)

The port number can be appended to its corresponding IP address. We'll consider doing so, but no guarantees.

That would be nice! I haven't seen it differently in any serious firewall. Even Netguard does always show the port number after IP addresses or domain names within logged connection attempts to distinguish them (even though they do not offer any means to filter single connections within the free version). For my bug analysis I only needed to count the connections to the web server and to the application server separately from each other ... and therefor I had to tap on every single line.

As another suggestion I would like to see the filter possibilities extended to the port number! Right now it is possible to filter for apps, IP addresses and domain names. It would be fine to also be able to filter by (remote) port number since port numbers always correlate with services, no matter which browser's or other app's behaviour is being analysed.

[ignoramous]

But this file does stay at a size of 0 Byte, even after restarting the device and waiting for some time.

Strange. We did fix Packet capture (.pcap) related bugs in versions after v055e (#1361). Are you on the latest v055n (check the footer of Rethink's About UI)?

That would be nice! I haven't seen it differently in any serious firewall

Rethink may not qualify as serious firewall, but it does show the port number. Check the top left-hand corner of the bottomsheet that comes up when you tap on any entry in Network Log.

For my bug analysis I only needed to count the connections to the web server and to the application server separately from each other ... and therefor I had to tap on every single line.

Gotcha.

As another suggestion I would like to see the filter possibilities extended to the port number!

If you're technical enough, consider sending a pull request (: This filter does make sense but it isn't priority (given other important major/minor issues).