Packet sniffing in rc4 seems to have a few small bugs. I had a the interface filter set to a specific entry but I still recorded / show some packets from other interfaces. Only a few packets though, not all. I have a screenshot if needed.
Sorting by the time column does not work correctly. I am showing packets with time stamps that are out of order slightly (by a few seconds each).
When downloading the saved pcap from the router and viewing with Ethereal the timestamps on packets are not correct. Instead of time increasing from 0 it is being decreased from 0. (-1 second, -2 seconds, -400 seconds, etc) In 2.8 the timestamps were using the router time - this is essential for evidence captures and will hopefully be fixed soon in 2.9.
It would also be nice to have a refresh button in the packet sniffer window as well. I see F5 works to refresh the listing although I’m sure not many people know that. A refresh upon changing tabs would also be nice, otherwise there is nothing shown.
Another nice option would be an go up/down packet button when viewing the ASCII/HEX dump of the packets within the winbox tool. Having to click back to the main window, double click the next line, then switch to the packet tab is a lot of steps to trace a quick conversation.
Keep up the good work!
Sam