目前正在学习使用 Wireshark。

当我进行捕获并单击其中一行时，我会在“数据包详细信息”窗格中看到以下细分：

Frame
Linux Cooked Capture
Internet Protocol Version 4
User Datagram Protocol

当我单击“框架”时，我会看到以下元素的列表：

Interface Id: 0
Encapsulation Type: Linux cooked-mode-capture
Arrival Time: Oct 25, 2018 15:53:08.775646000 IST
[Time shift for this packet: 0.00000000000 seconds]
Epoch Time: 1540479188.775656000 seconds 
[Time delta from previous captured frame: 0.355555530000 seconds]
[Time delta from previous displayed frame: 0.00000000000 seconds]
Frame number: 12
Frame length: 45 bytes (360 bits)
Capture length: 45 bytes (360 bits) My question
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:udp]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]

当然，我想知道“框架”与什么有关，因此我快速搜索了以下内容：

"What does frame in Wireshark related to?" 

这使我找到了以下来源：https : //wiki.wireshark.org/Protocols/frame，其中指出：

The frame protocol is not a real protocol, but is is used by Wireshark as a base,
for all the other protocols on top of it. It shows information from capturing,
such as the exact time a specific frame was captured. You could think of it as a,
pseudo dissector.

我将上述声明解释为“帧”不是在我进行捕获时实际从 (A) 点传输到 (B) 点的数据，而是 Wireshark 在其上“构建”捕获的一些容器数据给我看。

我的问题：为帧内部的Wireshark用于帮助用户很容易地看到感兴趣的包和一些Wireshark的配置数据的一些全局信息或者是框架的本身和网络协议？

澄清一下，这是 Wiresharks 表示 OSI 协议的物理层吗？

此外，因为这可能对未来的其他读者有用；随意评论以下每个的含义（注意：我最初是从 OP 中的猜测开始的，但会随着我从答案和其他来源中了解更多信息而更新）

Interface Id: 0 (The ID of the interface on which the packet was captured?)

Encapsulation Type: Linux cooked-mode-capture (I have no idea what this is?)

Arrival Time: Oct 25, 2018 15:53:08.775646000 IST (The exact time the packet was captured at?)

[Time shift for this packet: 0.00000000000 seconds] (No idea?)

Epoch Time: 1540479188.775656000 seconds (No idea)?

[Time delta from previous captured frame: 0.355555530000 seconds] (Time difference between this captured "Frame" and the last captured "Frame"?)

[Time delta from previous displayed frame: 0.00000000000 seconds] (Time difference between this displayed frame and the last, 0 as this is the first packet in the capture?)

Frame number: 12 (This is the first packet in the capture so why does is have number 12?)

Frame length: 45 bytes (360 bits)

Capture length: 45 bytes (360 bits) My question

[Frame is marked: False] (No idea?)

[Frame is ignored: False] (No idea?)

[Protocols in frame: sll:ethertype:ip:udp] (Protocols found in this packet?)

[Coloring Rule Name: UDP] (The name of the rule set by the Wireshark user to color packets like this one)

[Coloring Rule String: udp] (Like aboe, relates to a user specified colouring rule in Wireshark config)