-$Id: TODO,v 1.2 1999/12/04 06:15:31 gram Exp $
+$Id$
Things to do:
=============
-1. Protocol dispatchers, allowing run-time setting of protocol "chaining"
+*) Protocol dispatchers, allowing run-time setting of protocol "chaining"
(i.e., UDP port X calls dissector Y)
-2. Loadable modules, closely related to the previous item.
+*) Work on packet capturing in wiretap - or just make it a wrapper
+around libpcap/WinPcap, hiding some of the stuff Ethereal and
+Tethereal currently have to do independently
-3. Work on packet capturing in wiretap
+*) Either as part of the previous item, or as a capture-filter
+translator that generates "libpcap"-style capture filter expressions,
+provide a capture filter syntax similar to the display filter syntax.
+(The syntax differences get in the way of users; the fact that you have
+to construct some filters by hand, e.g. looking only for initial SYN
+packets for TCP connections by doing bit-testing of the flags in a TCP
+header has been a pain for some users; and people have asked for
+capabilities that aren't conveniently available, or aren't available at
+all, in "libpcap"-style capture filters:
-4. I just discovered that sshd sets the SSH_CLIENT variable to source IP,
-sort port, and destination port. That coupled with a destination IP
+ the ability to filter on characteristics of IPX packets;
+
+ the ability to select, for example, TCP packets with port
+ numbers *greater than* a particular value, which in "libpcap"
+ filters you have to do by explicitly testing subfields of the
+ TCP header rather than doing "tcp.port > 1000";
+
+ etc.)
+
+*) I just discovered that sshd sets the SSH_CLIENT variable to source IP,
+source port, and destination port. That coupled with a destination IP
would give us enough information to carry out remote protocol capturing,
tcpdump over ssh:
where "filter" filters out our own ssh packets (using the infromation
from $SSH_CLIENT). Any takers?
-5. Of course, packet defragmentating. IP, TCP, UDP, need to be reassembled
-and re-analyzed.
-
-6. I'd like to someday re-write the display filter routines to have a more
+*) Of course, packet defragmentation. We currently reassemble:
+
+ IP fragments
+ IPv6 fragments
+ OSI CLNP segments
+ ONC RPC-over-TCP and DCE RPC fragments
+ 802.11 fragments
+ X.25 packets with M set
+ ATP fragments
+ EAP/TLS fragments
+ Fibre Channel fragments
+ Netware NDPS fragments
+ NBF fragments
+ Fragmented SNA BIUs
+ TDS (Sybase/Microsoft SQL Server) fragments
+ WTP fragments.
+
+ and currently support, for many protocols running atop TCP and the
+ SMB pipe protocol, reassembling the data stream and breaking the
+ resulting stream into higher-level packets. We want to support that
+ for more TCP-based protocols; we might also want to reassemble:
+
+ NBDS
+ PPP Multilink
+
+ and possibly other protocols.
+
+*) I'd like to someday re-write the display filter routines to have a more
powerful syntax.
-7. More on-line help, and neato things with the protocol tree and
+*) More on-line help, and neato things with the protocol tree and
right-clicks.
-8. A GtkClist replacement, with dynamic columns.
+*) A GtkClist replacement, with dynamic columns, allowing columns to be
+added, removed, or moved without having to exit and restart Ethereal.
+(guy)
-9. A GUI capture/display filter creator.
+*) A GUI capture/display filter creator (we have stuff to add fields to
+display filters, but perhaps something such as what Network Monitor has,
+to add AND/OR/NOT operators, would be useful)
-10. Run-time configuration of tunnelling protocols -- display tunnelled
+*) Run-time configuration of tunnelling protocols -- display tunnelled
protocol as data or as a full-fledged protocol (which subtree do we put
it under?)
-11. Run-time configuration of data shown in capture statistics window.
+*) Run-time configuration of data shown in capture statistics window.
+
+*) A GtkWidget for authors in the About box. We've got a lot of authors!
+We've currently banished the list of authors to the AUTHORS file and the
+man page, which may be the right solution here. [DONE]
-12. A GtkWidget for authors in the About box. We've got a lot of authors!
+*) Finish moving GTK-dependent code into gtk/ subdirectory. [DONE]
-13. Finish moving GTK-dependent code into gtk/ subdirectory.
+*) Provide alternative user interfaces, e.g. other toolkits (Qt/KDE,
+full GNOME, native Windows, native Aqua, etc.) and text-mode "curses".
-14. Display filters: support FT_STRING filters
+*) Kerberos version 4 dissector - standard krb4 - from tcpdump (nneul);
+we have krb5, but not krb4
-15. Display filters: add regexes to strings and byte ranges
+*) Build process:
+ - Merge epan/configure.in back into toplevel configure.in [DONE]
+ - Run make-version.pl only once per make
+ - --enable-static doesn't build on all platforms any more (e.g. Suse 9.0)
+ because all static builds are not supported on those platforms. Try to
+ link "as statically as possible"
+ - Support native win32 builds using auto-tools and gcc
+ - Move dissectors and supporting files into the epan tree
+ - Move plugins into the epan tree
+ - move libs/objects to be linked into LDADD_xxx where appropriate
+ - make heimdal detection work for everyone
+*) Allow packet summary and packet dissection as valid "fields" in display
+ filter tests:
+ - summary matches "(?i)response"
+ - dissection contains "Unknown"