16 years agoFrom Olivier Biot: have a separate subtree ett_ value for concatenated
guy [Wed, 5 Nov 2003 04:23:59 +0000 (04:23 +0000)]
From Olivier Biot: have a separate subtree ett_ value for concatenated

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8884 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoSigh. Some snoop files have 6 bytes of padding; assume the file is a
guy [Tue, 4 Nov 2003 22:14:50 +0000 (22:14 +0000)]
Sigh.  Some snoop files have 6 bytes of padding; assume the file is a
snoop file unless it has enoguh padding to hold a Shomiti trailer

Add a little paranoia about the record and captured data lengths.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8883 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoGet rid of all the UDP-encapsulated IPSec stuff.
guy [Tue, 4 Nov 2003 21:44:27 +0000 (21:44 +0000)]
Get rid of all the UDP-encapsulated IPSec stuff.

draft-ietf-ipsec-udp-encaps-06 says "The UDP port numbers are the same
as used by IKE traffic, as defined in [Kiv05]", and "[Kiv05]" is
draft-ietf-ipsec-nat-t-ike-05, which has been superseded by
draft-ietf-ipsec-nat-t-ike-07; the latter appears to imply that it goes
over port 4500, not port 500.

We already have a draft-ietf-ipsec-udp-encaps-06 dissector for port
4500 (packet-ipsec-udp.c), and it's not entirely clear to me how, if
draft-ietf-ipsec-udp-encaps-06 traffic *did* go over port 500, you'd
distinguish it from regular ISAKMP traffic.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8882 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoSkip the check for the module if a page doesn't have a module.
guy [Tue, 4 Nov 2003 20:33:13 +0000 (20:33 +0000)]
Skip the check for the module if a page doesn't have a module.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8881 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoClean up the way we find the properties page for a given protocol
guy [Tue, 4 Nov 2003 20:22:21 +0000 (20:22 +0000)]
Clean up the way we find the properties page for a given protocol
somewhat; this fixes a bug wherein we were assuming all modules
necessarily had preference pages (they won't, if the only preferences
for the module are obsolete preferences).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8880 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Olivier Biot:
guy [Tue, 4 Nov 2003 19:47:29 +0000 (19:47 +0000)]
From Olivier Biot:

* Extra headers: Encoding-Version, WWW-Authenticate,

* Fix memory allocate/free in header parsing functions & macros

* Add missing "ok = TRUE" for some header parsing functions

* Header subfields all share the same subtree identifier (more

* Get rid of unused header fields and subtrees

* Some whitespace changes

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8879 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Masaki Chikama: fix static compilation of "generic ASN.1" and
guy [Tue, 4 Nov 2003 18:38:53 +0000 (18:38 +0000)]
From Masaki Chikama: fix static compilation of "generic ASN.1" and
Gryphon plugins.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8878 f5534014-38df-0310-8fa8-9805f1628bb7

16 years ago#ifdef out "#include <gtk/gtk.h>", so that --disable-ethereal works again.
gerald [Tue, 4 Nov 2003 16:44:25 +0000 (16:44 +0000)]
#ifdef out "#include <gtk/gtk.h>", so that --disable-ethereal works again.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8877 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoIf we've already constructed a subset tvbuff, don't construct an
guy [Tue, 4 Nov 2003 08:16:02 +0000 (08:16 +0000)]
If we've already constructed a subset tvbuff, don't construct an
identical one and throw away the first one.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8876 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix a typo in the filter documentation link.
gerald [Tue, 4 Nov 2003 01:08:03 +0000 (01:08 +0000)]
Fix a typo in the filter documentation link.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8874 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFinal (?) updates for 0.9.16.
gerald [Mon, 3 Nov 2003 23:28:01 +0000 (23:28 +0000)]
Final (?) updates for 0.9.16.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8873 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoUse "g_get_tmp_dir()" to get the pathname of the temporary file
guy [Mon, 3 Nov 2003 22:32:36 +0000 (22:32 +0000)]
Use "g_get_tmp_dir()" to get the pathname of the temporary file

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8872 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Olivier Abad: Insert the GTK+ 2.2.4
guy [Mon, 3 Nov 2003 21:00:05 +0000 (21:00 +0000)]
From Olivier Abad: Insert the GTK+ 2.2.4
"gtk_tree_view_expand_to_path()" when building with GTK+ 2.0[.x], so
that we can build with 2.0[.x].

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8871 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoApply Anders Broman's changes to the Q.931 dissector to the Q.933
guy [Mon, 3 Nov 2003 20:57:36 +0000 (20:57 +0000)]
Apply Anders Broman's changes to the Q.931 dissector to the Q.933

fix the meaning of the extension bit, and add some more

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8870 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFro Anders Broman: fix the meaning of the extension bit, and add some
guy [Mon, 3 Nov 2003 20:49:16 +0000 (20:49 +0000)]
Fro Anders Broman: fix the meaning of the extension bit, and add some
more bitfields.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8869 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lars Ruoff: fix a problem with wrong maximum delay calculation -
guy [Mon, 3 Nov 2003 20:45:25 +0000 (20:45 +0000)]
From Lars Ruoff: fix a problem with wrong maximum delay calculation -
first or marked packets are now ignored when calculating maximum delay.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8868 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDon't try to get the list of link-layer header types for an interface if
guy [Mon, 3 Nov 2003 10:40:51 +0000 (10:40 +0000)]
Don't try to get the list of link-layer header types for an interface if
the interface isn't in the list of known (local) interfaces - that way
we don't try to get entries if the user's in the middle of changing the
"Interface:" text, or if the interface is an rpcap: URL (getting the
link-layer header type list for a remote interface is currently
impossible, and even just getting its *default* interface type could
hang for a long time if the remote machine isn't responding).

Free the link-layer header type list when we're done with it.

Label the option menu for that list "Link-layer header type", as it
doesn't control the data link type of the interface in the only case I
know of where it's settable, namely 802.11 interfaces - it just controls
whether the packets you get from the interface have a fake Ethernet
header or a real 802.11 header.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8867 f5534014-38df-0310-8fa8-9805f1628bb7

16 years ago"g_list_first()" takes an arbitrary list entry as an argument; you don't
guy [Mon, 3 Nov 2003 10:36:45 +0000 (10:36 +0000)]
"g_list_first()" takes an arbitrary list entry as an argument; you don't
need to call it if you already have a pointer to the first entry in the
list, which is what "a pointer to the list" is.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8866 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Olivier Biot:
guy [Mon, 3 Nov 2003 10:16:00 +0000 (10:16 +0000)]
From Olivier Biot:

* Use function reference arrays for header parse function lookup
  (avoids switch())

* Use macros for the common parts of the header parse functions

* Use macros for identical header dissection functions

* Implement many missing header parse functions

* Automatic header parse error notification

* Some minor edits

* Add HTTP equivalents to WSP status codes

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8865 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoUpdate to 0.9.16.
gerald [Mon, 3 Nov 2003 02:50:11 +0000 (02:50 +0000)]
Update to 0.9.16.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8864 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoExport get_tempfile_path() to the plugins.
gerald [Mon, 3 Nov 2003 02:46:00 +0000 (02:46 +0000)]
Export get_tempfile_path() to the plugins.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8863 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMake get_tempfile_path() work like get_datafile_path(), which removes
gerald [Mon, 3 Nov 2003 02:41:07 +0000 (02:41 +0000)]
Make get_tempfile_path() work like get_datafile_path(), which removes
a dependency on PATH_MAX (which apparently isn't defined under Windows).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8862 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoBump the version number to 0.9.16.
gerald [Sun, 2 Nov 2003 23:36:01 +0000 (23:36 +0000)]
Bump the version number to 0.9.16.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8861 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Michael Lum: Add decode of Bearer Capability parameter.
gerald [Sun, 2 Nov 2003 23:24:48 +0000 (23:24 +0000)]
From Michael Lum: Add decode of Bearer Capability parameter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8860 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Gisle Vanem:
gerald [Sun, 2 Nov 2003 23:12:35 +0000 (23:12 +0000)]
From Gisle Vanem:

* Added a new function get_file_in_temp() to
  epan/filesystem.c. This because of asn1.dll plugin which
  had code to write to a log-file "c:\temp\ethereal.log". I feel
  this patch makes this safer; I don't even have a c:\temp dir.

* Patched packet-asn1.c to use get_file_in_temp().

* Added some #undef to packet-snmp.c to silence gcc.

* Changed "%u" -> "%lu" formats in util.c

Rename get_file_in_temp() to get_tempfile_path() to match other function

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8859 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd an entry for Novell NCS heartbeats (ID 0xE0).
gerald [Sun, 2 Nov 2003 22:12:35 +0000 (22:12 +0000)]
Add an entry for Novell NCS heartbeats (ID 0xE0).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8858 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoThe recent link-layer type additions broke "-r". Make it work again.
gerald [Sun, 2 Nov 2003 19:31:20 +0000 (19:31 +0000)]
The recent link-layer type additions broke "-r".  Make it work again.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8857 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoIn a secure channel verifier, sometimes the nonce isn't present; not sure
tpot [Sun, 2 Nov 2003 03:55:32 +0000 (03:55 +0000)]
In a secure channel verifier, sometimes the nonce isn't present; not sure
why this is so.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8856 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Greg Morris:
guy [Sat, 1 Nov 2003 04:42:19 +0000 (04:42 +0000)]
From Greg Morris:

1. Add several return values
2. Fix the reply structure for NCP 22/48, 23/122
3. Fix the request structure for NCP 23/121
4. ServerID should be displayed as a hex value.
5. ServerStationLong should be LE.
6. JobNumberList should be JobNumberLong.
7. Fix 87/64, 87/65, 87/66, 87/68, 87/69 - These are not Advanced Audit
   Service, they really 64 bit file support NCP's.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8855 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoThe time in Observer files is in nanoseconds since midnight, January 1,
guy [Sat, 1 Nov 2003 03:38:10 +0000 (03:38 +0000)]
The time in Observer files is in nanoseconds since midnight, January 1,
2000, 00:00:00 *local* time.  The amount to add to that is just the UNIX
time stamp value for that point in time; get it with "mktime()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8854 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Charlie Duke: add more functions to the plugin API.
guy [Sat, 1 Nov 2003 03:10:48 +0000 (03:10 +0000)]
From Charlie Duke: add more functions to the plugin API.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8853 f5534014-38df-0310-8fa8-9805f1628bb7

16 years ago"End" means end, not "almost the end".
guy [Sat, 1 Nov 2003 03:10:03 +0000 (03:10 +0000)]
"End" means end, not "almost the end".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8852 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMove the new functions to the end of the list, so we don't change the
guy [Sat, 1 Nov 2003 03:08:37 +0000 (03:08 +0000)]
Move the new functions to the end of the list, so we don't change the
ordinal numbers of the routines already in the list (that breaks binary

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8851 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Charlie Duke: add more functions to the plugin API.
guy [Sat, 1 Nov 2003 03:06:55 +0000 (03:06 +0000)]
From Charlie Duke: add more functions to the plugin API.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8850 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoReturn FALSE from the configure event handler, so that anybody else
guy [Sat, 1 Nov 2003 03:03:25 +0000 (03:03 +0000)]
Return FALSE from the configure event handler, so that anybody else
who's registered for it can get notified about it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8849 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoBased on a patch from Brian Fundakowski Feldman, add support for setting
guy [Sat, 1 Nov 2003 02:30:18 +0000 (02:30 +0000)]
Based on a patch from Brian Fundakowski Feldman, add support for setting
link-layer type when capturing, using the "pcap_set_datalink()" and
related APIs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8848 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Martin Regner: fix a problem with vendorIdentifier in some H.225
guy [Fri, 31 Oct 2003 19:48:29 +0000 (19:48 +0000)]
From Martin Regner: fix a problem with vendorIdentifier in some H.225

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8847 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lars Ruoff:
guy [Fri, 31 Oct 2003 19:45:16 +0000 (19:45 +0000)]
From Lars Ruoff:

- fix missing detection of first packet when writing payload.
- fix bug of erroneous handling of confort noise when writing payload.
- fix bug of possible endless silence insertion on first packet when
  writing payload.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8846 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Erwin Rol: update.
guy [Fri, 31 Oct 2003 18:28:32 +0000 (18:28 +0000)]
From Erwin Rol: update.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8845 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoUpdate the list of supported capture formats.
guy [Fri, 31 Oct 2003 08:15:14 +0000 (08:15 +0000)]
Update the list of supported capture formats.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8844 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix some warnings from pod2man.
guy [Fri, 31 Oct 2003 08:13:07 +0000 (08:13 +0000)]
Fix some warnings from pod2man.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8843 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoTemporarily get rid of the "struct tm" in "struct observer_time", and
guy [Fri, 31 Oct 2003 08:06:25 +0000 (08:06 +0000)]
Temporarily get rid of the "struct tm" in "struct observer_time", and
get rid of the reference to its "tm_gmtoff" member - there are platforms
on which Ethereal runs that don't have "tm_gmtoff" in "struct tm".  If
the time stamp in the packets is nanoseconds since midnight 2001-01-01
*local* time, we'd need to compute the offset between that and midnight
2000-01-01 GMT, and adjust the time with that.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8842 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoInclude <windows.h> so that OSVERSIONINFO and the like are defined on
guy [Fri, 31 Oct 2003 07:57:22 +0000 (07:57 +0000)]
Include <windows.h> so that OSVERSIONINFO and the like are defined on

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8841 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Scott Emberley: support for reading Network Instruments version 9
guy [Fri, 31 Oct 2003 00:43:21 +0000 (00:43 +0000)]
From Scott Emberley: support for reading Network Instruments version 9
capture files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8840 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoWrap "x$POD2MAN" in quotes, so if there are spaces in the pathname, the
guy [Thu, 30 Oct 2003 22:06:07 +0000 (22:06 +0000)]
Wrap "x$POD2MAN" in quotes, so if there are spaces in the pathname, the
configure script doesn't fail.  (The Makefile will probably fail, but
that's another matter.)

If "$POD2MAN" is empty, it could mean that pod2man is installed but the
user's path doesn't include the directory in which it's installed; fix
up the error message.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8839 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoIf we don't have pod2man, quit - otherwise, we'd just drive on and use
guy [Thu, 30 Oct 2003 20:30:19 +0000 (20:30 +0000)]
If we don't have pod2man, quit - otherwise, we'd just drive on and use
the empty POD2MAN variable in commands, producing very confusing errors.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8838 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoOn UNIX, give up set-UID and set-GID privileges before opening capture
guy [Thu, 30 Oct 2003 19:56:47 +0000 (19:56 +0000)]
On UNIX, give up set-UID and set-GID privileges before opening capture
files and immediately after opening capture devices, so we run without
privileges as much as possible.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8837 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Josef Korelus: fix reversed messages in true_false_string tables.
guy [Thu, 30 Oct 2003 19:43:15 +0000 (19:43 +0000)]
From Josef Korelus: fix reversed messages in true_false_string tables.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8836 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Michael Lum: dissect DTAP from RANAP NAS PDU fields.
guy [Thu, 30 Oct 2003 19:39:33 +0000 (19:39 +0000)]
From Michael Lum: dissect DTAP from RANAP NAS PDU fields.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8835 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Michael Lum: step over unknown parameters.
guy [Thu, 30 Oct 2003 19:38:57 +0000 (19:38 +0000)]
From Michael Lum: step over unknown parameters.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8834 f5534014-38df-0310-8fa8-9805f1628bb7

16 years ago"strchr()" and the like would be compared against NULL; "strcmp()",
guy [Thu, 30 Oct 2003 11:56:36 +0000 (11:56 +0000)]
"strchr()" and the like would be compared against NULL; "strcmp()",
however, is compared against 0.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8833 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoNo zero-length arrays, please.
guy [Thu, 30 Oct 2003 11:54:21 +0000 (11:54 +0000)]
No zero-length arrays, please.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8832 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoThe quantities in the hcidump header are little-endian, not big-endian.
guy [Thu, 30 Oct 2003 11:53:48 +0000 (11:53 +0000)]
The quantities in the hcidump header are little-endian, not big-endian.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8831 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDefinitions of arrays, with no length specified, are not legal C.
guy [Thu, 30 Oct 2003 11:21:26 +0000 (11:21 +0000)]
Definitions of arrays, with no length specified, are not legal C.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8830 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoApply Anders Broman's changes to the Q.931 dissector to the Q.933
guy [Thu, 30 Oct 2003 08:34:59 +0000 (08:34 +0000)]
Apply Anders Broman's changes to the Q.931 dissector to the Q.933

fix the offset when putting the cause code in a Cause IE into the
protocol tree;

in a Number IE, show the number type, numbering plan, and
extension indicator as named-field bitfields.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8829 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Anders Broman:
guy [Thu, 30 Oct 2003 08:07:30 +0000 (08:07 +0000)]
From Anders Broman:

fix the offset when putting the cause code in a Cause IE into the
protocol tree;

in a Number IE, show the number type, numbering plan, and
extension indicator as named-field bitfields.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8828 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Michael Lum: squelch a couple of compiler warnings.
guy [Thu, 30 Oct 2003 07:14:27 +0000 (07:14 +0000)]
From Michael Lum: squelch a couple of compiler warnings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8827 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Michael Lum:
guy [Thu, 30 Oct 2003 07:00:18 +0000 (07:00 +0000)]
From Michael Lum:

GSM BSSMAP (GSM 08.08) support
GSM DTAP (3GPP TS 24.008) support
GSM SMS (3GPP TS 24.011) support
GSM SS (3GPP TS 24.080) support
GSM SMS TPDU (3GPP TS 23.040) support

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8826 f5534014-38df-0310-8fa8-9805f1628bb7

16 years ago#if 0 out the stuff to set the reported length, as it'd throw an
guy [Thu, 30 Oct 2003 03:15:26 +0000 (03:15 +0000)]
#if 0 out the stuff to set the reported length, as it'd throw an
exception if it would increase the reported length.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8825 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Marcel Holtmann: support for reading Linux Bluez Bluetooth stack
guy [Thu, 30 Oct 2003 03:11:03 +0000 (03:11 +0000)]
From Marcel Holtmann: support for reading Linux Bluez Bluetooth stack
"hcidump -w" traces.

Note that Jesper Peterson contributed support for reading Endace ERF

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8824 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Dinesh Dutt:
guy [Thu, 30 Oct 2003 02:06:13 +0000 (02:06 +0000)]
From Dinesh Dutt:

- Dissector for FICON
- Dissector for FC-SP (Security Protocol for Fibre Channel)
- Patches to correct the reassembly of FC fragments.
- Support for new MDS Port Analyzer Adapters that carry the
  frame length for truncated frames.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8823 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDecorate higher level proto_item with NetFn and LUN values in hex.
tpot [Thu, 30 Oct 2003 00:39:51 +0000 (00:39 +0000)]
Decorate higher level proto_item with NetFn and LUN values in hex.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8822 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMake the "fvalue_set" methods for types whose value is allocated free
guy [Wed, 29 Oct 2003 23:48:14 +0000 (23:48 +0000)]
Make the "fvalue_set" methods for types whose value is allocated free
any previously-allocated version first, so that they don't leak memory.

From Olivier Biot: add a "proto_item_append_string()" routine, to append
to the string value a protocol tree item has.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8821 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoPut quotes around values for FT_ABSOLUTE_TIME variables, and around
guy [Wed, 29 Oct 2003 23:15:35 +0000 (23:15 +0000)]
Put quotes around values for FT_ABSOLUTE_TIME variables, and around
values with white space in them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8820 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoHave the "edit display filters" button do the exact same thing as the
guy [Wed, 29 Oct 2003 22:39:49 +0000 (22:39 +0000)]
Have the "edit display filters" button do the exact same thing as the
"Edit -> Display Filters..." menu item, as per Ulf Lamping - there's
apparently some problem wherein &args doesn't get passed properly to the

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8819 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoPlug that leak with a cleanup handler, so we don't leak the variable OID
guy [Wed, 29 Oct 2003 22:11:08 +0000 (22:11 +0000)]
Plug that leak with a cleanup handler, so we don't leak the variable OID
if we throw an exception fetching the variable value.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8818 f5534014-38df-0310-8fa8-9805f1628bb7

16 years ago...and there's one leak we missed.
guy [Wed, 29 Oct 2003 22:04:57 +0000 (22:04 +0000)]
...and there's one leak we missed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8817 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAnother leak that isn't.
guy [Wed, 29 Oct 2003 22:02:11 +0000 (22:02 +0000)]
Another leak that isn't.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8816 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoActually, one of those *isn't* a leak; don't free something we haven't
guy [Wed, 29 Oct 2003 22:00:54 +0000 (22:00 +0000)]
Actually, one of those *isn't* a leak; don't free something we haven't
allocated yet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8815 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix some memory leaks found by Steve Ford.
guy [Wed, 29 Oct 2003 21:54:45 +0000 (21:54 +0000)]
Fix some memory leaks found by Steve Ford.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8814 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Steve Ford: "prefs_register_string_preference()" makes a copy of
guy [Wed, 29 Oct 2003 21:19:44 +0000 (21:19 +0000)]
From Steve Ford: "prefs_register_string_preference()" makes a copy of
any string pointed to by the preference variable - as the value we set
it to is allocated, we should free it after registering the preference.

The register routine is called only once - don't worry about whether
"gbl_diameterDictionary" is null or not.

Get rid of a duplicate credit entry in the man page.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8813 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Matthijs Melchior: #ifdef out the GUI code, for now.
guy [Wed, 29 Oct 2003 10:54:17 +0000 (10:54 +0000)]
From Matthijs Melchior: #ifdef out the GUI code, for now.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8812 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoThere's no need to #define tvb_get_string or tvb_get_stringz - that's
guy [Wed, 29 Oct 2003 10:37:28 +0000 (10:37 +0000)]
There's no need to #define tvb_get_string or tvb_get_stringz - that's
done in Xplugin_api.h.

However, we do need to include "epan/filesystem.h", to declare

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8811 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoUse "get_datafile_path()", rather than constructing the default ASN.1
guy [Tue, 28 Oct 2003 21:47:32 +0000 (21:47 +0000)]
Use "get_datafile_path()", rather than constructing the default ASN.1
file path by hand.

Set "default_asn1_filename", not "asn1_filename", to the default path.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8810 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoExport "get_datafile_path()", not "get_datafile_dir()" - most if not all
guy [Tue, 28 Oct 2003 21:46:26 +0000 (21:46 +0000)]
Export "get_datafile_path()", not "get_datafile_dir()" - most if not all
dissectors need only the former, which does the pathname-construction
work for you.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8809 f5534014-38df-0310-8fa8-9805f1628bb7

16 years ago"get_datafile_dir()" is now in the plugin table.
guy [Tue, 28 Oct 2003 21:04:16 +0000 (21:04 +0000)]
"get_datafile_dir()" is now in the plugin table.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8808 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd "get_datafile_dir()" to the plugin API list, for the benefit of
guy [Tue, 28 Oct 2003 21:03:01 +0000 (21:03 +0000)]
Add "get_datafile_dir()" to the plugin API list, for the benefit of
plugins that might get configuration information from a file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8807 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAs we don't supply a default ASN.1 SNACC output file, if we get an
guy [Tue, 28 Oct 2003 20:53:37 +0000 (20:53 +0000)]
As we don't supply a default ASN.1 SNACC output file, if we get an
ENOENT when trying to open the SNACC file, and the file we're trying to
open is the default file, don't print a warning.

Fix some typoes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8806 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoThis dissector uses GTK+ calls (which no dissector should); until that's
guy [Tue, 28 Oct 2003 20:44:51 +0000 (20:44 +0000)]
This dissector uses GTK+ calls (which no dissector should); until that's
fixed, use GTK_CFLAGS and GTK_LIBS rather than GLIB_CFLAGS and

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8805 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix the Makefile to match other plugin Makefiles.
guy [Tue, 28 Oct 2003 19:27:49 +0000 (19:27 +0000)]
Fix the Makefile to match other plugin Makefiles.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8804 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Michael Lum: fixed BCD decoding of filler nibble and fixed some
guy [Tue, 28 Oct 2003 18:08:52 +0000 (18:08 +0000)]
From Michael Lum: fixed BCD decoding of filler nibble and fixed some
minor bugs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8803 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lo�c Minier: get rid of the second of a pair of identical checks.
guy [Tue, 28 Oct 2003 17:59:29 +0000 (17:59 +0000)]
From Lo�c Minier: get rid of the second of a pair of identical checks.

As per a note by Olivier Biot, make the "multipart/XXX" items all lower

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8802 f5534014-38df-0310-8fa8-9805f1628bb7

16 years ago"%.*" expects an "int" argument giving the precision.
guy [Tue, 28 Oct 2003 17:27:56 +0000 (17:27 +0000)]
"%.*" expects an "int" argument giving the precision.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8801 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFull duplex analyzers that capture each direction of a link with a separate NIC will...
sahlberg [Tue, 28 Oct 2003 08:50:39 +0000 (08:50 +0000)]
Full duplex analyzers that capture each direction of a link with a separate NIC will lose the time integrity between the two NICs more often than one might expect.
It is thus relatively common that a data segment and its ACK being swapped in the capture file.

Therefore, drop the condition that a segment must not have been acked yet in the detection of OutOfOrder segments.

Second, fix a bug where we didnt keep track of the ack numbers properly for relative sequence number analysis.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8800 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Matthias Melchior: plugin to decode BER-encoded ASN.1 messages,
guy [Tue, 28 Oct 2003 07:02:38 +0000 (07:02 +0000)]
From Matthias Melchior: plugin to decode BER-encoded ASN.1 messages,
given a type-table from "snacc" as a protocol description.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8799 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Giles Scott: Alteon/Nortel Transparent Proxy Control Protocol
guy [Tue, 28 Oct 2003 06:44:21 +0000 (06:44 +0000)]
From Giles Scott: Alteon/Nortel Transparent Proxy Control Protocol

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8798 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoClarify the previous checkin - that applies to the 'value' argument.
guy [Tue, 28 Oct 2003 05:50:52 +0000 (05:50 +0000)]
Clarify the previous checkin - that applies to the 'value' argument.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8797 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAs per a suggestion by Olivier Biot, note that objects pointed to by
guy [Tue, 28 Oct 2003 05:49:29 +0000 (05:49 +0000)]
As per a suggestion by Olivier Biot, note that objects pointed to by
pointer arguments to "proto_tree_add_XXX" functions are copied - if you
allocated a buffer for one of them (e.g., a string), and you don't free
that buffer when you're done with it, you'll leak memory.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8796 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Dinesh Dutt:
guy [Tue, 28 Oct 2003 03:57:49 +0000 (03:57 +0000)]
From Dinesh Dutt:

Add dissection code for the following additional SCSI commands:
     - Start/Stop Unit
     - Write Buffer
     - Send Diagnostics

Don't copy the product serial number to a buffer before printing

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8795 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lars Roland: H.225 message and reason tag counter taps.
guy [Tue, 28 Oct 2003 00:31:17 +0000 (00:31 +0000)]
From Lars Roland: H.225 message and reason tag counter taps.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8794 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom a suggestion by Jim McDonough: support for the INITSHUTDOWN service.
guy [Mon, 27 Oct 2003 23:31:54 +0000 (23:31 +0000)]
From a suggestion by Jim McDonough: support for the INITSHUTDOWN service.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8793 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDon't draw a Y-axis label if you haven't constructed the label string.
guy [Mon, 27 Oct 2003 23:12:53 +0000 (23:12 +0000)]
Don't draw a Y-axis label if you haven't constructed the label string.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8792 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAllow + and , in unparsed strings, so that you can use + as a sign in a
guy [Mon, 27 Oct 2003 22:45:47 +0000 (22:45 +0000)]
Allow + and , in unparsed strings, so that you can use + as a sign in a
number or exponent and so that floating-point numbers can use , as well
as . as a decimal point.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8791 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lars Roland: fix a typo.
guy [Mon, 27 Oct 2003 22:29:52 +0000 (22:29 +0000)]
From Lars Roland: fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8790 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lars Roland: whitespace cleanups.
guy [Mon, 27 Oct 2003 22:28:48 +0000 (22:28 +0000)]
From Lars Roland: whitespace cleanups.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8789 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoSquelch some signed vs. unsigned comparison warnings.
guy [Mon, 27 Oct 2003 19:34:03 +0000 (19:34 +0000)]
Squelch some signed vs. unsigned comparison warnings.

Get rid of an unused variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8788 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Dinesh Dutt: display the FC CRC for frames encapsulated with
guy [Mon, 27 Oct 2003 19:30:55 +0000 (19:30 +0000)]
From Dinesh Dutt: display the FC CRC for frames encapsulated with
MDSHDR, and show only the low-order 13 bits of the packet length field.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8787 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lo�c Minier: HTTP header and payload desegmentation.
guy [Mon, 27 Oct 2003 09:17:21 +0000 (09:17 +0000)]
From Lo�c Minier: HTTP header and payload desegmentation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8786 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd filter button support to FibreChannel stats and DCERPC stats.
sharpe [Mon, 27 Oct 2003 01:35:53 +0000 (01:35 +0000)]
Add filter button support to FibreChannel stats and DCERPC stats.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8785 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd Filter Button support for onc-rpc as well ...
sharpe [Mon, 27 Oct 2003 01:20:16 +0000 (01:20 +0000)]
Add Filter Button support for onc-rpc as well ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8784 f5534014-38df-0310-8fa8-9805f1628bb7