19 years agoCope with some of the *other* oddities that Linux ISDN appears to stick
guy [Sun, 13 Aug 2000 08:53:51 +0000 (08:53 +0000)]
Cope with some of the *other* oddities that Linux ISDN appears to stick
at the beginning of packets.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2266 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoOn Win32, if the attempt to open the capture device fails, don't talk
guy [Sun, 13 Aug 2000 08:17:03 +0000 (08:17 +0000)]
On Win32, if the attempt to open the capture device fails, don't talk
about checking permissions, as the capture devices are probably
available to all users, and talking about permissions will only confuse
the user.  Do, however, warn that Ethereal can't capture on Token Ring
or PPP/WAN interfaces.

On UNIX, if the attempt to open the capture device fails, and the error
message starts with "can't find PPA for ", they are probably running on
HP-UX with a version of libpcap not patched to properly look up PPAs for
network interfaces given the interface name; give them a detailed
warning about this, telling them that they'll have to fix libpcap and
build Ethereal from source, and pointing them at the "README.hpux" file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2265 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoGive, in "README.hpux", what appears to be the new URL for the UK HP-UX
guy [Sun, 13 Aug 2000 07:48:56 +0000 (07:48 +0000)]
Give, in "README.hpux", what appears to be the new URL for the UK HP-UX
Porting and Archive Centre site.

Warn in the very beginning of that file that libpcap may not work very
well without patches.  Give patches to libpcap for:

vanilla LBL libpcap 0.4

vanilla tcpdump.org libpcap 0.5

libpcap 0.4 from the HP-UX Porting and Archive Centre (which is
the only version that includes configure-script changes to work
with HP's C compiler as well as GCC)

and put them in files separate from "README.hpux" (to make it easier for
users to apply the patches).

Make those versions of the patch give a slightly different error message
if libpcap fails to find the PPA for the device, to make it easier to
figure out if the user reporting a problem with HP-UX capture has a
patched version of libpcap or not (so that we know whether the problem
may just be that they're using an unmodified libpcap, or if they're
running a patched version and that patch needs more work, e.g. to look
at devices other than just "/dev/dlpi").

Give information on how to find "patch", warn that probably only the
HP-UX Porting and Archive Centre version will work with the HP C
compiler, warn that applying a version of the patch other than the one
for the particular version of libpcap you've downloaded will probably
not work, and warn that you need to download source to libpcap in order
to do any of this in the first place.

(The current libpcap CVS tree at tcpdump.org has this patch in it, so
the next release of libpcap from tcpdump.org should have it; hopefully
the HP-UX Porting and Archive Centre will switch to that version when it
comes out, and people will just be able to push a few buttons to get an
Ethereal that works on HP-UX.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2264 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago- add HAVE_CONFIG_H
deniel [Sat, 12 Aug 2000 12:56:23 +0000 (12:56 +0000)]
- add display filters

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2263 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoInitialize "last_blob" and "current_blob" when the file is opened.
guy [Sat, 12 Aug 2000 07:12:46 +0000 (07:12 +0000)]
Initialize "last_blob" and "current_blob" when the file is opened.

Set "current_blob" when the first read is done from the random file, as
"current_blob" is the current blob in the random file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2262 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoRSH dissector, from Robert Tsai.
guy [Sat, 12 Aug 2000 05:41:10 +0000 (05:41 +0000)]
RSH dissector, from Robert Tsai.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2261 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago"p_get_proto_data()" should, if it finds an entry, return the pointer
guy [Sat, 12 Aug 2000 00:15:40 +0000 (00:15 +0000)]
"p_get_proto_data()" should, if it finds an entry, return the pointer
supplied in the "p_add_proto_data()" call that created the entry, not
the pointer to the data structure that holds the protocol and data
arguments to "p_add_proto_data()" (the protocol is uninteresting, as
its value is the value supplied as the "proto" argument to

The "frame_proto_data" structure isn't needed outside the code that
handles it; remove its definition from "packet.h" and put it in

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2260 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoRemove my unmaintained http address and add some stuff
deniel [Fri, 11 Aug 2000 22:33:43 +0000 (22:33 +0000)]
Remove my unmaintained http address and add some stuff
in order to know who to complain :-)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2259 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago- add ipv6.addr for the source and destination addresses (like ipv4)
deniel [Fri, 11 Aug 2000 22:18:22 +0000 (22:18 +0000)]
- add ipv6.addr for the source and destination addresses (like ipv4)
- implement the TCP follow feature for TCP over IPv6

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2258 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoGive them RCS IDs.
guy [Fri, 11 Aug 2000 22:03:03 +0000 (22:03 +0000)]
Give them RCS IDs.

Fix a typo in the LGPL in the initial comment.

Move the includes of <stdlib.h> and <ctype.h> out of "snprintf-imp.h"
into "snprintf.c", and put them *before* the include of "snprintf.h", so
that "size_t" is defined before "snprintf.h" is included ("snprintf.h"
uses "size_t").

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2257 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoGive it an RCS ID.
guy [Fri, 11 Aug 2000 22:00:49 +0000 (22:00 +0000)]
Give it an RCS ID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2256 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMiscellaneous code cleaning
deniel [Fri, 11 Aug 2000 13:46:34 +0000 (13:46 +0000)]
Miscellaneous code cleaning

- add <stdarg.h> or <varargs.h> in snprintf.h
  and remove those inclusions in the other #ifdef NEED_SNPRINTF_H codes

- remove the check of multiple inclusions in source (.c)  code
  (there is a bit loss of _cpp_ performance, but I prefer the gain of
   code reading and maintenance; and nowadays, disk caches and VM are
   correctly optimized ;-).

- protect all (well almost) header files against multiple inclusions

- add header (i.e. GPL license) in some include files

- reorganize a bit the way header files are included:

  #include <system_include_files>
  #include <external_package_include_files (e.g. gtk, glib etc.)>
  #include "ethereal_include_files"

  with the correct HAVE_XXX or NEED_XXX protections.

- add some HAVE_XXX checks before including some system header files

- add the same HAVE_XXX in wiretap as in ethereal

Please forgive me, if I break something (I've only compiled and regression
tested on Linux).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2255 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMiscellaneous code cleaning
deniel [Fri, 11 Aug 2000 13:37:21 +0000 (13:37 +0000)]
Miscellaneous code cleaning

- add <stdarg.h> or <varargs.h> in snprintf.h
  and remove those inclusions in the other #ifdef NEED_SNPRINTF_H codes

- remove the check of multiple inclusions in source (.c)  code
  (there is a bit loss of _cpp_ performance, but I prefer the gain of
   code reading and maintenance; and nowadays, disk caches and VM are
   correctly optimized ;-).

- protect all (well almost) header files against multiple inclusions

- add header (i.e. GPL license) in some include files

- reorganize a bit the way header files are included:

  #include <system_include_files>
  #include <external_package_include_files (e.g. gtk, glib etc.)>
  #include "ethereal_include_files"

  with the correct HAVE_XXX or NEED_XXX protections.

- add some HAVE_XXX checks before including some system header files

- add the same HAVE_XXX in wiretap as in ethereal

Please forgive me, if I break something (I've only compiled and regression
tested on Linux).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2254 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoNot all compilers like zero-length arrays; comment out the definition of
guy [Fri, 11 Aug 2000 08:21:07 +0000 (08:21 +0000)]
Not all compilers like zero-length arrays; comment out the definition of
"hf[]", and the reference to it, for now.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2253 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDon't bump "offset" in the non-SNAP case - it hasn't been set, and we
guy [Fri, 11 Aug 2000 08:19:32 +0000 (08:19 +0000)]
Don't bump "offset" in the non-SNAP case - it hasn't been set, and we
don't use it there.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2252 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIf we have a random stream open for a compressed Sniffer file, have the
guy [Fri, 11 Aug 2000 07:28:12 +0000 (07:28 +0000)]
If we have a random stream open for a compressed Sniffer file, have the
sequential pass through the file build a list of information about the
compressed blobs, with the starting offset in the compressed file and in
the uncompressed byte stream for each blob.

When seeking on the random stream, check whether the target location is
within the uncompressed buffer we currently have; if not, use that list
to figure out which blob contains the target location, and read that
blob into the buffer.  Then, as we now know that the target location is
within the uncompressed buffer we currently have, just move the current
pointer into that buffer to the target location.

This means we don't have to read forwards through any uninteresting
blobs in order to seek forwards, and don't have to go all the way back
to the beginning and seek forwards in order to seek backwards.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2251 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoKerberos 5 dissector, from Wes Hardaker.
guy [Fri, 11 Aug 2000 03:32:53 +0000 (03:32 +0000)]
Kerberos 5 dissector, from Wes Hardaker.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2250 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago- remove debugging #ifdef
deniel [Thu, 10 Aug 2000 22:35:30 +0000 (22:35 +0000)]
- remove debugging #ifdef
- protect expensive calls (getXXXbyYYY) with g_resolving_actif check,
  that solves a problem with add_ether_byip which was too expensive
  due to IP address resolution even when g_resolving_actif was disabled.

  I need to clean further.

  Do you think that having inexpensive name resolution (i.e. from
  hash table only which can be filled by dissectors or file reading)
  even if name resolution is disabled (g_resolving_actif = FALSE) is
  preferable than having no name resolution at all (which is currently
  the case). I may change to the first solution in the future if there
  is no objection.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2249 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago- rename is_name_from_file to is_dummy_entry since now a real
deniel [Thu, 10 Aug 2000 20:09:29 +0000 (20:09 +0000)]
- rename is_name_from_file to is_dummy_entry since now a real
  name can be added from file reading but also from the dissectors.
- add is_dummy_entry in the hosts hashtable.
- check in add_xxx that the entry is not already there, if so
  do nothing except if this is a dummy entry (in this case, it is
  simply replaced).
- add found boolean parameter to host_name_lookup[6]
- add the add_ether_byip procedure which adds a new ether entry
  knowing the IP address (if the IP address can be resolved).
- and finally call this new procedure from ARP dissector.

(ipxnets (among other things) to be updated).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2248 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago"test -e" is documented in the Solaris 2.6 man page, but doesn't seem to
guy [Thu, 10 Aug 2000 19:43:07 +0000 (19:43 +0000)]
"test -e" is documented in the Solaris 2.6 man page, but doesn't seem to
work, and it's not even documented in the Solaris 2.5.1 man page; don't
use "-e" to test for the existence of a file, use "-f", which is
documented in the 2.5.1 man page and works.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2247 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoWe must include "snprintf.h" *after* including <stdarg.h>, and
guy [Thu, 10 Aug 2000 19:41:45 +0000 (19:41 +0000)]
We must include "snprintf.h" *after* including <stdarg.h>, and
<stdarg.h> is now included by "proto.h", so we must include "snprintf.h"
after including "proto.h".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2246 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago- add proto_tree_add_text_valist
deniel [Thu, 10 Aug 2000 16:04:33 +0000 (16:04 +0000)]
- add proto_tree_add_text_valist
- remove stdarg.h include in proto.c and add a more correct one in proto.h
- fix esis_dissect_unknown and isis_dissect_unknown

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2245 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix decoding of short ISIS CLV data frames.
deniel [Thu, 10 Aug 2000 14:21:09 +0000 (14:21 +0000)]
Fix decoding of short ISIS CLV data frames.

But there is still a problem with the isis_dissect_unknown
procedure which calls proto_tree_add_text: the va_list
arguments are incorrectly decoded in proto.c. I suspect
a problem with inclusion of stdarg.h vs. varargs.h but
for now, I can't figure out where ...
(problem on Linux intel with gcc 2.91.66).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2244 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIf G_HAVE_GINT64 is defined, so that we can use "gint64" and "guint64"
guy [Thu, 10 Aug 2000 07:58:44 +0000 (07:58 +0000)]
If G_HAVE_GINT64 is defined, so that we can use "gint64" and "guint64"
to refer to 64-bit integral quantities, add "pntohll()" and "phtonll()"
macros, and "tvb_get_ntohll()" and "tvb_get_letohll()" routines, for
fetching 64-bit integral quantities.

(They're still a pain to *print*, as there's no standard "printf" format
code for them - some systems use "%ll[dox]", some use "%q[dox]", and I
think some use formats different from all of them.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2243 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd some ethertypes (which were captured on my network, so inuse ;-).
deniel [Wed, 9 Aug 2000 22:10:23 +0000 (22:10 +0000)]
Add some ethertypes (which were captured on my network, so inuse ;-).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2242 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago- make-reg-dot
deniel [Wed, 9 Aug 2000 21:24:27 +0000 (21:24 +0000)]
- make-reg-dot

Do not assume that all dissectors are in the source directory.
This is the case for instance for packet-ncp2222.c which is
generated in the production directory (current).
This is particularly important when the generation is not
made in the source directory.

- ncp2222.py

Remove tabs in generated source to make the generated code
nicer and to make work the make-reg-dotc. Without that fix,
all NCP packet dissections dump core ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2241 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd #defines for class values, and use them rather than using the
guy [Wed, 9 Aug 2000 07:15:19 +0000 (07:15 +0000)]
Add #defines for class values, and use them rather than using the
numeric values.  (Also, just for laughs and for completeness, turn the
CS class into "csnet", even though it's obsolete and supposedly used
only in some examples in obsolete RFCs.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2240 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoGive the Help menu the more-or-less canonical style from most
guy [Wed, 9 Aug 2000 06:43:22 +0000 (06:43 +0000)]
Give the Help menu the more-or-less canonical style from most
Motif/KDE/GNOME(?) and Windows applications, with "Help" above "About",
and separated from "About" by a separator line.

(This also makes "Help->Help" the default, which is probably what most
users would want, especially if, as, and when we fill out the help.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2239 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoUpdate the man pages to reflect
guy [Wed, 9 Aug 2000 06:38:53 +0000 (06:38 +0000)]
Update the man pages to reflect

the addition of support for Cisco Secure Intrusion Detection
System IPlog output;

support for selecting only one side of a conversation, for
showing a conversation in hex, and for saving the displayed data
to a file, in the "Filter TCP Stream" window.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2238 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMake copy_binary_file() static since follow_dlg.c no longer uses it.
gram [Wed, 9 Aug 2000 06:18:16 +0000 (06:18 +0000)]
Make copy_binary_file() static since follow_dlg.c no longer uses it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2237 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoPhil Techau's fix to BOOTP when client address not supplied.
guy [Wed, 9 Aug 2000 06:15:14 +0000 (06:15 +0000)]
Phil Techau's fix to BOOTP when client address not supplied.

Give Phil credit for the other stuff he added as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2236 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMake "editcap -h" give the usage message without an error message (i.e.,
guy [Wed, 9 Aug 2000 06:00:54 +0000 (06:00 +0000)]
Make "editcap -h" give the usage message without an error message (i.e.,
specify it in the argument to "getopt()").

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2235 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDocument that ranges of packet numbers can be specified.
guy [Wed, 9 Aug 2000 05:58:08 +0000 (05:58 +0000)]
Document that ranges of packet numbers can be specified.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2234 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoSmall fix for initialization of new follow_info struct.
gram [Wed, 9 Aug 2000 05:26:11 +0000 (05:26 +0000)]
Small fix for initialization of new follow_info struct.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2233 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIn TCP Follow window, allow the optional showing of:
gram [Wed, 9 Aug 2000 05:18:45 +0000 (05:18 +0000)]
In TCP Follow window, allow the optional showing of:

Entire Conversation
Client -> Server packets
Server -> Client packets

Have "Save As" button work as a "Print to File" button; it asks for
a filename and uses the same routine that "Print" uses to save the file.
What you see in the window is what you get in the file. So, you can get
any of the above conversations/soliloquies combined with:

Hex Dump

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2232 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdded wiretap support to read the Cisco Secure Intrusion Detection System IPLog format.
mhall [Tue, 8 Aug 2000 22:16:42 +0000 (22:16 +0000)]
Added wiretap support to read the Cisco Secure Intrusion Detection System IPLog format.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2231 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix display of IPv6 frag header display in proto tree, from
gram [Tue, 8 Aug 2000 21:49:13 +0000 (21:49 +0000)]
Fix display of IPv6 frag header display in proto tree, from
Santeri Paavolainen.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2230 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoConvert comments to docstrings.
gram [Tue, 8 Aug 2000 16:39:48 +0000 (16:39 +0000)]
Convert comments to docstrings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2229 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago- improve/fix add_host_name
deniel [Tue, 8 Aug 2000 16:21:24 +0000 (16:21 +0000)]
- improve/fix add_host_name
- add hostname/IP in host hashtable from DNS answers
  (currently only type A RR).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2228 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd a Help window that contains:
deniel [Tue, 8 Aug 2000 12:28:50 +0000 (12:28 +0000)]
Add a Help window that contains:

- short overview
- list of known protocols
- list of display filters
- short capture filter help

The display filter help can be extended in the future
when we will have a GUI for filter construction. But
this is better than nothing ;-)
And cut & paste from the text help window and the filter
input field works...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2227 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoNLM v1 dissector filled with some actual dissectors.
girlich [Tue, 8 Aug 2000 06:22:08 +0000 (06:22 +0000)]
NLM v1 dissector filled with some actual dissectors.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2226 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoSeveral new RPC dissecting function introduced. Interface to
girlich [Tue, 8 Aug 2000 06:19:52 +0000 (06:19 +0000)]
Several new RPC dissecting function introduced. Interface to
existing functions changed. So NFS was also necessary to change.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2225 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdded another tool to generate lists of protocols from Ethereal for the
sharpe [Tue, 8 Aug 2000 01:56:57 +0000 (01:56 +0000)]
Added another tool to generate lists of protocols from Ethereal for the
documentation/user guide ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2224 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoCast arguments to "isxdigit()", "isdigit()", and "isflag()" to "unsigned
guy [Mon, 7 Aug 2000 23:05:43 +0000 (23:05 +0000)]
Cast arguments to "isxdigit()", "isdigit()", and "isflag()" to "unsigned
char" so that if it has the 8th bit set it won't get sign-extended; this
squelches a GCC complaint.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2223 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoCast an argument to "isspace()" to "guchar" so that if it has the 8th
guy [Mon, 7 Aug 2000 22:35:14 +0000 (22:35 +0000)]
Cast an argument to "isspace()" to "guchar" so that if it has the 8th
bit set it won't get sign-extended; this squelches a GCC complaint, and
may keep weird things from happening if there're non-ASCII ISO 8859/n
characters in a filter file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2222 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoCast an argument to "isspace()" to "guchar" so that if it has the 8th
guy [Mon, 7 Aug 2000 22:31:09 +0000 (22:31 +0000)]
Cast an argument to "isspace()" to "guchar" so that if it has the 8th
bit set it won't get sign-extended; this squelches a GCC complaint, and
may keep weird things from happening if there're non-ASCII ISO 8859/n
characters in a preferences file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2221 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoA small set of patches to fix one small problem and start working on the
sharpe [Mon, 7 Aug 2000 14:49:03 +0000 (14:49 +0000)]
A small set of patches to fix one small problem and start working on the
filtering in packet-smb.c ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2220 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix compilation problem.
deniel [Mon, 7 Aug 2000 11:48:40 +0000 (11:48 +0000)]
Fix compilation problem.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2219 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAllow either old-style (pre-tvbuff) or new-style (tvbuffified)
guy [Mon, 7 Aug 2000 03:21:25 +0000 (03:21 +0000)]
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.

Have the code that calls those dissectors translate the arguments as
necessary.  (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation.  Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same

This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so.  It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.

Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.

Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_".  Update the
dissectors that use those routines appropriately.

Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2218 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd some preferences in OSI CLNP/COTP/CLTP module to allow the user to:
deniel [Sun, 6 Aug 2000 15:54:42 +0000 (15:54 +0000)]
Add some preferences in OSI CLNP/COTP/CLTP module to allow the user to:

- specify the NSAP selector for OSI transport decoding (default is still 0x21
  which is valid for DECNet-OSI at least).
- force the OSI C{L,O}TP decoding whatever the NSAP is (option disabled by default).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2217 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoUse "BYTES_ARE_IN_FRAME()" rather than explicitly checking an offset and
guy [Sun, 6 Aug 2000 10:04:15 +0000 (10:04 +0000)]
Use "BYTES_ARE_IN_FRAME()" rather than explicitly checking an offset and
packet length.

Use "IS_DATA_IN_FRAME()", rather than checking if "offset+1" is greater
than "pi.captured_len", to check whether there's any data left in the

Check whether data is in the packet *before* extracting it and stuffing
an item into the tree with it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2216 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoUse "BYTES_ARE_IN_FRAME()" rather than explicitly checking an offset and
guy [Sun, 6 Aug 2000 08:53:44 +0000 (08:53 +0000)]
Use "BYTES_ARE_IN_FRAME()" rather than explicitly checking an offset and
packet length.

Use "IS_DATA_IN_FRAME()" rather than checking the value of
"END_OF_FRAME" when checking whether there's any data left in the

Before putting the initial login sequence, or any part of it, into the
tree, make sure it's actually in the packet.

When looking for the end of a '\0'-terminated string, don't run past the
end of the captured data in the frame.

Before putting the terminal information into the tree, make sure it's
actually in the packet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2215 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDon't use "fd->pkt_len" when checking to see if you've run off the end
guy [Sun, 6 Aug 2000 07:22:38 +0000 (07:22 +0000)]
Don't use "fd->pkt_len" when checking to see if you've run off the end
of the packet, use "pi.captured_len" - "fd->pkt_len" may include data
that isn't in the capture, due to a short snapshot length.

Don't use "fd->cap_len" when checking to see if you've run off the end
of the packe, use "pi.captured_len" - "fd->cap_len" isn't adjusted to
reflect any length fields, but "pi.captured_len" is (removing, for
example, Ethernet padding from the packet).

Use "END_OF_FRAME" rather than "pi.captured_len - offset", to make it a
bit clearer what's being done.

In the V.120 dissector, use "tvb_length()" when adding the top-level
protocol tree entry for V.120, as it's a tvbuffified dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2214 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoThere is *no* guarantee that the "fd" argument to a dissector uniquely
guy [Sun, 6 Aug 2000 05:19:25 +0000 (05:19 +0000)]
There is *no* guarantee that the "fd" argument to a dissector uniquely
identifies a frame; it may do so for Ethereal, which has to allocate a
data structure for each frame, but it doesn't do so for Tethereal, which
looks at a frame once and never does so again.

Use, instead, the "num" member of the structure to which "fd" points as
a unique identifier; it's the ordinal number of the frame within a
capture (frame number, not display row number, so it doesn't change as
the display is filtered), and is thus different for all frames.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2213 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoArrange that filter dialog boxes have an "Apply" button only if one can
guy [Sat, 5 Aug 2000 07:02:28 +0000 (07:02 +0000)]
Arrange that filter dialog boxes have an "Apply" button only if one can
apply the filter, i.e. only if the dialog box is attached to the filter
text entry in the main window.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2212 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMake the ICMP top-of-protocol-tree item cover the entire rest of the
guy [Sat, 5 Aug 2000 05:24:01 +0000 (05:24 +0000)]
Make the ICMP top-of-protocol-tree item cover the entire rest of the
packet, not just the first 4 bytes of the ICMP packet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2211 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMake "ip_checksum()" take just pointer and length arguments, and make
guy [Sat, 5 Aug 2000 05:08:21 +0000 (05:08 +0000)]
Make "ip_checksum()" take just pointer and length arguments, and make
"ip_checksum_shouldbe()" compute the correct checksum given the computed
whole-packet checksum and the value of the checksum field; that scheme
can be better extended in the future to handle checksums other than the
IP header checksum, e.g. ICMP, UDP, and TCP checksums (although we'd
want a somewhat more optimized checksumming routine for that, and
perhaps have an option to control whether to do checksum checking on TCP
and UDP packets, as that could be expensive).

That requires that we remember the value of the computed checksum, not
just check it against 0; that renders "ip_checksum_state()"
uninteresting, as we can just compare the value against 0 in line.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2210 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMore changes from Peter Kjellerstedt.
guy [Sat, 5 Aug 2000 00:55:55 +0000 (00:55 +0000)]
More changes from Peter Kjellerstedt.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2209 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoICQ improvements from Peter Kjellerstedt.
guy [Fri, 4 Aug 2000 23:12:21 +0000 (23:12 +0000)]
ICQ improvements from Peter Kjellerstedt.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2208 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix to the SRVLOC dissector to correctly handle the error field of the
guy [Fri, 4 Aug 2000 22:56:27 +0000 (22:56 +0000)]
Fix to the SRVLOC dissector to correctly handle the error field of the
Service Reply (i.e., treat it as the 16-bit field that it is), from
Peter Kjellerstedt.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2207 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoClean up the checksumming stuff a bit:
guy [Fri, 4 Aug 2000 22:43:45 +0000 (22:43 +0000)]
Clean up the checksumming stuff a bit:

have "ip_checksum()" compute the checksum of the IP header;

have "ip_checksum_state()" call "ip_checksum()" and then return
TRUE if the result is 0 and FALSE otherwise;

have "ip_checksum_shouldbe()" save the current value of the
checksum field in the header, set that field to 0, call
"ip_checksum()" to get the checksum, restore the value of the
checksum field in the header to the saved value, and then return
what "ip_checksum()" returned;

rather than having duplicated code to compute checksums.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2206 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoRe-organize the README so that people who just want to run ethereal, not
gram [Fri, 4 Aug 2000 15:40:54 +0000 (15:40 +0000)]
Re-organize the README so that people who just want to run ethereal, not
compile it, find their info at the top of the file.

Explain the generated sources for developers, and the Unix-ish tools that
are needed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2205 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix a number of problems, and do some checking to make sure we don't run
guy [Fri, 4 Aug 2000 07:38:13 +0000 (07:38 +0000)]
Fix a number of problems, and do some checking to make sure we don't run
past the end of the frame.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2204 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMention IDSN4BSD's i4btrace utility as a supported trace file format.
gram [Fri, 4 Aug 2000 05:17:18 +0000 (05:17 +0000)]
Mention IDSN4BSD's i4btrace utility as a supported trace file format.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2203 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIf IP checksum is incorrect, show what correct value should be.
gram [Fri, 4 Aug 2000 04:54:22 +0000 (04:54 +0000)]
If IP checksum is incorrect, show what correct value should be.
From "Johannes Hennecke" <Johannes.Hennecke@elsa.de>

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2202 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd some error values that, whilst they're not in the NFS V2 spec, are,
guy [Thu, 3 Aug 2000 19:27:19 +0000 (19:27 +0000)]
Add some error values that, whilst they're not in the NFS V2 spec, are,
as I remember, issued by some NFS V2 servers (EXDEV, for one, can almost
certainly be issued by most V2 servers).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2201 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd a "Save As" feature to the TCP Follow dialogue, to save the stream
gram [Thu, 3 Aug 2000 12:44:40 +0000 (12:44 +0000)]
Add a "Save As" feature to the TCP Follow dialogue, to save the stream
file to a user-specified file.

Move the file-copy routine in save_cap_file() to an indepenent
function in file.c  (copy_binary_file()) so that follow_dlg.c can use it.

Remove #include "follow.h" from the C files that don't need it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2200 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoReplace calls to sprintf() with snprintf() in file_*_error_message routines,
gram [Thu, 3 Aug 2000 12:02:15 +0000 (12:02 +0000)]
Replace calls to sprintf() with snprintf() in file_*_error_message routines,
as a long filename may overflow the buffer.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2199 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix typo in description of Diameter.tcp.port preference.
gram [Thu, 3 Aug 2000 09:30:32 +0000 (09:30 +0000)]
Fix typo in description of Diameter.tcp.port preference.
From Jakob Schlyter <jakob@crt.se>

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2198 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMove to version 0.8.11
gram [Thu, 3 Aug 2000 01:54:53 +0000 (01:54 +0000)]
Move to version 0.8.11

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2196 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAll 4 protocol versions included (as templates but not as decodings).
girlich [Wed, 2 Aug 2000 11:36:18 +0000 (11:36 +0000)]
All 4 protocol versions included (as templates but not as decodings).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2195 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoProcedure numbers as constants are much better.
girlich [Wed, 2 Aug 2000 11:32:31 +0000 (11:32 +0000)]
Procedure numbers as constants are much better.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2194 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAllow filtering on strings.
gram [Tue, 1 Aug 2000 18:10:06 +0000 (18:10 +0000)]
Allow filtering on strings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2193 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoThere is a <sys/stat.h> available on Win32, and, in fact, we now include
guy [Mon, 31 Jul 2000 15:55:46 +0000 (15:55 +0000)]
There is a <sys/stat.h> available on Win32, and, in fact, we now include
it in "util.c", so we have to define HAVE_SYS_STAT_H in Win32.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2192 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDissector now knows the actual game data communication too.
girlich [Mon, 31 Jul 2000 12:59:51 +0000 (12:59 +0000)]
Dissector now knows the actual game data communication too.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2191 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd a routine to check whether a file is a directory or not.
guy [Mon, 31 Jul 2000 04:53:40 +0000 (04:53 +0000)]
Add a routine to check whether a file is a directory or not.

To test whether a file the user selected to be opened from the file
selection box is really a directory (so that we can point the file
selection box at it, rather than trying to open the directory as a
capture file, which wouldn't work), use the routine in question.

To make the GTK+ file selection box start out in the last directory from
which we opened a file, use "gtk_file_selection_complete()", rather than
"chdir()"ing to that directory.

Those changes keep us from "chdir()"ing all over the place; that way, if
Ethereal dumps core, the core dump shows up in the directory from which
it was run, rather than in the directory from which you last opened or
into which you last saved a file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2190 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd a comment explaining why we're defining S_ISDIR and company.
guy [Mon, 31 Jul 2000 04:48:54 +0000 (04:48 +0000)]
Add a comment explaining why we're defining S_ISDIR and company.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2189 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIt appears that, at least with Visual C++ 6.0, the "stat()" supplied in
guy [Mon, 31 Jul 2000 04:19:54 +0000 (04:19 +0000)]
It appears that, at least with Visual C++ 6.0, the "stat()" supplied in
the C run-time library sets "statb.st_mode" appropriately, at least for
plain files and directories; it just doesn't offer the POSIX "S_ISxxx()"
macros to test the file type.

If those macros aren't defined (which might also be the case on really
ancient UNIX systems), define them appropriately, and use them even on
Win32 systems, so that we can properly report attempts by a user to read
from a directory on Win32, just as we do on UNIX.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2188 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIn "buffer.h", include <winsock.h> if we have it, so that "u_char" is
guy [Mon, 31 Jul 2000 04:15:58 +0000 (04:15 +0000)]
In "buffer.h", include <winsock.h> if we have it, so that "u_char" is
defined on Win32 systems - it's not defined in <sys/types.h> on those

In "buffer.c", include "config.h", to cause HAVE_WINSOCK_H to be
defined, on systems that have it, so that we include it in <buffer.h>.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2187 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoInclude "packet.h", not <packet.h> - the latter, at least on Win32,
guy [Mon, 31 Jul 2000 04:12:04 +0000 (04:12 +0000)]
Include "packet.h", not <packet.h> - the latter, at least on Win32,
causes a system <packet.h> header to be includes, which causes the
compiler to get quite upset.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2186 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoInclude <time.h> to declare "localtime()" and "strftime()", and use
guy [Mon, 31 Jul 2000 04:09:54 +0000 (04:09 +0000)]
Include <time.h> to declare "localtime()" and "strftime()", and use
"guint32" rather than "uint32_t" so that it'll compile on systems (e.g.,
Win32, and probably some UNIX flavors) that don't declare "uint32_t".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2185 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix it to compile on non-Linux UNIX-flavored systems and Win32 systems.
guy [Mon, 31 Jul 2000 04:03:31 +0000 (04:03 +0000)]
Fix it to compile on non-Linux UNIX-flavored systems and Win32 systems.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2184 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoInclude "ptvcursor.obj" in the list of object that have to be linked in.
guy [Mon, 31 Jul 2000 03:45:53 +0000 (03:45 +0000)]
Include "ptvcursor.obj" in the list of object that have to be linked in.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2183 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd missing function prototypes.
oabad [Sun, 30 Jul 2000 16:59:07 +0000 (16:59 +0000)]
Add missing function prototypes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2182 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoSupport for capturing packet data from a pipe (a FIFO, or standard input).
oabad [Sun, 30 Jul 2000 16:54:12 +0000 (16:54 +0000)]
Support for capturing packet data from a pipe (a FIFO, or standard input).

capture.c :
- modified capture() to try to open an interface as a pipe if pcap_open_live()
  failed, and then read data in libpcap format from this pipe ;
- add new functions used by capture() : pipe_open_live() and pipe_dispatch()
  which are equivalents to the pcap_ functions.

libpcap.[ch] :
- moved the MAGIC and headers definitions from libpcap.c to libpcap.h
  because capture() now needs it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2181 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoA small change to SMB dissector so it lists near the other SMB-related
sharpe [Sun, 30 Jul 2000 14:35:39 +0000 (14:35 +0000)]
A small change to SMB dissector so it lists near the other SMB-related
dissectors when you do 'ethereal -G' ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2180 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoUpdate and add ".cvsignore" files to reduce the level of noise from CVS.
guy [Sun, 30 Jul 2000 08:32:54 +0000 (08:32 +0000)]
Update and add ".cvsignore" files to reduce the level of noise from CVS.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2179 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIn TCP segments with RST and data, display the data as text, labeling it
guy [Sun, 30 Jul 2000 08:20:52 +0000 (08:20 +0000)]
In TCP segments with RST and data, display the data as text, labeling it
as a cause for the RST, as per RFC 1122:  RST Segment: RFC-793 Section 3.4

  A TCP SHOULD allow a received RST segment to include data.

         It has been suggested that a RST segment could contain
         ASCII text that encoded and explained the cause of the
       RST.  No standard has yet been established for such

Thanks and a tip of the Hatlo hat to Kevin Steves of HP for mentioning
this on the tcpdump-workers list (he contributed a tcpdump patch to do
the same).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2178 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago"rd_match_strval()" just does what "val_to_str()" does with a format
guy [Sun, 30 Jul 2000 08:11:46 +0000 (08:11 +0000)]
"rd_match_strval()" just does what "val_to_str()" does with a format
argument of "Undefined(%d)"; just use "val_to_str()" (and use "%u"
rather than "%d", as the value passed to it is unsigned).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2177 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDavid Frascone's DIAMETER dissector.
guy [Sun, 30 Jul 2000 07:16:11 +0000 (07:16 +0000)]
David Frascone's DIAMETER dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2176 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoSquelch a GCC complaint.
guy [Sun, 30 Jul 2000 06:54:03 +0000 (06:54 +0000)]
Squelch a GCC complaint.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2175 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdded changes so Edit->Filters...->Apply works as I think
sharpe [Sat, 29 Jul 2000 03:20:51 +0000 (03:20 +0000)]
Added changes so Edit->Filters...->Apply works as I think
it should.

Also added the two files I need to generate an sgml list of fields
that the UserGuide etc needs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2174 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd the re-write of the NetWare Core Protocol dissector. It's mostly
gram [Fri, 28 Jul 2000 20:03:59 +0000 (20:03 +0000)]
Add the re-write of the NetWare Core Protocol dissector. It's mostly
a framework for the dissector; of the more than 400 NCP packet types, only
a handful are defined. But this dissector framework is much better than
the previous one.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2173 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago... and remove the old dfilter2pod.in template.
gram [Fri, 28 Jul 2000 16:31:18 +0000 (16:31 +0000)]
... and remove the old dfilter2pod.in template.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2172 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDon't create dfilter2pod from dfilter2pod.in just for @PERL_PATH@; it's
gram [Fri, 28 Jul 2000 16:30:28 +0000 (16:30 +0000)]
Don't create dfilter2pod from dfilter2pod.in just for @PERL_PATH@; it's
a waste of time. Instead, set $(PERL) to @PERL_PATH@ in the Makefile and
call dfilter2pod.pl via $(PERL) $(src_dir)/dfilter2pod.pl

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2171 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFor packets with GIOP versions that are not supported by the dissector,
gram [Thu, 27 Jul 2000 17:11:44 +0000 (17:11 +0000)]
For packets with GIOP versions that are not supported by the dissector,
identify the packet as GIOP, but let the user know that the version is
not supported.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2170 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoQuake dissector packet-quake.c added.
girlich [Thu, 27 Jul 2000 11:00:48 +0000 (11:00 +0000)]
Quake dissector packet-quake.c added.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2169 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoA Quake dissector. It can only dissect Quake 1 packets to UDP port 26000,
girlich [Thu, 27 Jul 2000 10:57:12 +0000 (10:57 +0000)]
A Quake dissector. It can only dissect Quake 1 packets to UDP port 26000,
which are the connection establishing phase.
The actual game data are not covered yet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2168 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd initial attempt at FT_NSTRING_UINT8, a string with a single byte prefix
gram [Thu, 27 Jul 2000 06:41:59 +0000 (06:41 +0000)]
Add initial attempt at FT_NSTRING_UINT8, a string with a single byte prefix
indicating the string length. It's available only with proto_tree_add_item().

Add proto_item_get_len(), so that dissectors can find out how long
the FT_NSTRING_UINT8 turned out to be.

In proto_tree_add_item(), don't add a proto_item to the proto_tree until
*after* the attempt to pull data from the tvbuff. That way, if the tvbuff
raises an exception, an item with garbage data won't be left in the

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2167 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoRemove some "Makefile.in"s that I accidentally committed last night.
gerald [Wed, 26 Jul 2000 14:00:41 +0000 (14:00 +0000)]
Remove some "Makefile.in"s that I accidentally committed last night.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2166 f5534014-38df-0310-8fa8-9805f1628bb7