git.samba.org - obnox/wireshark/wip.git/log

Integrate Ed Meaney's <emeaney@altiga.com> changes for using libpcap
from WinDump with Ethereal. We now have packet capturing on Win32. :)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1612 f5534014-38df-0310-8fa8-9805f1628bb7

The time protocol is a simple request-response protocol, and doesn't end
up involving two ports neither of which is the official port; remove the
comment saying a dynamic call is added, as the code wasn't adding such a
call.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1611 f5534014-38df-0310-8fa8-9805f1628bb7

I forgot to add Dietmar's new file, packet-time.c.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1610 f5534014-38df-0310-8fa8-9805f1628bb7

Dietmar Petras provided:

* fix a bug in packet-tftp.c dissecting TFTP Option Acknowledgement
  packets. The is no Block-Id in TFTP Option Acknowledgements, as it is
  in TFTP Acknowledgements.
* Extension of manuf by ethernet addresses from ELSA (my company), a german
  vendor of ISDN routers, cable modems, etc.
* New dissector for Time Protocol [RFC 0868]. That protocol works on port
  37 of UDP and TCP. The implementation in this patch only dissects the
  more usual UDP version. It could print the time in a more fashion way,
  but thats for a later version.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1609 f5534014-38df-0310-8fa8-9805f1628bb7

Update Makefiles for win32. Move local configuration to config.nmake,
have top-level Makefile.nmake call Makefile.nmake's in subdirectories.
Build plugins, and build generated source (lex, yacc). The only thing we
can't build is register.c; I need to re-work the top-level Makefile.nmake
because it lists object files, not C files, which make-reg-dotc needs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1608 f5534014-38df-0310-8fa8-9805f1628bb7

In debian/changelog :
Changes from Frederic Peters to avoid conflicts with official debian
packages (I used a version scheme attributed to non-maintainer uploads).

In debian/control :
Add missing build dependencies (only useful for debian build daemons).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1607 f5534014-38df-0310-8fa8-9805f1628bb7

Change "unsigned gint64" to "guint64", and add GPL header to plugin_api.[ch]

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1606 f5534014-38df-0310-8fa8-9805f1628bb7

Code changes, but not Makefile changes, for enabling plugins for Win32.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1605 f5534014-38df-0310-8fa8-9805f1628bb7

Note the document that specified the PIDs for VTP and DRiP that go along
with Cisco's "wacky proprietary protocols atop LLC/SNAP" OUI, and put in
"#if 0"ed out code for Cisco's DRiP.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1604 f5534014-38df-0310-8fa8-9805f1628bb7

Dissector for Cisco's Virtual Trunking Protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1603 f5534014-38df-0310-8fa8-9805f1628bb7

Allow filtering on 24-bit integral fields.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1602 f5534014-38df-0310-8fa8-9805f1628bb7

Cisco Group Management Protocol dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1601 f5534014-38df-0310-8fa8-9805f1628bb7

In init_plugins() :
If std_plug_dir AND local_plug_dir don't exist, the code doesn't scan
PLUGIN_DIR. Reported by Eric Lassauge.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1600 f5534014-38df-0310-8fa8-9805f1628bb7

Change from Ed Meaney - when doing a "Save" or "Save As" that saves all
packets and doesn't change the capture file format, i.e. that's done by
a raw copy, read the file in binary. (XXX - does "creat()", on Win32,
open the file in ASCII or binary mode? If ASCII, we may have to use

open(fname, O_CREAT|O_TRUNC|O_WRONLY|O_BINARY, 0644)

rather than

creat(fname, 0644)

so that the output file is written in binary as well.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1599 f5534014-38df-0310-8fa8-9805f1628bb7

Change from Ed Meaney - write capture files in binary, rather than ASCII
("w" and "wb" are the same on UNIX, but not on Win32).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1598 f5534014-38df-0310-8fa8-9805f1628bb7

Change from Ed Meaney - write capture files in binary, rather than ASCII
("w" and "wb" are the same on UNIX, but not on Win32).

Also, give Gilbert credit for the Win32 changes he's made.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1597 f5534014-38df-0310-8fa8-9805f1628bb7

In dissect_ipopt_timestamp() :
Correct a bug reported by Paul Ionescu when dissecting a timestamp IP
option. The offsets where not correct.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1596 f5534014-38df-0310-8fa8-9805f1628bb7

Also listen for GDK_INPUT_EXCEPTION on the sync pipe. On Solaris 2.6
this is needed to get the last message from the pipe.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1595 f5534014-38df-0310-8fa8-9805f1628bb7

Add a note about many Linux libpcaps turning promiscuous mode off only
when the program using libpcap exits, and perhaps not doing so even
then, and indicating how to check whether an interface is in promiscuous
mode and how to take it out of promiscuous mode if it is in promiscuous
mode.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1593 f5534014-38df-0310-8fa8-9805f1628bb7

Note that capture filters don't work on Linux loopback devices with the
current version of libpcap.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1592 f5534014-38df-0310-8fa8-9805f1628bb7

Move to version 0.8.3.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1591 f5534014-38df-0310-8fa8-9805f1628bb7

Remove libltdl sources.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1590 f5534014-38df-0310-8fa8-9805f1628bb7

Dissect packets to or from port 162 as SNMP packets - that's the port to
which SNMP traps are sent. Thanks and a tip of the Hatlo Hat to Craig
Rodrigues for discovering this.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1589 f5534014-38df-0310-8fa8-9805f1628bb7

In init_plugins(), before scanning PLUGIN_DIR :
do a "stat" on PLUGIN_DIR, /usr/lib/ethereal/plugins/0.8 and
/usr/local/lib/ethereal/plugins/0.8 and compare st_dev and st_ino to be
sure that PLUGIN_DIR is different from the others (and not a symlink which
would cause a "plugin found in multiple directories" warning).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1588 f5534014-38df-0310-8fa8-9805f1628bb7

Add a semicolon in a win32 block of code.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1587 f5534014-38df-0310-8fa8-9805f1628bb7

added support for clicking capture window's close box to stop capture

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1586 f5534014-38df-0310-8fa8-9805f1628bb7

Added ethereal_static extra target in Makefile.am. Did not add the updates
to configure.in. This should allow someone to do 'make ethereal_static' and
get a staticly built copy of ethereal w/o plugin support on platforms that
support -Wl,-static for static linking.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1585 f5534014-38df-0310-8fa8-9805f1628bb7

Dissect the user data of an incoming CALL REQUEST/INCOMING CALL packet
as per X.224 and X.264.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1584 f5534014-38df-0310-8fa8-9805f1628bb7

Add a bunch of additional NLPIDs from ISO 9577.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1583 f5534014-38df-0310-8fa8-9805f1628bb7

Just pass the return value of "getuid()" directly on to "getpwuid()";
don't stuff it into a variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1582 f5534014-38df-0310-8fa8-9805f1628bb7

Fix #ifndef line whose symbol had been omitted.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1581 f5534014-38df-0310-8fa8-9805f1628bb7

Don't put "get_home_dir()" inside #ifdef HAVE_LIBPCAP/#endif.

On UNIX, if "$HOME" isn't set, try getting the user ID and the password
entry for that user ID, and, if that succeeds, get the home directory
from the password entry, otherwise use "/tmp". On NT, it may be
possible to do something similar (get the user name, and append that to
"C:\winnt\profiles\"); I'm not sure whether there's anything that can be
done on Windows 9x.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1580 f5534014-38df-0310-8fa8-9805f1628bb7

Remove instances of getenv("HOME") and provide a get_home_dir() function
which provides a default value if "HOME" is not set.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1579 f5534014-38df-0310-8fa8-9805f1628bb7

I forgot to toggle the data_out_file "semaphore" (well, we us it like one)
at the end of follow_read_stream(), which causes a segfault if you change
the TCP Follow screen to EBCDIC, and then go back and select a TCP packet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1578 f5534014-38df-0310-8fa8-9805f1628bb7

The user data in an X.25 call request packet is - at least for IP and,
if I correctly read the Windows NT DDK documentation on WAN drivers, for
PPP as well - an ISO NLPID, so use the "nlpid.h" values where they
exist.

Currently doesn't treat NLPID_PPP as PPP, but if we get a PPP-over-X.25
capture, we may find that it should do so.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1577 f5534014-38df-0310-8fa8-9805f1628bb7

Support for NetXray 3.03 (the program version, not file version) PPP
traces. The trace we got from Tom Poe (tomp@intrex.net) contains PPP
data which NetXRay has transformed into looking like Ethernet frames.
The hardware addresses are the bytes for the ASCII reprsentation of
"SRC" and "DEST", with null pad bytes at the end. Interesting.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1576 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a bug in the extraction of the sequence number.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1575 f5534014-38df-0310-8fa8-9805f1628bb7

If a file is opened, and then closed, the File|Open option doesn't
show up any more (nor does the Capture option). Fixed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1574 f5534014-38df-0310-8fa8-9805f1628bb7

TFTP Option Extension (RFC 2347) support, from Craig Newell.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1573 f5534014-38df-0310-8fa8-9805f1628bb7

In case the "ts" field of a libpcap per-packet header isn't a "struct
timeval" (if, say, it's a "struct bpf_timeval", with member sizes wired
to 32 bits, as it appears to be in SuSE 6.3 and will, I think, be in the
0.5 release of libpcap), copy the members of that field to the "ts"
field of the Wiretap per-packet header (which also lets us make it not a
"struct timeval" as well).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1572 f5534014-38df-0310-8fa8-9805f1628bb7

Always declare, and define, "file_seek()" to return a "long", as it's
supposed to look like "ftell()".

If you don't have zlib, just define "file_seek" as an alias for "fseek",
rather than defining it as a routine.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1571 f5534014-38df-0310-8fa8-9805f1628bb7

Corrected a SEGFAULT in v2 readdir reply, v3 readdir reply, and v3 readdirplus
reply. It came in with the new dissect_rpc_string() with gives the string
back.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1570 f5534014-38df-0310-8fa8-9805f1628bb7

Add a debian subdirectory and the files needed to generate a debian package.
The files were created by Frederic Peters <fpeters@debian.org>, the maintainer
of the ethereal debian package.
I just modified `rules' to use autogen.sh when building from a CVS tree.
Building a debian package is now very easy :
- in debian/changelog : change the version number (and replace my name with
yours)
- dpkg-buildpackage -rfakeroot -us -uc

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1569 f5534014-38df-0310-8fa8-9805f1628bb7

Initialize per-dissection data structures before doing a capture, as
well as before reading a capture file - if the user didn't specify that
the capture should be saved to a file, it'll be dissected as it arrives.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1568 f5534014-38df-0310-8fa8-9805f1628bb7

In "dissect_clnp()", fill in "clnp" before looking at it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1567 f5534014-38df-0310-8fa8-9805f1628bb7

In Win32, treat both '/' and '\' as pathname separators.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1566 f5534014-38df-0310-8fa8-9805f1628bb7

Credit fix, and fix for building editcap.1 with build dir != $(srcdir)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1564 f5534014-38df-0310-8fa8-9805f1628bb7

Itojun did part of the BSD zlib fix.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1563 f5534014-38df-0310-8fa8-9805f1628bb7

Move version to 0.8.2, add Win32 to list of platforms in README.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1562 f5534014-38df-0310-8fa8-9805f1628bb7

Fix the File|Open menu problem for builds w/o pcap (aka, win32 builds).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1561 f5534014-38df-0310-8fa8-9805f1628bb7

Add O_BINARY flag to open() for win32.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1560 f5534014-38df-0310-8fa8-9805f1628bb7

Add an include of "../menu.h" to fix a win32 build break.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1559 f5534014-38df-0310-8fa8-9805f1628bb7

Enable File|Open menu item when Ethereal is started with no "-r" option.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1558 f5534014-38df-0310-8fa8-9805f1628bb7

Added additional manpages and binaries to RPM package. I don't
know if my changes work, or if anyone actually uses the spec file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1557 f5534014-38df-0310-8fa8-9805f1628bb7

parse multiple COMMUNITIES value.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1556 f5534014-38df-0310-8fa8-9805f1628bb7

Provide a "get_dirname()" routine, that takes a pathname and returns
either a pointer to the directory part of the pathname (after stomping
on the pathname separator with a '\0', so don't use this on pathnames
you plan to use afterwards), or NULL if the pathname contains no
directory part, and make it handle Win32 pathnames on Win32 systems.

Use it to get the containing directory of the currently open file, so
that the "chdir()" stuff we do to cause the "File:Open" dialog box to
show you files in the directory in which you last looked works on Win32
systems.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1555 f5534014-38df-0310-8fa8-9805f1628bb7

"gztell()" is also affected by the libz mess on platforms where "off_t"
is bigger than a "long"; this is itojun's fix for that, turning
"file_tell()" into a wrapper function in "file_wrappers.c", just like
"file_seek()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1554 f5534014-38df-0310-8fa8-9805f1628bb7

Use "get_basename()" rather than finding the last component of "argv[0]"
by hand.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1553 f5534014-38df-0310-8fa8-9805f1628bb7

Encapsulate the code to take a pointer to a pathname and return a
pointer to the name of the file to which it refers (i.e., to the last
component of the pathname) in a "get_basename()" routine, and have the
code in "file.c" call it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1552 f5534014-38df-0310-8fa8-9805f1628bb7

If we open a file, and immediately try to open another file while the first
one is loading, we dump core. Add the "Open..." menu item to the list of
items that we disable while a file is loading.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1551 f5534014-38df-0310-8fa8-9805f1628bb7

Try to work around the undraw_cursor() bug in GTK+ 1.2.3 - 1.2.6. Setting
the text widget scroll bar adjustment to 0.0 appears to fix things (on my
system, at least).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1550 f5534014-38df-0310-8fa8-9805f1628bb7

Update with URLs for the Win32 port on both sides of the Atlantic, and
with notes about possible problems with the latest version.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1549 f5534014-38df-0310-8fa8-9805f1628bb7

"If there aren't any packets to select" means "if there aren't any
packets displayed", not just "if there aren't any packets" - there may
be packets but no displayed packets if the display filter didn't find
any packets.

NULL out the pointers to the first and last displayed packet when
closing a capture file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1548 f5534014-38df-0310-8fa8-9805f1628bb7

If there aren't any packets to select, don't try to select the first
packet; "select_packet()" gets peeved because it can't find the packet,
and panics.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1547 f5534014-38df-0310-8fa8-9805f1628bb7

Add support for Cisco ISL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1546 f5534014-38df-0310-8fa8-9805f1628bb7

On Win32, when splitting file names into directory and last component,
search for '\' rather than '/'.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1545 f5534014-38df-0310-8fa8-9805f1628bb7

The CRC is at the end of the frame, not at the end of the captured data
in the frame.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1544 f5534014-38df-0310-8fa8-9805f1628bb7

Add the CRC of the encapsulated frame to the ISL dissection.

Fix an error in the handling of non-Ethernet, non-Token Ring frames.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1543 f5534014-38df-0310-8fa8-9805f1628bb7

Set a fixed-width font for win32.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1542 f5534014-38df-0310-8fa8-9805f1628bb7

Open files with "rb" rather than "r" - this may fix up the problems
Gilbert alluded to with reading capture files on Win32 systems.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1541 f5534014-38df-0310-8fa8-9805f1628bb7

Ethereal shouldn't use "file_seek()", "file_read()", or "file_write()"
directly; it should use them through Wiretap. (Arguably, it shouldn't
use "file_open()", "file_dopen()", or "file_close()" directly, and
should use those through Wiretap as well.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1540 f5534014-38df-0310-8fa8-9805f1628bb7

Add an INFO column with the VLAN ID.

Get the frame type, and call the next dissector, regardless of whether
we're building a protocol tree or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1539 f5534014-38df-0310-8fa8-9805f1628bb7

Added the O_BINARY flag to open() for win32.
Ethereal on win32 now correctly reads trace files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1538 f5534014-38df-0310-8fa8-9805f1628bb7

Add support for Cisco ISL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1537 f5534014-38df-0310-8fa8-9805f1628bb7

Make the Tethereal usage message reflect whether libpcap support was
compiled in or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1536 f5534014-38df-0310-8fa8-9805f1628bb7

Add spaces to the usage message, to match what was done to the Tethereal
usage message.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1535 f5534014-38df-0310-8fa8-9805f1628bb7

Keep the sample command line in the usage message within 80 characters.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1534 f5534014-38df-0310-8fa8-9805f1628bb7

Include the "-D" flag in the usage message.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1533 f5534014-38df-0310-8fa8-9805f1628bb7

Heikki Vatiainen's patch to add a flag to control whether to interpret
the IPv4 TOS field as a TOS field or as a DiffServ field, and allow that
field to be controlled by a command-line option or an option in the
"Display:Options" dialog box.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1532 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a bunch of dissectors to use "pi.captured_len" rather than
"fd->cap_len" for the frame length - or to use macros such as
"BYTES_ARE_IN_FRAME()", "IS_DATA_IN_FRAME()", and "END_OF_FRAME", which
use "pi.captured_len" - so that they correctly handle frames where the
actual data length of the packet is less than the size of the raw frame,
e.g. with encapsulations such as ISL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1531 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a bunch of dissectors to use "pi.captured_len" rather than
"fd->cap_len" for the frame length - or to use macros such as
"BYTES_ARE_IN_FRAME()", "IS_DATA_IN_FRAME()", and "END_OF_FRAME", which
use "pi.captured_len" - so that they correctly handle frames where the
actual data length of the packet is less than the size of the raw frame,
e.g. with encapsulations such as ISL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1530 f5534014-38df-0310-8fa8-9805f1628bb7

Add some new SAP values from

http://www.optimized.com/COMPENDI/REF-SAP.htm

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1529 f5534014-38df-0310-8fa8-9805f1628bb7

xDLC frames other than I and UI frames may have a payload, e.g. TEST
frames; rename "XDLC_HAS_PAYLOAD()" to "XDLC_IS_INFORMATION()", and if
the frame isn't an "information" frame, dissect its payload (if any) as
data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1528 f5534014-38df-0310-8fa8-9805f1628bb7

Put the PID of SNAP frames into the protocol tree regardless of whether
the frame has a payload or not.

Note in a comment that in one capture there's a U frame with a function
of TEST, rather than UI, that appears to have a payload.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1527 f5534014-38df-0310-8fa8-9805f1628bb7

When computing the total frame length of an 802.3 frame, add to the
value in the length field not only the Ethernet MAC header size, but
also the offset in the frame of the Ethernet MAC header, so that, if the
802.3 frame is encapsulated in some other type of frame, the total frame
length includes the header for that frame as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1526 f5534014-38df-0310-8fa8-9805f1628bb7

In "dissect_eth()", update "pi.len" and "pi.captured_len" regardless of
whether we're building a protocol tree or not.

Make "dissect_eth()" use "BYTES_ARE_IN_FRAME()" to see if we have a full
Ethernet header - it can be called with a non-zero offset, if Ethernet
frames are encapsulated inside other frames (e.g., ATM LANE).

Make capture routines take an "offset" argument if the corresponding
dissect routine takes one (for symmetry, and for Cisco ISL or any other
protocol that encapsulates Ethernet or Token-Ring frames inside other
frames).

Pass the frame lengths to capture routines via the "pi" structure,
rather than as an in-line argument, so that they can macros such as
"BYTES_ARE_IN_FRAME()" the way the corresponding dissect routines do.

Make capture routines update "pi.len" and "pi.captured_len" the same way
the corresponding diseect routines do, if the capture routines then call
other capture routines.

Make "capture_vlan()" count as "other" frames that are too short, the
way other capture routines do.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1525 f5534014-38df-0310-8fa8-9805f1628bb7

Merge Paul Ionescu's CDP fixes with Guy's. Add #defines to oui.h for Cisco
IOS 9.0 and bridged frame relay and update packet-llc.c accordingly. Add
CDP handler to capture_llc() in packet-llc.c.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1524 f5534014-38df-0310-8fa8-9805f1628bb7

Allow "-w" and/or "-R" to be specified either when doing a live capture
or when reading a saved capture file; if "-w" is specified, the packets
captured or read from the file are written to the specified file rather
than being dissected and printed, and if "-R" is specified, only packets
that pass the specified read filter are dissected and printed or
written.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1523 f5534014-38df-0310-8fa8-9805f1628bb7

Fix files that had Gilbert's old e-mail address or that didn't have my
forwarding e-mail address.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1522 f5534014-38df-0310-8fa8-9805f1628bb7

Give "dissect_rpc_string()" an extra "char **" argument; if it's
non-null, it returns through that argument a pointer to the displayed
version of the string, otherwise it just frees that string.

Use that to put, in the tree item for READDIR and READDIRPLUS reply
directory entry items, the file name from the directory entry.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1521 f5534014-38df-0310-8fa8-9805f1628bb7

Add "proto_item_set_text()", which sets the "representation" field of an
existing protocol tree item.

Add "proto_tree_add_notext()"; it's just like "proto_tree_add_text()",
but without the text, and it sets the "representation" field to NULL;
that field would be set later with "proto_item_set_text()".

Those routines let you construct, for example, an interior node of the
protocol tree whose text can't be determined until all the nodes under
it have been dissected - it's similar to "proto_item_set_len()" in that
fashion.

Use that when dissecting address TLVs in the CDP dissector - create the
item for an address in an "Addresses" TLV with no text, and then fill in
the items under it one at a time; if we get cut off before we get to the
actual address, set the text to "Truncated address", otherwise set it to
a description of the address.

Also, set the length of the item for the entire address TLV correctly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1520 f5534014-38df-0310-8fa8-9805f1628bb7

"tm_mon" in a "struct tm" is 0-based, not 1-based; when printing the
month number, add 1 to "tm_mon".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1519 f5534014-38df-0310-8fa8-9805f1628bb7

Add URL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1518 f5534014-38df-0310-8fa8-9805f1628bb7

Add stuff to add platform-specific compiler flags; currently, we have
only flags for HP's ANSI C compiler, as suggested by Jost Martin.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1517 f5534014-38df-0310-8fa8-9805f1628bb7

Add "-L" flags to LDFLAGS, not LIBS, and get rid of all the exotic
searching that tries to figure out in what directory libpcap lives - we
should treat "-L" just like "-I", rather than adding a ton of
complication to do it the way the autoconf maintainers think, for some
reason, it should be done (by adding "-L" flags to LIBS - "-L" flags
don't specify libraries, so I have no clue why they think they belong in
LIBS; they specify a search path for libraries, just as "-I" flags
specify a search path for header files, so they strike me as "flags to
the linker" rather than "libraries", and LDFLAGS, unlike LIBS, appears
before *all* "-l" flags, including those specified by PCAP_LIBS and so
on).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1516 f5534014-38df-0310-8fa8-9805f1628bb7

Applied the vines part of Joerg's vines patch.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1515 f5534014-38df-0310-8fa8-9805f1628bb7

Joerg Mayer's updates to the VINES dissector and to protocol layers
above VINES.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1514 f5534014-38df-0310-8fa8-9805f1628bb7

Gerrit Gehnen's patch to add support for the "Inactive Subset" of the
ISO 8473 CLNP protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1513 f5534014-38df-0310-8fa8-9805f1628bb7

The headers of HP-UX 9.04 and HP-UX 10.20 nettl files seem to be different.
Check for both "magic numbers".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1512 f5534014-38df-0310-8fa8-9805f1628bb7

Put the RFC number for PPTP into the introductory comment.

Fix a bunch of byte-order problems, as noted by Thomas Quinot in Debian
bug 55347, although his fix addressed only the byte-order problems, not
the blithely-fetching-through-a-possibly-unaligned-pointer problems that
said code also had; we fix both of them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1511 f5534014-38df-0310-8fa8-9805f1628bb7