22 years agoAdd Network Monitor and "iptrace" to the list of capture file formats
guy [Sat, 30 Jan 1999 10:35:19 +0000 (10:35 +0000)]
Add Network Monitor and "iptrace" to the list of capture file formats
"wiretap" can read.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@180 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoCorrect and expand the discussion of ATM Sniffer captures.
guy [Sat, 30 Jan 1999 09:44:21 +0000 (09:44 +0000)]
Correct and expand the discussion of ATM Sniffer captures.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@179 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoModified code to allow compilation under IBM's C compiler for AIX.
gram [Fri, 29 Jan 1999 17:06:56 +0000 (17:06 +0000)]
Modified code to allow compilation under IBM's C compiler for AIX.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@178 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded guy's time and DHCP patch.
gram [Thu, 28 Jan 1999 21:29:36 +0000 (21:29 +0000)]
Added guy's time and DHCP patch.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@177 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded token-ring support to netmon.c
gram [Wed, 27 Jan 1999 14:54:09 +0000 (14:54 +0000)]
Added token-ring support to netmon.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@176 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoRemoved Development notice within the CDP tree...
hannes [Sun, 24 Jan 1999 21:18:15 +0000 (21:18 +0000)]
Removed Development notice within the CDP tree...

Cisco Discovery Protocol works fine for me now. I have tested it with various
Ciscos (7200, 3640, 2820, 2900, ...)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@175 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded news about Guy's netmon addition.
gram [Thu, 21 Jan 1999 05:07:45 +0000 (05:07 +0000)]
Added news about Guy's netmon addition.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@174 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoI changed the wtap_open_offline() function so that it takes only the
gram [Thu, 21 Jan 1999 05:03:56 +0000 (05:03 +0000)]
I changed the wtap_open_offline() function so that it takes only the
filename as the parameter. So far all the filetypes that wiretap can read
can be inferred from the first few bytes of the file, so we never
have to give wiretap a hint as to the file type.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@173 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded Guy's netmon.[ch] files to CVS for him. His firewall admins forgot
gram [Mon, 18 Jan 1999 21:34:54 +0000 (21:34 +0000)]
Added Guy's netmon.[ch] files to CVS for him. His firewall admins forgot
to add ssh to their firewall rules, so he's out of CVS for a few days.
This adds support for MS Network Monitor files to wiretap.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@172 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdd suppport for Microsoft Network Monitor Ethernet capture files.
guy [Sun, 17 Jan 1999 09:33:15 +0000 (09:33 +0000)]
Add suppport for Microsoft Network Monitor Ethernet capture files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@171 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoClean up some output lines, and show the checksum value on the line for
guy [Sun, 17 Jan 1999 09:30:05 +0000 (09:30 +0000)]
Clean up some output lines, and show the checksum value on the line for
the packet checksum.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@170 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Modified Makefile.am and configure.in so that wiretap isn't built unless
gerald [Wed, 13 Jan 1999 04:14:29 +0000 (04:14 +0000)]
* Modified Makefile.am and configure.in so that wiretap isn't built unless
  --with-wiretap is specified.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@169 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoFixed a bug regarding bad packets. If a sub-vector indicated a 0-length,
gram [Tue, 12 Jan 1999 17:44:52 +0000 (17:44 +0000)]
Fixed a bug regarding bad packets. If a sub-vector indicated a 0-length,
dissect_trmac() would spin in an infinite loop. Now that condition is checked
and properly handled.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@168 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Added Tony Abbot's fixes for libpcap include directory discovery.
gerald [Sun, 10 Jan 1999 21:23:41 +0000 (21:23 +0000)]
* Added Tony Abbot's fixes for libpcap include directory discovery.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@167 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Added RPM .spec
gerald [Sun, 10 Jan 1999 21:20:44 +0000 (21:20 +0000)]
* Added RPM .spec

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@166 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoUse g_free instead of free so that I don't have to include <stdlib.h>
gram [Fri, 8 Jan 1999 17:24:01 +0000 (17:24 +0000)]
Use g_free instead of free so that I don't have to include <stdlib.h>
for just one function.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@165 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoA bad frame control value could crash ethereal because I didn't do
gram [Fri, 8 Jan 1999 04:42:43 +0000 (04:42 +0000)]
A bad frame control value could crash ethereal because I didn't do
proper bounds checking. Fixed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@164 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoLogged my change about per-packet encapsulation types.
gram [Thu, 7 Jan 1999 16:43:40 +0000 (16:43 +0000)]
Logged my change about per-packet encapsulation types.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@163 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoI removed the per-file encapsulation type from wiretap, and make all filetypes
gram [Thu, 7 Jan 1999 16:15:37 +0000 (16:15 +0000)]
I removed the per-file encapsulation type from wiretap, and make all filetypes
provide a per-packet encapsulation type. this required minor modifications to

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@162 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoThe TLV structures in a CDP packet aren't necessarily aligned on 2-byte
guy [Wed, 6 Jan 1999 23:07:42 +0000 (23:07 +0000)]
The TLV structures in a CDP packet aren't necessarily aligned on 2-byte
boundaries, so use "pntohs()" to extract data from them, so that you
don't do unaligned accesses (which some processors don't handle).

Put the "IOS version" field out as multiple tree items, one per line of
text in the version description.

Use "memset()" rather than "bzero()" - "memset()" is used elsewhere, and
we already include the header file that declares it.

Use "ip_to_str()" rather than "inet_ntoa()" to display IP addresses as
text; that's what's used elsewhere in Ethereal.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@161 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoClean up what's displayed for unknown opcodes and unknown rcodes.
guy [Tue, 5 Jan 1999 09:01:42 +0000 (09:01 +0000)]
Clean up what's displayed for unknown opcodes and unknown rcodes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@160 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoDecode the various flag fields in resource records in NBNS replies.
guy [Tue, 5 Jan 1999 08:48:40 +0000 (08:48 +0000)]
Decode the various flag fields in resource records in NBNS replies.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@159 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoNeither "ether_to_str()" nor "ip_to_str()" modify the data pointed to by
guy [Tue, 5 Jan 1999 07:33:38 +0000 (07:33 +0000)]
Neither "ether_to_str()" nor "ip_to_str()" modify the data pointed to by
their arguments, so make those arguments pointers to 'const", so that we
don't get complaints if somebody hands them a pointer to "const".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@158 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Fixed missing curly brace.
gerald [Tue, 5 Jan 1999 03:05:50 +0000 (03:05 +0000)]
* Fixed missing curly brace.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@157 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoFinished the first version of CDP support.
hannes [Tue, 5 Jan 1999 00:08:49 +0000 (00:08 +0000)]
Finished the first version of CDP support.
-> this works for all CDP packets I've got

some minor additions will follow

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@156 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoOkay. Please test the CVS code....
hannes [Mon, 4 Jan 1999 21:08:45 +0000 (21:08 +0000)]
Okay. Please test the CVS code....

I think I figured out how CDP works :) ----

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@155 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoI've dicovered, that the existing CDP code does not work with Cisco
hannes [Mon, 4 Jan 1999 20:07:29 +0000 (20:07 +0000)]
I've dicovered, that the existing CDP code does not work with Cisco
switches -> dissect_cdp stops a bit earlier... (preventing errors)

I have added the line "under development" to the CDP tree

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@154 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoDecode the word containing the opcode, flags, reply code, etc. in DNS
guy [Mon, 4 Jan 1999 09:13:46 +0000 (09:13 +0000)]
Decode the word containing the opcode, flags, reply code, etc. in DNS
and NBNS requests.

Put the opcode in the COL_INFO field for DNS requests (it was already
there for NBNS requests).

Don't assume a DNS or NBNS request is neatly aligned on a 2-byte
boundary (it might not be if, for example, the packet is an FDDI

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@153 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoInclude "snprintf.h", as we use "snprintf()", so that we don't get
guy [Mon, 4 Jan 1999 08:45:22 +0000 (08:45 +0000)]
Include "snprintf.h", as we use "snprintf()", so that we don't get
warnings from "gcc -Wall".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@152 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoInclude "snprintf.h", as we use "snprintf()", so that we don't get
guy [Mon, 4 Jan 1999 07:39:14 +0000 (07:39 +0000)]
Include "snprintf.h", as we use "snprintf()", so that we don't get
warnings from "gcc -Wall".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@151 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Final commit for version 0.5.1
gerald [Mon, 4 Jan 1999 01:31:18 +0000 (01:31 +0000)]
* Final commit for version 0.5.1
* Added RPM .spec file (Martin Maciaszek)
* Added Martin to AUTHORS

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@149 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded files to handle AIX iptrace 2.0 files in wiretap.
gram [Sun, 3 Jan 1999 04:30:13 +0000 (04:30 +0000)]
Added files to handle AIX iptrace 2.0 files in wiretap.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@148 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoThe "lnk_t" field of per-packet data, and the "pkt_encap" field in the
guy [Sun, 3 Jan 1999 01:57:24 +0000 (01:57 +0000)]
The "lnk_t" field of per-packet data, and the "pkt_encap" field in the
packet header, are there only if "wiretap" is used, so protect their use
with "#ifdef WITH_WIRETAP".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@147 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoI made sure to note that wiretap only supports iptrace 2.0 files so far.
gram [Sat, 2 Jan 1999 06:50:30 +0000 (06:50 +0000)]
I made sure to note that wiretap only supports iptrace 2.0 files so far.
iptrace 1.0 is not supported yet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@146 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded the iptrace (AIX's packet-capture tool) file format to wiretap.
gram [Sat, 2 Jan 1999 06:10:55 +0000 (06:10 +0000)]
Added the iptrace (AIX's packet-capture tool) file format to wiretap.
This necessitated a change in ethereal because iptrace supports multi-NIC
packet capturing, including multi-datalink-type capturing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@145 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded #include <sys/types.h> for compilation under gtk-1.1.11
gram [Fri, 1 Jan 1999 07:40:34 +0000 (07:40 +0000)]
Added #include <sys/types.h> for compilation under gtk-1.1.11

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@144 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoBe smarter about IPX port numbers and which function to call.
gram [Thu, 31 Dec 1998 20:36:43 +0000 (20:36 +0000)]
Be smarter about IPX port numbers and which function to call.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@143 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Added Joerg Mayer's Vines patch
gerald [Tue, 29 Dec 1998 04:05:38 +0000 (04:05 +0000)]
* Added Joerg Mayer's Vines patch
* Added Joerg to the AUTHORS file
* Added Guy's bitfield decode patch
* Fixed time output

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@142 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Installation documentation updates
gerald [Tue, 29 Dec 1998 03:12:07 +0000 (03:12 +0000)]
* Installation documentation updates

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@141 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Add library version information to about box, -v and -h output
gerald [Sun, 27 Dec 1998 20:47:53 +0000 (20:47 +0000)]
* Add library version information to about box, -v and -h output

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@140 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Minor changes for GTK+ 1.1/1.2 support
gerald [Sun, 27 Dec 1998 20:46:45 +0000 (20:46 +0000)]
* Minor changes for GTK+ 1.1/1.2 support

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@139 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* GTK+ 1.1/1.2 compatibility changes (use gtk_scrolled_window_add_with_viewport
gerald [Sun, 27 Dec 1998 20:44:53 +0000 (20:44 +0000)]
* GTK+ 1.1/1.2 compatibility changes (use gtk_scrolled_window_add_with_viewport
  to add filter list to scrolled window)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@138 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoFixed more bugs with dialogues and gtk+-1.1.x.
gram [Tue, 22 Dec 1998 07:07:11 +0000 (07:07 +0000)]
Fixed more bugs with dialogues and gtk+-1.1.x.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@137 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoStopped the "TCP Follow" screen from producing an error when using
gram [Tue, 22 Dec 1998 05:52:51 +0000 (05:52 +0000)]
Stopped the "TCP Follow" screen from producing an error when using
wiretap and gtk+-1.1.x. I also added an #include to util.c to keep
it from complaining about a lack of a definition of vsnprintf when
compiling with gtk+-1.1.x.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@136 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoFixed the version of gtk1.1.x required for
gram [Tue, 22 Dec 1998 00:41:24 +0000 (00:41 +0000)]
Fixed the version of gtk1.1.x required for
gtk_scrolledwindow_add_with_viewport. Now it compiles correctly on

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@135 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoSyntax and compilation fixes for the broken code I just committed.
gerald [Mon, 21 Dec 1998 03:58:00 +0000 (03:58 +0000)]
Syntax and compilation fixes for the broken code I just committed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@134 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoMake the info field verbose.
gerald [Mon, 21 Dec 1998 03:43:29 +0000 (03:43 +0000)]
Make the info field verbose.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@133 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoChanged port print formats to unsigned, added raw port number to tree output.
gerald [Mon, 21 Dec 1998 03:42:22 +0000 (03:42 +0000)]
Changed port print formats to unsigned, added raw port number to tree output.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@132 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoModify add_item_to_tree to return immediately on a null tree ptr.
gerald [Mon, 21 Dec 1998 03:39:27 +0000 (03:39 +0000)]
Modify add_item_to_tree to return immediately on a null tree ptr.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@131 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoBack out change that Hannes Boehm said he didn't intend to commit,
guy [Sun, 20 Dec 1998 01:47:05 +0000 (01:47 +0000)]
Back out change that Hannes Boehm said he didn't intend to commit,
replacing "memset(..., 0, ...)" with "bzero(..., ...)" - he asked me to
remove the change.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@130 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded "Cisco Discovery Protocol" Hooks
hannes [Sat, 19 Dec 1998 00:12:23 +0000 (00:12 +0000)]
Added "Cisco Discovery Protocol" Hooks
Added Ethernet Loopback Protocol Type to ethertype.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@129 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded Guy Harris' patch to read Sniffer ATM trace files. Very nice.
gram [Thu, 17 Dec 1998 06:39:13 +0000 (06:39 +0000)]
Added Guy Harris' patch to read Sniffer ATM trace files. Very nice.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@128 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoA patch spread across many files to let Ethereal compile under GTK+-1.1.x.
gram [Thu, 17 Dec 1998 05:42:33 +0000 (05:42 +0000)]
A patch spread across many files to let Ethereal compile under GTK+-1.1.x.
Tests for GTK versions are done during compilation, not during "./configure".
The big problems have been taken care of in this patch (functional change
in the packet clist and conversion of menu_factory to item_factory), but
plenty of smaller problems with dialogue boxes abound. I have fixed
a small problem with file_open*(), but have left 2 comments in just in case
I'm not going about this the right way. Can someone verify?

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@127 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoNote that wiring the current longest string in a column into
guy [Wed, 16 Dec 1998 09:05:51 +0000 (09:05 +0000)]
Note that wiring the current longest string in a column into
"get_column_width()" is somewhat fragile, and suggest a possible

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@126 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoFix the bitmask for the hour field in a DOS-format time (not that it
guy [Tue, 15 Dec 1998 04:11:58 +0000 (04:11 +0000)]
Fix the bitmask for the hour field in a DOS-format time (not that it
matters, as that code is commented out).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@125 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoDebug statement commented out.
gram [Sun, 13 Dec 1998 05:38:13 +0000 (05:38 +0000)]
Debug statement commented out.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@124 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded Guy's patch to calculate date of Sniffer packet trace. I copied
gram [Sun, 13 Dec 1998 05:08:05 +0000 (05:08 +0000)]
Added Guy's patch to calculate date of Sniffer packet trace. I copied
bits of it to do the same for Lanalyzer packets.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@123 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoWhen dissecting DNS or NBNS queries or replies, add the item to the tree
guy [Fri, 4 Dec 1998 05:59:14 +0000 (05:59 +0000)]
When dissecting DNS or NBNS queries or replies, add the item to the tree
for the queries or replies first, then create and add the subtree and
populate it, and, when that's done, set the length of the item
appropriately; if you add the subtree later, the subtree's top-level
node appears to have level 0, rather than 1 greater than the tree of
which it's a subtree, which causes those trees not to print correctly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@122 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoThe Appletalk ARP opcode, like other AARP fields, is big-endian, not
guy [Thu, 3 Dec 1998 09:42:21 +0000 (09:42 +0000)]
The Appletalk ARP opcode, like other AARP fields, is big-endian, not

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@121 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoLANalyzer records time in half microseconds, not microseconds.
gram [Mon, 23 Nov 1998 15:48:38 +0000 (15:48 +0000)]
LANalyzer records time in half microseconds, not microseconds.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@120 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded time-stamp decoding to LANalyzer decodes, made minor comment changes to
gram [Mon, 23 Nov 1998 04:40:22 +0000 (04:40 +0000)]
Added time-stamp decoding to LANalyzer decodes, made minor comment changes to
ngsniffer.c, and removed DLT_* defines from wtap.h

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@119 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoThe Sniffer-reading code now checks to make sure that it is trying
gram [Sat, 21 Nov 1998 05:08:40 +0000 (05:08 +0000)]
The Sniffer-reading code now checks to make sure that it is trying
to read an uncompressed Sniffer file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@118 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoTake the name-processing part of "get_nbns_name_type_class()" and put it
guy [Sat, 21 Nov 1998 04:00:31 +0000 (04:00 +0000)]
Take the name-processing part of "get_nbns_name_type_class()" and put it
in "get_nbns_name()", and have "get_nbns_name_type_class()" call it.
Use "get_nbns_name()" rather than "get_nbns_name_type_class()" in the
NBDS code, as there aren't any type or class fields in an NBDS packet.

Show the data in an NBDS datagram as raw data.  (We don't have an SMB
parser yet.)

Don't dissect anything past the header if an NBDS packet is an unknown
packet type.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@117 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoPick up from Ethereal's "configure.in" the test to check whether we're
guy [Sat, 21 Nov 1998 03:26:54 +0000 (03:26 +0000)]
Pick up from Ethereal's "configure.in" the test to check whether we're
running GCC and, if so, to add the "-Wall" flag.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@116 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoFix for non null-terminated strings.
gram [Fri, 20 Nov 1998 17:47:33 +0000 (17:47 +0000)]
Fix for non null-terminated strings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@115 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoThe address family isn't part of the RIP header, it's part of the RIP
guy [Fri, 20 Nov 1998 09:24:42 +0000 (09:24 +0000)]
The address family isn't part of the RIP header, it's part of the RIP

Show, for each RIP entry, a summary line with, for IP routes, the
destination and metric, as well as showing the detailed breakdown below

Dissect authentication entries.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@114 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded NetBIOS Datagram (over UDP) support.
gram [Fri, 20 Nov 1998 05:58:42 +0000 (05:58 +0000)]
Added NetBIOS Datagram (over UDP) support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@113 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoI gave Guy the credit he deserves.
gram [Fri, 20 Nov 1998 05:54:39 +0000 (05:54 +0000)]
I gave Guy the credit he deserves.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@112 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded NetBIOS datagram support (over UDP, as per RFC 1002).
gram [Fri, 20 Nov 1998 05:54:08 +0000 (05:54 +0000)]
Added NetBIOS datagram support (over UDP, as per RFC 1002).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@111 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoBOOTP option 55 (parameter request list) now shows more detail.
gram [Fri, 20 Nov 1998 04:34:37 +0000 (04:34 +0000)]
BOOTP option 55 (parameter request list) now shows more detail.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@110 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Fixed minor bug when printing string values.
gerald [Wed, 18 Nov 1998 23:58:54 +0000 (23:58 +0000)]
* Fixed minor bug when printing string values.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@108 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoNote that "wiretap" can now read Sun "snoop" files.
guy [Wed, 18 Nov 1998 20:10:30 +0000 (20:10 +0000)]
Note that "wiretap" can now read Sun "snoop" files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@107 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Don't build wiretap if it isn't configured.
gerald [Wed, 18 Nov 1998 04:02:17 +0000 (04:02 +0000)]
* Don't build wiretap if it isn't configured.
* Bump the version to 0.5.0

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@106 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Disable filter-related widgets if we're using wiretap.
gerald [Wed, 18 Nov 1998 03:17:18 +0000 (03:17 +0000)]
* Disable filter-related widgets if we're using wiretap.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@105 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* File needed for one of Laurent's patches that I just committed.
gerald [Wed, 18 Nov 1998 03:04:25 +0000 (03:04 +0000)]
* File needed for one of Laurent's patches that I just committed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@104 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Added patches from Laurent and Guy
gerald [Wed, 18 Nov 1998 03:01:44 +0000 (03:01 +0000)]
* Added patches from Laurent and Guy

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@103 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Mods to use get_tcp_port() to print the port number.
gerald [Wed, 18 Nov 1998 01:49:12 +0000 (01:49 +0000)]
* Mods to use get_tcp_port() to print the port number.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@102 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Add -Wall to CFLAGS if we're running gcc.
gerald [Wed, 18 Nov 1998 01:40:09 +0000 (01:40 +0000)]
* Add -Wall to CFLAGS if we're running gcc.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@101 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdd the header files to "libwiretap_a_SOURCES", so they get included if
guy [Tue, 17 Nov 1998 06:16:52 +0000 (06:16 +0000)]
Add the header files to "libwiretap_a_SOURCES", so they get included if
you do "make dist".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@100 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdd the header files to "libwiretap_a_SOURCES", so they get included if
guy [Tue, 17 Nov 1998 05:34:29 +0000 (05:34 +0000)]
Add the header files to "libwiretap_a_SOURCES", so they get included if
you do "make dist".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@99 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Fixes for TCP and UDP port number display.
gerald [Tue, 17 Nov 1998 05:04:04 +0000 (05:04 +0000)]
* Fixes for TCP and UDP port number display.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@98 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Added column formatting functionality.
gerald [Tue, 17 Nov 1998 04:29:13 +0000 (04:29 +0000)]
* Added column formatting functionality.
* Added check_col(), add_col_str() and add_col_fmt() to replace references
  to ft->win_info.
* Added column prefs handling code.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@97 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdd a "acinclude.m4" file that defines a "AC_ETHEREAL_STRUCT_SA_LEN"
guy [Tue, 17 Nov 1998 02:17:27 +0000 (02:17 +0000)]
Add a "acinclude.m4" file that defines a "AC_ETHEREAL_STRUCT_SA_LEN"
macro (modeled after similar macros provided with "autoconf") to check
whether "struct sockaddr" has an "sa_len" member, and defines or
undefines "HAVE_SA_LEN" appropriately.  Use it instead of
"AC_LBL_SOCKADDR_SA_LEN", and use "HAVE_SA_LEN" instead of

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@96 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoUn-comment "AC_CONFIG_SUBDIRS()", so that it'll run "configure" in the
guy [Tue, 17 Nov 1998 02:02:46 +0000 (02:02 +0000)]
Un-comment "AC_CONFIG_SUBDIRS()", so that it'll run "configure" in the
"wiretap" subdirectory, and thus leave a "config.status" file around so
that one of the "auto{make,configure,header}" guys doesn't complain when
rebuilding stuff that it can't open "config.status".  (The
"automake"-generated Makefile will recurse into "wiretap", and, at least
if you're doing builds from a tree freshly checked out from CVS, "XXX"
files will probably have been checked out before "XXX.in", so "make"
will try to reconstruct the "XXX" files from the "XXX.in" files.)

That also obviates the need to make "wiretap/Makefile" here.

We can also re-delete "wiretap/Makefile" from CVS - the problem that
caused me to bring it back wasn't caused by its absence, it was caused
by the above.  As "Makefile"s generated by "configure" scripts depend on
the particular system on which you ran "configure", there's no One True
Makefile so "Makefile" should'n't be under CVS.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@95 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoPut the Makefile back, in the hopes that it'll prevent at least one of
guy [Mon, 16 Nov 1998 22:24:03 +0000 (22:24 +0000)]
Put the Makefile back, in the hopes that it'll prevent at least one of
the many complaints you get if you do a "configure" followed by a "make"
in a freshly-checked-out Ethereal source tree (it bitches when, or maybe
after, "automake"ing it, complaining about not being able to open
"config.status" - the right fix might be to make the "configure" script

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@94 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoRemove the Makefile from CVS - Ethereal doesn't have its Makefile under
guy [Sun, 15 Nov 1998 05:45:36 +0000 (05:45 +0000)]
Remove the Makefile from CVS - Ethereal doesn't have its Makefile under
CVS; it's generated by the "configure" script, and the resulting
Makefile is platform-dependent, so there's no One True Makefile to put
under CVS.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@93 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoBack out some changes accidentally commited by the previous checkin - I
guy [Sun, 15 Nov 1998 05:40:23 +0000 (05:40 +0000)]
Back out some changes accidentally commited by the previous checkin - I
forgot that CVS, unlike Perforce, doesn't let you edit the list of files
it gives you in the editor and cause those files *not* to be committed,
it requires you to specify the files to be committed if you only want
some files committed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@92 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdd support to wiretap for reading Sun "snoop" capture files.
guy [Sun, 15 Nov 1998 05:29:17 +0000 (05:29 +0000)]
Add support to wiretap for reading Sun "snoop" capture files.

That requires that, in the packet-reading loop, we pass to the callback
routine the offset in the file of a packet's data, because we can no
longer compute that offset by subtracting the size of the captured
packet data from the offset in the file after the data was read -
"snoop" may stick padding in after the packet data to align packet
headers on 4-byte boundaries.

Doing that required that we arrange that we do that for "libpcap"
capture files as well; the cleanest way to do that was to write our own
code for reading "libpcap" capture files, rather than using the
"libpcap" code to do it.

Make "wtap_dispatch_cb()" and "pcap_dispatch_cb()" static to "file.c",
as they're not used elsewhere.

If we're using wiretap, don't define in "file.h" stuff used only when
we're not using wiretap.

Update the wiretap README to reflect Gilbert's and my recent changes.

Clean up some memory leaks in "wiretap/lanalyzer.c" and
"wiretap/ngsniffer.c", where the capture-file-format-specific data
wasn't freed if the open failed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@91 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdd "acconfig.h" to make the "auto*" stuff happy.
guy [Sun, 15 Nov 1998 00:32:01 +0000 (00:32 +0000)]
Add "acconfig.h" to make the "auto*" stuff happy.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@90 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoThe Sniffer-reading code in wiretap now decodes the time field for each
gram [Fri, 13 Nov 1998 06:47:37 +0000 (06:47 +0000)]
The Sniffer-reading code in wiretap now decodes the time field for each
packet. The date is still not taken into account, so all the traces appear to
start on Jan 1, 1970. But the time of day is correct, so at least you get good
delta times.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@89 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoNow that I know where to find the file format of Sniffer trace files, wiretap
gram [Fri, 13 Nov 1998 05:57:39 +0000 (05:57 +0000)]
Now that I know where to find the file format of Sniffer trace files, wiretap
now *properly* reads Sniffer files. I now know the field in the file header
which denotes link type.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@88 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoMore patches from Guy to make wiretap compile better. I definitely
gram [Fri, 13 Nov 1998 03:21:20 +0000 (03:21 +0000)]
More patches from Guy to make wiretap compile better. I definitely
need to learn more about autoconf/automake. :)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@87 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoMore patches from Guy, cleaning up warnings when using gcc -Wall.
gram [Thu, 12 Nov 1998 23:29:34 +0000 (23:29 +0000)]
More patches from Guy, cleaning up warnings when using gcc -Wall.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@86 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdded a patch to wiretap from Guy Harris to help compile wiretap in
gram [Thu, 12 Nov 1998 21:39:22 +0000 (21:39 +0000)]
Added a patch to wiretap from Guy Harris to help compile wiretap in
different situations.  I also fixed bootp so that is properly handles
unknown BOOTP options.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@85 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoWe have to include <sys/types.h>, if we have it, to declare "u_char", as
guy [Thu, 12 Nov 1998 21:22:47 +0000 (21:22 +0000)]
We have to include <sys/types.h>, if we have it, to declare "u_char", as
we no longer include <pcap.h>.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@84 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoI added the LANalzyer file format to wiretap. I cleaned up some code in the
gram [Thu, 12 Nov 1998 06:01:27 +0000 (06:01 +0000)]
I added the LANalzyer file format to wiretap. I cleaned up some code in the
wiretap functions to be more generic and therefore allow an easier integration
of more packet-capture file types. I also put in all the GPL copyrights in the
wiretap code.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@83 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoA lengthy patch to add the wiretap library. Wiretap is not used by default
gram [Thu, 12 Nov 1998 00:06:47 +0000 (00:06 +0000)]
A lengthy patch to add the wiretap library. Wiretap is not used by default
because it is still in its infancy, but it can be compiled in optionally.
The library exists in its own subdirectory ethereal/wiretap. This patch also
edits all the packet-*.c files to remove the #include <pcap.h> line which is
unnecessary in these files. In the ethereal code, file.c is the most heavily
modified with #ifdef WITH_WIRETAP lines for the optional library.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@82 f5534014-38df-0310-8fa8-9805f1628bb7

22 years ago* Fix for unsigned overflows on Solaris
gerald [Sun, 8 Nov 1998 00:05:45 +0000 (00:05 +0000)]
* Fix for unsigned overflows on Solaris

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@81 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoGet rid of the "N on link, M capture" from the null and raw detail, as
guy [Thu, 5 Nov 1998 10:23:27 +0000 (10:23 +0000)]
Get rid of the "N on link, M capture" from the null and raw detail, as
that's now in the frame-level detail display.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@80 f5534014-38df-0310-8fa8-9805f1628bb7

22 years agoAdd in a bunch of #defines for packet types.
guy [Thu, 5 Nov 1998 10:16:59 +0000 (10:16 +0000)]
Add in a bunch of #defines for packet types.

Show the packet type as a string, as well as a hex number, in the detail
display.  Show the packet type as a hex number in the summary display if
it's not a packet type we know about.

Don't put the "N on link, M captured" stuff in the PPP detail display,
as that's now in the frame detail display.

Handle IPv6, Appletalk, IPX, and Vines.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@79 f5534014-38df-0310-8fa8-9805f1628bb7