20 years agoChange from Ed Meaney - write capture files in binary, rather than ASCII
guy [Thu, 3 Feb 2000 06:30:47 +0000 (06:30 +0000)]
Change from Ed Meaney - write capture files in binary, rather than ASCII
("w" and "wb" are the same on UNIX, but not on Win32).

Also, give Gilbert credit for the Win32 changes he's made.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1597 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIn dissect_ipopt_timestamp() :
oabad [Wed, 2 Feb 2000 22:07:38 +0000 (22:07 +0000)]
In dissect_ipopt_timestamp() :
Correct a bug reported by Paul Ionescu when dissecting a timestamp IP
option. The offsets where not correct.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1596 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAlso listen for GDK_INPUT_EXCEPTION on the sync pipe. On Solaris 2.6
gram [Wed, 2 Feb 2000 18:38:52 +0000 (18:38 +0000)]
Also listen for GDK_INPUT_EXCEPTION on the sync pipe. On Solaris 2.6
this is needed to get the last message from the pipe.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1595 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd a note about many Linux libpcaps turning promiscuous mode off only
guy [Tue, 1 Feb 2000 21:52:22 +0000 (21:52 +0000)]
Add a note about many Linux libpcaps turning promiscuous mode off only
when the program using libpcap exits, and perhaps not doing so even
then, and indicating how to check whether an interface is in promiscuous
mode and how to take it out of promiscuous mode if it is in promiscuous

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1593 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoNote that capture filters don't work on Linux loopback devices with the
guy [Tue, 1 Feb 2000 21:21:47 +0000 (21:21 +0000)]
Note that capture filters don't work on Linux loopback devices with the
current version of libpcap.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1592 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMove to version 0.8.3.
gram [Tue, 1 Feb 2000 14:12:20 +0000 (14:12 +0000)]
Move to version 0.8.3.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1591 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoRemove libltdl sources.
gram [Tue, 1 Feb 2000 14:03:47 +0000 (14:03 +0000)]
Remove libltdl sources.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1590 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDissect packets to or from port 162 as SNMP packets - that's the port to
guy [Tue, 1 Feb 2000 04:13:47 +0000 (04:13 +0000)]
Dissect packets to or from port 162 as SNMP packets - that's the port to
which SNMP traps are sent.  Thanks and a tip of the Hatlo Hat to Craig
Rodrigues for discovering this.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1589 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIn init_plugins(), before scanning PLUGIN_DIR :
oabad [Mon, 31 Jan 2000 19:50:58 +0000 (19:50 +0000)]
In init_plugins(), before scanning PLUGIN_DIR :
do a "stat" on PLUGIN_DIR, /usr/lib/ethereal/plugins/0.8 and
/usr/local/lib/ethereal/plugins/0.8 and compare st_dev and st_ino to be
sure that PLUGIN_DIR is different from the others (and not a symlink which
would cause a "plugin found in multiple directories" warning).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1588 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd a semicolon in a win32 block of code.
gram [Mon, 31 Jan 2000 19:34:25 +0000 (19:34 +0000)]
Add a semicolon in a win32 block of code.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1587 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoadded support for clicking capture window's close box to stop capture
nneul [Sun, 30 Jan 2000 17:10:29 +0000 (17:10 +0000)]
added support for clicking capture window's close box to stop capture

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1586 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded ethereal_static extra target in Makefile.am. Did not add the updates
nneul [Sun, 30 Jan 2000 16:57:20 +0000 (16:57 +0000)]
Added ethereal_static extra target in Makefile.am. Did not add the updates
to configure.in. This should allow someone to do 'make ethereal_static' and
get a staticly built copy of ethereal w/o plugin support on platforms that
support -Wl,-static for static linking.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1585 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDissect the user data of an incoming CALL REQUEST/INCOMING CALL packet
guy [Sun, 30 Jan 2000 05:58:02 +0000 (05:58 +0000)]
Dissect the user data of an incoming CALL REQUEST/INCOMING CALL packet
as per X.224 and X.264.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1584 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd a bunch of additional NLPIDs from ISO 9577.
guy [Sun, 30 Jan 2000 05:50:02 +0000 (05:50 +0000)]
Add a bunch of additional NLPIDs from ISO 9577.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1583 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoJust pass the return value of "getuid()" directly on to "getpwuid()";
guy [Sat, 29 Jan 2000 20:04:23 +0000 (20:04 +0000)]
Just pass the return value of "getuid()" directly on to "getpwuid()";
don't stuff it into a variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1582 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix #ifndef line whose symbol had been omitted.
guy [Sat, 29 Jan 2000 19:08:12 +0000 (19:08 +0000)]
Fix #ifndef line whose symbol had been omitted.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1581 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDon't put "get_home_dir()" inside #ifdef HAVE_LIBPCAP/#endif.
guy [Sat, 29 Jan 2000 19:06:59 +0000 (19:06 +0000)]
Don't put "get_home_dir()" inside #ifdef HAVE_LIBPCAP/#endif.

On UNIX, if "$HOME" isn't set, try getting the user ID and the password
entry for that user ID, and, if that succeeds, get the home directory
from the password entry, otherwise use "/tmp".  On NT, it may be
possible to do something similar (get the user name, and append that to
"C:\winnt\profiles\"); I'm not sure whether there's anything that can be
done on Windows 9x.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1580 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoRemove instances of getenv("HOME") and provide a get_home_dir() function
gram [Sat, 29 Jan 2000 16:41:28 +0000 (16:41 +0000)]
Remove instances of getenv("HOME") and provide a get_home_dir() function
which provides a default value if "HOME" is not set.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1579 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoI forgot to toggle the data_out_file "semaphore" (well, we us it like one)
gram [Sat, 29 Jan 2000 13:30:08 +0000 (13:30 +0000)]
I forgot to toggle the data_out_file "semaphore" (well, we us it like one)
at the end of follow_read_stream(), which causes a segfault if you change
the TCP Follow screen to EBCDIC, and then go back and select a TCP packet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1578 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoThe user data in an X.25 call request packet is - at least for IP and,
guy [Sat, 29 Jan 2000 09:19:02 +0000 (09:19 +0000)]
The user data in an X.25 call request packet is - at least for IP and,
if I correctly read the Windows NT DDK documentation on WAN drivers, for
PPP as well - an ISO NLPID, so use the "nlpid.h" values where they

Currently doesn't treat NLPID_PPP as PPP, but if we get a PPP-over-X.25
capture, we may find that it should do so.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1577 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoSupport for NetXray 3.03 (the program version, not file version) PPP
gram [Sat, 29 Jan 2000 05:10:06 +0000 (05:10 +0000)]
Support for NetXray 3.03 (the program version, not file version) PPP
traces. The trace we got from Tom Poe (tomp@intrex.net) contains PPP
data which NetXRay has transformed into looking like Ethernet frames.
The hardware addresses are the bytes for the ASCII reprsentation of
"SRC" and "DEST", with null pad bytes at the end. Interesting.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1576 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix a bug in the extraction of the sequence number.
gram [Sat, 29 Jan 2000 04:47:34 +0000 (04:47 +0000)]
Fix a bug in the extraction of the sequence number.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1575 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIf a file is opened, and then closed, the File|Open option doesn't
gram [Thu, 27 Jan 2000 09:53:50 +0000 (09:53 +0000)]
If a file is opened, and then closed, the File|Open option doesn't
show up any more (nor does the Capture option). Fixed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1574 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoTFTP Option Extension (RFC 2347) support, from Craig Newell.
guy [Thu, 27 Jan 2000 07:09:45 +0000 (07:09 +0000)]
TFTP Option Extension (RFC 2347) support, from Craig Newell.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1573 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIn case the "ts" field of a libpcap per-packet header isn't a "struct
guy [Wed, 26 Jan 2000 23:09:21 +0000 (23:09 +0000)]
In case the "ts" field of a libpcap per-packet header isn't a "struct
timeval" (if, say, it's a "struct bpf_timeval", with member sizes wired
to 32 bits, as it appears to be in SuSE 6.3 and will, I think, be in the
0.5 release of libpcap), copy the members of that field to the "ts"
field of the Wiretap per-packet header (which also lets us make it not a
"struct timeval" as well).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1572 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAlways declare, and define, "file_seek()" to return a "long", as it's
guy [Wed, 26 Jan 2000 19:22:04 +0000 (19:22 +0000)]
Always declare, and define, "file_seek()" to return a "long", as it's
supposed to look like "ftell()".

If you don't have zlib, just define "file_seek" as an alias for "fseek",
rather than defining it as a routine.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1571 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoCorrected a SEGFAULT in v2 readdir reply, v3 readdir reply, and v3 readdirplus
girlich [Wed, 26 Jan 2000 09:52:42 +0000 (09:52 +0000)]
Corrected a SEGFAULT in v2 readdir reply, v3 readdir reply, and v3 readdirplus
reply. It came in with the new dissect_rpc_string() with gives the string

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1570 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd a debian subdirectory and the files needed to generate a debian package.
oabad [Wed, 26 Jan 2000 07:00:26 +0000 (07:00 +0000)]
Add a debian subdirectory and the files needed to generate a debian package.
The files were created by Frederic Peters <fpeters@debian.org>, the maintainer
of the ethereal debian package.
I just modified `rules' to use autogen.sh when building from a CVS tree.
Building a debian package is now very easy :
- in debian/changelog : change the version number (and replace my name with
- dpkg-buildpackage -rfakeroot -us -uc

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1569 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoInitialize per-dissection data structures before doing a capture, as
guy [Wed, 26 Jan 2000 05:30:02 +0000 (05:30 +0000)]
Initialize per-dissection data structures before doing a capture, as
well as before reading a capture file - if the user didn't specify that
the capture should be saved to a file, it'll be dissected as it arrives.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1568 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIn "dissect_clnp()", fill in "clnp" before looking at it.
guy [Wed, 26 Jan 2000 05:04:29 +0000 (05:04 +0000)]
In "dissect_clnp()", fill in "clnp" before looking at it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1567 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIn Win32, treat both '/' and '\' as pathname separators.
guy [Wed, 26 Jan 2000 04:56:14 +0000 (04:56 +0000)]
In Win32, treat both '/' and '\' as pathname separators.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1566 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoCredit fix, and fix for building editcap.1 with build dir != $(srcdir)
gram [Wed, 26 Jan 2000 03:42:28 +0000 (03:42 +0000)]
Credit fix, and fix for building editcap.1 with build dir != $(srcdir)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1564 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoItojun did part of the BSD zlib fix.
guy [Wed, 26 Jan 2000 02:35:54 +0000 (02:35 +0000)]
Itojun did part of the BSD zlib fix.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1563 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMove version to 0.8.2, add Win32 to list of platforms in README.
gram [Wed, 26 Jan 2000 02:31:35 +0000 (02:31 +0000)]
Move version to 0.8.2, add Win32 to list of platforms in README.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1562 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix the File|Open menu problem for builds w/o pcap (aka, win32 builds).
gram [Tue, 25 Jan 2000 17:57:31 +0000 (17:57 +0000)]
Fix the File|Open menu problem for builds w/o pcap (aka, win32 builds).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1561 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd O_BINARY flag to open() for win32.
gram [Tue, 25 Jan 2000 17:51:11 +0000 (17:51 +0000)]
Add O_BINARY flag to open() for win32.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1560 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd an include of "../menu.h" to fix a win32 build break.
gram [Tue, 25 Jan 2000 17:32:52 +0000 (17:32 +0000)]
Add an include of "../menu.h" to fix a win32 build break.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1559 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoEnable File|Open menu item when Ethereal is started with no "-r" option.
gram [Tue, 25 Jan 2000 13:44:39 +0000 (13:44 +0000)]
Enable File|Open menu item when Ethereal is started with no "-r" option.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1558 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded additional manpages and binaries to RPM package. I don't
gram [Tue, 25 Jan 2000 11:14:48 +0000 (11:14 +0000)]
Added additional manpages and binaries to RPM package. I don't
know if my changes work, or if anyone actually uses the spec file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1557 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoparse multiple COMMUNITIES value.
itojun [Tue, 25 Jan 2000 09:24:42 +0000 (09:24 +0000)]
parse multiple COMMUNITIES value.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1556 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoProvide a "get_dirname()" routine, that takes a pathname and returns
guy [Tue, 25 Jan 2000 05:48:47 +0000 (05:48 +0000)]
Provide a "get_dirname()" routine, that takes a pathname and returns
either a pointer to the directory part of the pathname (after stomping
on the pathname separator with a '\0', so don't use this on pathnames
you plan to use afterwards), or NULL if the pathname contains no
directory part, and make it handle Win32 pathnames on Win32 systems.

Use it to get the containing directory of the currently open file, so
that the "chdir()" stuff we do to cause the "File:Open" dialog box to
show you files in the directory in which you last looked works on Win32

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1555 f5534014-38df-0310-8fa8-9805f1628bb7

20 years ago"gztell()" is also affected by the libz mess on platforms where "off_t"
guy [Tue, 25 Jan 2000 04:49:55 +0000 (04:49 +0000)]
"gztell()" is also affected by the libz mess on platforms where "off_t"
is bigger than a "long"; this is itojun's fix for that, turning
"file_tell()" into a wrapper function in "file_wrappers.c", just like

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1554 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUse "get_basename()" rather than finding the last component of "argv[0]"
guy [Tue, 25 Jan 2000 04:44:33 +0000 (04:44 +0000)]
Use "get_basename()" rather than finding the last component of "argv[0]"
by hand.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1553 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoEncapsulate the code to take a pointer to a pathname and return a
guy [Tue, 25 Jan 2000 04:31:17 +0000 (04:31 +0000)]
Encapsulate the code to take a pointer to a pathname and return a
pointer to the name of the file to which it refers (i.e., to the last
component of the pathname) in a "get_basename()" routine, and have the
code in "file.c" call it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1552 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIf we open a file, and immediately try to open another file while the first
gerald [Tue, 25 Jan 2000 03:48:16 +0000 (03:48 +0000)]
If we open a file, and immediately try to open another file while the first
one is loading, we dump core.  Add the "Open..." menu item to the list of
items that we disable while a file is loading.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1551 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoTry to work around the undraw_cursor() bug in GTK+ 1.2.3 - 1.2.6. Setting
gerald [Tue, 25 Jan 2000 03:45:45 +0000 (03:45 +0000)]
Try to work around the undraw_cursor() bug in GTK+ 1.2.3 - 1.2.6.  Setting
the text widget scroll bar adjustment to 0.0 appears to fix things (on my
system, at least).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1550 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUpdate with URLs for the Win32 port on both sides of the Atlantic, and
guy [Tue, 25 Jan 2000 02:11:30 +0000 (02:11 +0000)]
Update with URLs for the Win32 port on both sides of the Atlantic, and
with notes about possible problems with the latest version.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1549 f5534014-38df-0310-8fa8-9805f1628bb7

20 years ago"If there aren't any packets to select" means "if there aren't any
guy [Tue, 25 Jan 2000 01:05:06 +0000 (01:05 +0000)]
"If there aren't any packets to select" means "if there aren't any
packets displayed", not just "if there aren't any packets" - there may
be packets but no displayed packets if the display filter didn't find
any packets.

NULL out the pointers to the first and last displayed packet when
closing a capture file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1548 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIf there aren't any packets to select, don't try to select the first
guy [Tue, 25 Jan 2000 00:36:35 +0000 (00:36 +0000)]
If there aren't any packets to select, don't try to select the first
packet; "select_packet()" gets peeved because it can't find the packet,
and panics.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1547 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd support for Cisco ISL.
guy [Tue, 25 Jan 2000 00:18:26 +0000 (00:18 +0000)]
Add support for Cisco ISL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1546 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoOn Win32, when splitting file names into directory and last component,
guy [Tue, 25 Jan 2000 00:17:01 +0000 (00:17 +0000)]
On Win32, when splitting file names into directory and last component,
search for '\' rather than '/'.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1545 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoThe CRC is at the end of the frame, not at the end of the captured data
guy [Mon, 24 Jan 2000 21:56:24 +0000 (21:56 +0000)]
The CRC is at the end of the frame, not at the end of the captured data
in the frame.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1544 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd the CRC of the encapsulated frame to the ISL dissection.
guy [Mon, 24 Jan 2000 21:49:39 +0000 (21:49 +0000)]
Add the CRC of the encapsulated frame to the ISL dissection.

Fix an error in the handling of non-Ethernet, non-Token Ring frames.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1543 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoSet a fixed-width font for win32.
gram [Mon, 24 Jan 2000 20:29:07 +0000 (20:29 +0000)]
Set a fixed-width font for win32.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1542 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoOpen files with "rb" rather than "r" - this may fix up the problems
guy [Mon, 24 Jan 2000 19:32:13 +0000 (19:32 +0000)]
Open files with "rb" rather than "r" - this may fix up the problems
Gilbert alluded to with reading capture files on Win32 systems.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1541 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoEthereal shouldn't use "file_seek()", "file_read()", or "file_write()"
guy [Mon, 24 Jan 2000 19:27:38 +0000 (19:27 +0000)]
Ethereal shouldn't use "file_seek()", "file_read()", or "file_write()"
directly; it should use them through Wiretap.  (Arguably, it shouldn't
use "file_open()", "file_dopen()", or "file_close()" directly, and
should use those through Wiretap as well.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1540 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd an INFO column with the VLAN ID.
guy [Mon, 24 Jan 2000 19:26:09 +0000 (19:26 +0000)]
Add an INFO column with the VLAN ID.

Get the frame type, and call the next dissector, regardless of whether
we're building a protocol tree or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1539 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded the O_BINARY flag to open() for win32.
gram [Mon, 24 Jan 2000 19:16:39 +0000 (19:16 +0000)]
Added the O_BINARY flag to open() for win32.
Ethereal on win32 now correctly reads trace files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1538 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd support for Cisco ISL.
guy [Mon, 24 Jan 2000 18:46:45 +0000 (18:46 +0000)]
Add support for Cisco ISL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1537 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMake the Tethereal usage message reflect whether libpcap support was
guy [Mon, 24 Jan 2000 05:13:45 +0000 (05:13 +0000)]
Make the Tethereal usage message reflect whether libpcap support was
compiled in or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1536 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd spaces to the usage message, to match what was done to the Tethereal
guy [Mon, 24 Jan 2000 05:06:39 +0000 (05:06 +0000)]
Add spaces to the usage message, to match what was done to the Tethereal
usage message.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1535 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoKeep the sample command line in the usage message within 80 characters.
guy [Mon, 24 Jan 2000 04:53:54 +0000 (04:53 +0000)]
Keep the sample command line in the usage message within 80 characters.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1534 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoInclude the "-D" flag in the usage message.
guy [Mon, 24 Jan 2000 04:49:45 +0000 (04:49 +0000)]
Include the "-D" flag in the usage message.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1533 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoHeikki Vatiainen's patch to add a flag to control whether to interpret
guy [Mon, 24 Jan 2000 04:44:58 +0000 (04:44 +0000)]
Heikki Vatiainen's patch to add a flag to control whether to interpret
the IPv4 TOS field as a TOS field or as a DiffServ field, and allow that
field to be controlled by a command-line option or an option in the
"Display:Options" dialog box.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1532 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix a bunch of dissectors to use "pi.captured_len" rather than
guy [Mon, 24 Jan 2000 03:51:35 +0000 (03:51 +0000)]
Fix a bunch of dissectors to use "pi.captured_len" rather than
"fd->cap_len" for the frame length - or to use macros such as
use "pi.captured_len" - so that they correctly handle frames where the
actual data length of the packet is less than the size of the raw frame,
e.g. with encapsulations such as ISL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1531 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix a bunch of dissectors to use "pi.captured_len" rather than
guy [Mon, 24 Jan 2000 03:33:35 +0000 (03:33 +0000)]
Fix a bunch of dissectors to use "pi.captured_len" rather than
"fd->cap_len" for the frame length - or to use macros such as
use "pi.captured_len" - so that they correctly handle frames where the
actual data length of the packet is less than the size of the raw frame,
e.g. with encapsulations such as ISL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1530 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd some new SAP values from
guy [Mon, 24 Jan 2000 02:44:52 +0000 (02:44 +0000)]
Add some new SAP values from


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1529 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoxDLC frames other than I and UI frames may have a payload, e.g. TEST
guy [Mon, 24 Jan 2000 02:05:39 +0000 (02:05 +0000)]
xDLC frames other than I and UI frames may have a payload, e.g. TEST
frames; rename "XDLC_HAS_PAYLOAD()" to "XDLC_IS_INFORMATION()", and if
the frame isn't an "information" frame, dissect its payload (if any) as

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1528 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut the PID of SNAP frames into the protocol tree regardless of whether
guy [Mon, 24 Jan 2000 01:45:12 +0000 (01:45 +0000)]
Put the PID of SNAP frames into the protocol tree regardless of whether
the frame has a payload or not.

Note in a comment that in one capture there's a U frame with a function
of TEST, rather than UI, that appears to have a payload.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1527 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoWhen computing the total frame length of an 802.3 frame, add to the
guy [Mon, 24 Jan 2000 01:15:37 +0000 (01:15 +0000)]
When computing the total frame length of an 802.3 frame, add to the
value in the length field not only the Ethernet MAC header size, but
also the offset in the frame of the Ethernet MAC header, so that, if the
802.3 frame is encapsulated in some other type of frame, the total frame
length includes the header for that frame as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1526 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIn "dissect_eth()", update "pi.len" and "pi.captured_len" regardless of
guy [Sun, 23 Jan 2000 08:55:37 +0000 (08:55 +0000)]
In "dissect_eth()", update "pi.len" and "pi.captured_len" regardless of
whether we're building a protocol tree or not.

Make "dissect_eth()" use "BYTES_ARE_IN_FRAME()" to see if we have a full
Ethernet header - it can be called with a non-zero offset, if Ethernet
frames are encapsulated inside other frames (e.g., ATM LANE).

Make capture routines take an "offset" argument if the corresponding
dissect routine takes one (for symmetry, and for Cisco ISL or any other
protocol that encapsulates Ethernet or Token-Ring frames inside other

Pass the frame lengths to capture routines via the "pi" structure,
rather than as an in-line argument, so that they can macros such as
"BYTES_ARE_IN_FRAME()" the way the corresponding dissect routines do.

Make capture routines update "pi.len" and "pi.captured_len" the same way
the corresponding diseect routines do, if the capture routines then call
other capture routines.

Make "capture_vlan()" count as "other" frames that are too short, the
way other capture routines do.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1525 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMerge Paul Ionescu's CDP fixes with Guy's. Add #defines to oui.h for Cisco
gerald [Sat, 22 Jan 2000 21:49:50 +0000 (21:49 +0000)]
Merge Paul Ionescu's CDP fixes with Guy's.  Add #defines to oui.h for Cisco
IOS 9.0 and bridged frame relay and update packet-llc.c accordingly.  Add
CDP handler to capture_llc() in packet-llc.c.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1524 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAllow "-w" and/or "-R" to be specified either when doing a live capture
guy [Sat, 22 Jan 2000 07:19:34 +0000 (07:19 +0000)]
Allow "-w" and/or "-R" to be specified either when doing a live capture
or when reading a saved capture file; if "-w" is specified, the packets
captured or read from the file are written to the specified file rather
than being dissected and printed, and if "-R" is specified, only packets
that pass the specified read filter are dissected and printed or

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1523 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix files that had Gilbert's old e-mail address or that didn't have my
guy [Sat, 22 Jan 2000 06:22:44 +0000 (06:22 +0000)]
Fix files that had Gilbert's old e-mail address or that didn't have my
forwarding e-mail address.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1522 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoGive "dissect_rpc_string()" an extra "char **" argument; if it's
guy [Sat, 22 Jan 2000 05:49:08 +0000 (05:49 +0000)]
Give "dissect_rpc_string()" an extra "char **" argument; if it's
non-null, it returns through that argument a pointer to the displayed
version of the string, otherwise it just frees that string.

Use that to put, in the tree item for READDIR and READDIRPLUS reply
directory entry items, the file name from the directory entry.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1521 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd "proto_item_set_text()", which sets the "representation" field of an
guy [Sat, 22 Jan 2000 04:59:55 +0000 (04:59 +0000)]
Add "proto_item_set_text()", which sets the "representation" field of an
existing protocol tree item.

Add "proto_tree_add_notext()"; it's just like "proto_tree_add_text()",
but without the text, and it sets the "representation" field to NULL;
that field would be set later with "proto_item_set_text()".

Those routines let you construct, for example, an interior node of the
protocol tree whose text can't be determined until all the nodes under
it have been dissected - it's similar to "proto_item_set_len()" in that

Use that when dissecting address TLVs in the CDP dissector - create the
item for an address in an "Addresses" TLV with no text, and then fill in
the items under it one at a time; if we get cut off before we get to the
actual address, set the text to "Truncated address", otherwise set it to
a description of the address.

Also, set the length of the item for the entire address TLV correctly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1520 f5534014-38df-0310-8fa8-9805f1628bb7

20 years ago"tm_mon" in a "struct tm" is 0-based, not 1-based; when printing the
guy [Sat, 22 Jan 2000 02:00:27 +0000 (02:00 +0000)]
"tm_mon" in a "struct tm" is 0-based, not 1-based; when printing the
month number, add 1 to "tm_mon".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1519 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd URL.
gram [Fri, 21 Jan 2000 19:19:23 +0000 (19:19 +0000)]
Add URL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1518 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd stuff to add platform-specific compiler flags; currently, we have
guy [Fri, 21 Jan 2000 08:44:40 +0000 (08:44 +0000)]
Add stuff to add platform-specific compiler flags; currently, we have
only flags for HP's ANSI C compiler, as suggested by Jost Martin.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1517 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd "-L" flags to LDFLAGS, not LIBS, and get rid of all the exotic
guy [Fri, 21 Jan 2000 06:18:16 +0000 (06:18 +0000)]
Add "-L" flags to LDFLAGS, not LIBS, and get rid of all the exotic
searching that tries to figure out in what directory libpcap lives - we
should treat "-L" just like "-I", rather than adding a ton of
complication to do it the way the autoconf maintainers think, for some
reason, it should be done (by adding "-L" flags to LIBS - "-L" flags
don't specify libraries, so I have no clue why they think they belong in
LIBS; they specify a search path for libraries, just as "-I" flags
specify a search path for header files, so they strike me as "flags to
the linker" rather than "libraries", and LDFLAGS, unlike LIBS, appears
before *all* "-l" flags, including those specified by PCAP_LIBS and so

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1516 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoApplied the vines part of Joerg's vines patch.
gram [Fri, 21 Jan 2000 00:07:53 +0000 (00:07 +0000)]
Applied the vines part of Joerg's vines patch.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1515 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoJoerg Mayer's updates to the VINES dissector and to protocol layers
guy [Thu, 20 Jan 2000 21:34:16 +0000 (21:34 +0000)]
Joerg Mayer's updates to the VINES dissector and to protocol layers
above VINES.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1514 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoGerrit Gehnen's patch to add support for the "Inactive Subset" of the
guy [Thu, 20 Jan 2000 19:16:41 +0000 (19:16 +0000)]
Gerrit Gehnen's patch to add support for the "Inactive Subset" of the
ISO 8473 CLNP protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1513 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoThe headers of HP-UX 9.04 and HP-UX 10.20 nettl files seem to be different.
oabad [Thu, 20 Jan 2000 17:13:42 +0000 (17:13 +0000)]
The headers of HP-UX 9.04 and HP-UX 10.20 nettl files seem to be different.
Check for both "magic numbers".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1512 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut the RFC number for PPTP into the introductory comment.
guy [Thu, 20 Jan 2000 07:31:29 +0000 (07:31 +0000)]
Put the RFC number for PPTP into the introductory comment.

Fix a bunch of byte-order problems, as noted by Thomas Quinot in Debian
bug 55347, although his fix addressed only the byte-order problems, not
the blithely-fetching-through-a-possibly-unaligned-pointer problems that
said code also had; we fix both of them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1511 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoInclude CFLAGS in the command to build "rdps".
guy [Tue, 18 Jan 2000 20:35:40 +0000 (20:35 +0000)]
Include CFLAGS in the command to build "rdps".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1510 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUse "strrchr()" instead of "rindex()" - "strrchr()" is the routine the
guy [Tue, 18 Jan 2000 19:01:35 +0000 (19:01 +0000)]
Use "strrchr()" instead of "rindex()" - "strrchr()" is the routine the
ANSI C standard specifies.

Fix up some menu stuff that should've been fixed when I put "Find Frame"
and "Go To Frame" under "Edit".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1509 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoLast dissectors for NFS v3 are finally done.
girlich [Tue, 18 Jan 2000 11:56:15 +0000 (11:56 +0000)]
Last dissectors for NFS v3 are finally done.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1508 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoNew constants for ftype3 decoding.
girlich [Tue, 18 Jan 2000 11:54:07 +0000 (11:54 +0000)]
New constants for ftype3 decoding.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1507 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut into the "Capture Preferences" dialog box a check box to control
guy [Tue, 18 Jan 2000 09:25:04 +0000 (09:25 +0000)]
Put into the "Capture Preferences" dialog box a check box to control
whether, in a live capture that updates the display as packets arrive,
the packet list pane should scroll to show the most recently captured
packets or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1506 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut the "Find Frame" and "Go To Frame" menu items under "Edit"; leave
guy [Tue, 18 Jan 2000 09:05:30 +0000 (09:05 +0000)]
Put the "Find Frame" and "Go To Frame" menu items under "Edit"; leave
them under "Display" as well for now.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1505 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoJerry Talkington's changes to support, in the packet list and protocol
guy [Tue, 18 Jan 2000 08:38:18 +0000 (08:38 +0000)]
Jerry Talkington's changes to support, in the packet list and protocol
tree panes, menus popped up by the right mouse button.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1504 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoSquelch some complaints from GCC (and protect against the admittedly
guy [Mon, 17 Jan 2000 20:30:17 +0000 (20:30 +0000)]
Squelch some complaints from GCC (and protect against the admittedly
unlikely possibility that, on some platform, converting a "gpointer" to
pointers of the types in question involves more than just reinterpreting
the bits of the "gpointer" value).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1503 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUse "strchr()" rather than "index()" - the ANSI C standard specifies
guy [Mon, 17 Jan 2000 20:21:40 +0000 (20:21 +0000)]
Use "strchr()" rather than "index()" - the ANSI C standard specifies
"strchr()", and it, unlike "index()", is declared in <string.h>.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1502 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd Makefile.nmake to list of deliverables. I had sent Thomas Parvais
gram [Mon, 17 Jan 2000 18:14:13 +0000 (18:14 +0000)]
Add Makefile.nmake to list of deliverables. I had sent Thomas Parvais
a tarball from the current CVS image using "make dist". That's why
he sent an e-mail today saying that the gtk/Makefile.namek was not
in CVS. It's in CVS, but it wasn't in the tarball I sent him.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1501 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoWe have to #include "plugins.h" before using the HAVE_PLUGINS define.
oabad [Mon, 17 Jan 2000 17:12:43 +0000 (17:12 +0000)]
We have to #include "plugins.h" before using the HAVE_PLUGINS define.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1500 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd a "-F" flag, to allow the format of a file being written to be
guy [Mon, 17 Jan 2000 08:06:42 +0000 (08:06 +0000)]
Add a "-F" flag, to allow the format of a file being written to be
specified.  This will be of more use when I allow "-w" to be used when
reading an existing capture file rather than doing a live capture (which
will also allow you to specify a read filter, and thus to write a
capture file containing those packets from an existing capture file that
match a given display filter).

Fix up some messages to say "tethereal" rather than "ethereal".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1499 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoSmall patch to editcap to allow ranges of packets to be specified
sharpe [Mon, 17 Jan 2000 08:06:03 +0000 (08:06 +0000)]
Small patch to editcap to allow ranges of packets to be specified
as well as individual packets.

I needed to grab quite a few from the middle of a large capture file.

Will eventually need to sort the extract list.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1498 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd a "-x" flag to Tethereal, to make it print a hex and ASCII dump of
guy [Mon, 17 Jan 2000 07:49:03 +0000 (07:49 +0000)]
Add a "-x" flag to Tethereal, to make it print a hex and ASCII dump of
the packet data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1497 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoGet rid of the include of "util.h" that some dissectors do - it's not
guy [Sun, 16 Jan 2000 02:54:49 +0000 (02:54 +0000)]
Get rid of the include of "util.h" that some dissectors do - it's not

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1496 f5534014-38df-0310-8fa8-9805f1628bb7