git.samba.org - obnox/wireshark/wip.git/log

Make various lengths unsigned in "dissect_fhandle_data_unknown()", so
lengths > 2^31-1 get handled correctly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8289 f5534014-38df-0310-8fa8-9805f1628bb7

From Yaniv Kaul: fix the dissection of TDS7 login packets, and add
dissection for several fields in that packet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8288 f5534014-38df-0310-8fa8-9805f1628bb7

The Fibre Channel dissector doesn't have any tables in which it
registers itself - it's just imported by name. Get rid of the
"create_dissector_handle()" call, as the resulting dissector handle
isn't ever used.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8287 f5534014-38df-0310-8fa8-9805f1628bb7

Use "GPOINTER_TO_INT()" to convert the return value of
"gtk_clist_get_row_data()" to an "int", to squelch compiler warnings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8286 f5534014-38df-0310-8fa8-9805f1628bb7

From Richard Urwin:

use Export and Import for the buttons in GTK+ 2.x as well;

get rid of a duplicate fclose;

other fixes.

Update the description of color filters in the Ethereal man page to
reflect the change, clean up the formatting (use =item), and add the
global and personal color filters files to the FILES section; refer to
them as "color filters" files rather than "colorfilters" files, as the
FILES section gives the "colorfilters" file name so you don't have to
use that as the name.

Clean up white space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8285 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8284 f5534014-38df-0310-8fa8-9805f1628bb7

update to the talkers popup list.

hopefully it will now create the filter for the actual conversation
we selected.

add EP1 <-> ANY and EP2 <-> ANY fitlers

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8283 f5534014-38df-0310-8fa8-9805f1628bb7

From Jesper Peterson: fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8282 f5534014-38df-0310-8fa8-9805f1628bb7

Include <string.h> to get "strlen()" declared.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8281 f5534014-38df-0310-8fa8-9805f1628bb7

Add a "contains" operator for byte-strings, strings, and tvbuffs (protocols).
The search uses a naive approach; more work is required to add a
Boyer-Moore Search algorithm.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8280 f5534014-38df-0310-8fa8-9805f1628bb7

Updates for the endpoint talkers thing

The table now has a popup menu with
   Match display filter
         Selected
               EP1 <-> EP2
               EP1 --> EP2
               EP1 <-- EP2
               EP1 --> ANY
               EP1 <-- ANY
               EP2 --> ANY
               EP2 <-- ANY
          Not Selected
               ...
          ...
    Prepare Display Filter
          ...

Self explanatory.

Now the bad news.
I set the display filter box in the main window and i call redissect_packet
which redissects the packet list   but the displayfilter does not take
or affect the main window until i click  the apply button.

Some signal needs to be raised to some object me thinks.

Please feel free to fix it if you know what is missing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8279 f5534014-38df-0310-8fa8-9805f1628bb7

From Jesper Peterson:

use WTAP_ENCAP_ATM_PDUS as the default encapsulation for ATM;

don't use ULL constants, as not all C compilers that support
gint64 support them, and as there's no need to make them ULL
constants.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8278 f5534014-38df-0310-8fa8-9805f1628bb7

The definition of NonStandardParameter is different between H.225 and H.245
Create an alternative NonStandardParameter dissector that matches the
definition that H.225 needs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8277 f5534014-38df-0310-8fa8-9805f1628bb7

From Anders Broman, updates and fixes to MEGACO

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8276 f5534014-38df-0310-8fa8-9805f1628bb7

Make the option to display the internal PER fields default to FALSE

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8275 f5534014-38df-0310-8fa8-9805f1628bb7

Fix macro logic to allow classical resolution even if we have HAVE_GNU_ADNS
defined.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8274 f5534014-38df-0310-8fa8-9805f1628bb7

Pass the pointer in the "data" field of the destination address, not a
pointer to that pointer, to "ip_to_str()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8273 f5534014-38df-0310-8fa8-9805f1628bb7

From Jesper Peterson: support for Endace ERF file format.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8272 f5534014-38df-0310-8fa8-9805f1628bb7

From Jesper Peterson:

Extract the FCS decoding section of the PPP_HDLC dissector to
allow the CHDLC dissector to use the same routine.

The ppp_options used for preferences has been renamed to
fcs_options and exported via packet-ppp.h so CHDLC gets a
separate (but identical) FCS preference.

This means prefs.h has to be included before packet-ppp.h so a
couple of ppp related files (packet-{gtp,null,raw,vj}.c) had
their includes slightly re-arranged.

From me: make the PPP/CHDLC FCS code use "crc32()" to check the 32-bit
FCS.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8271 f5534014-38df-0310-8fa8-9805f1628bb7

Note that the SCTP CRC-32c is not the same as the AUTODIN/HDLC/802.x
CRC, as it uses a different polynomial.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8270 f5534014-38df-0310-8fa8-9805f1628bb7

In "col_set_addr()", don't do anything other than clearing the column
expression information if the address type is AT_NONE -
"address_to_str_buf()" panics if passed an AT_NONE address, as there's
nothing sensible one can do with them. (A null string wouldn't be
appropriate here, as a dissector might have set the address columns to a
string.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8269 f5534014-38df-0310-8fa8-9805f1628bb7

Make the CRC-32 routines take a tvbuff and a length as arguments.

Rename "crc32()" so as not to collide with the one in zlib; rename
"crc32_802()" to match.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8268 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8267 f5534014-38df-0310-8fa8-9805f1628bb7

From Jesper Peterson:

Extract the FCS decoding section of the PPP_HDLC dissector to
allow the CHDLC dissector to use the same routine.

The ppp_options used for preferences has been renamed to
fcs_options and exported via packet-ppp.h so CHDLC gets a
separate (but identical) FCS preference.

This means prefs.h has to be included before packet-ppp.h so a
couple of ppp related files (packet-{gtp,null,raw,vj}.c) had
their includes slightly re-arranged.

From me: make the PPP/CHDLC FCS code use "crc32()" to check the 32-bit
FCS.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8266 f5534014-38df-0310-8fa8-9805f1628bb7

Extract the CRC-32 code from the 802.11 dissector into a separate file,
and use it in the Ethernet dissector as well, to check the FCS in
Ethernet frames, if present.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8265 f5534014-38df-0310-8fa8-9805f1628bb7

Handle snapshot lengths that cut off *part* of the FCS.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8264 f5534014-38df-0310-8fa8-9805f1628bb7

All endpoint talkers table taps use "address_to_str()" as the routine to
use to translate addresses to strings - wire that into
"endpoint_talkers_table.c", don't pass the function as an argument to
"init_ett_table()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8263 f5534014-38df-0310-8fa8-9805f1628bb7

Use "address_to_str_buf()" to generate column data for non-resolved
addresses.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8262 f5534014-38df-0310-8fa8-9805f1628bb7

Include "osi-utils.h" to define "print_nsap_net_buf()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8261 f5534014-38df-0310-8fa8-9805f1628bb7

Create an "address_to_str_buf()" routine, called by "address_to_str()",
which fills in a caller-supplied buffer.

Create "_buf()" versions of various "to_str" routines for various
address types, and create a routine to map SNA FIDs to strings, and use
them to finish up "address_to_str_buf()".

Get rid of the declaration of "sna_fid_type_4_addr_to_str()" in
"packet-sna.h", as that routine has been swallowed up in
"sna_fid_to_str()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8260 f5534014-38df-0310-8fa8-9805f1628bb7

From Greg Morris: added support for defragmentation of NDS packets.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8259 f5534014-38df-0310-8fa8-9805f1628bb7

From Greg Morris:

1. Added support for defragmentation of NDS packets

2. The packet signature fixes seemed to never been applied.  I
   have been using this code to dissect reply packets with packet
   signatures for quite some time and have never experienced any
   problems with it.  Without these changes then reply packets
   containing signatures will not be decoded properly.  It was
   recommended by Guy to not use public variables to track the
   signatures but it has been my experience that if signatures are
   enabled then it is enabled in the whole environment and would be
   valid for all NCP packets within the trace.  I could change this
   but it would add additional code to build a memory table to
   track this.  If for some reason it is determined to not add this
   part of the code then I will have to go back and add this table.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8258 f5534014-38df-0310-8fa8-9805f1628bb7

From Greg Morris:

1. Added support for defragmentation of NDS packets

2. Moved the run_info_string logic outside of the
   pinfo->fd->flags->visited because of the dissection of info
   strings is not processed on subsequent decodes then the
   find/string/info will not locate info string values.  By moving
   this outside then when the find logic runs a tvb_dissect_new
   then the info string gets processed again and all data is
   visible.  Otherwise only info column data that is processed by
   the NCP dissector is visible not any data from ncp2222.py
   processed by the info string function.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8257 f5534014-38df-0310-8fa8-9805f1628bb7

From Greg Morris:

1. Added Secret Store Services group
2. Added a number of NCP return values
3. Added support for NDS defragmentation
4. Fixed type from file to bindery on ncp's 23/20, 23/21, 23/22, 23/24,
23/27, 23/28, 23/29, 23/30, and 23/31
5. Fixed type from comm to nmas on ncp 91
6. Fixed ncp 92 to include 92/01, 92/02, 92/03, 92/04, 92/05, 92/06,
92/07, 92/08, 92/09, and 92/10
7. Added return value for 104/02
8. Fixed reply structures for NCP 123/60 and NCP 123/79

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8256 f5534014-38df-0310-8fa8-9805f1628bb7

From Greg Morris: fix reassembly not to use global variables, and to use
the SPX EOM flag as a "last fragment" indication.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8255 f5534014-38df-0310-8fa8-9805f1628bb7

H.263 updates from Niklas Ogren.

Put him in the authors list in the Ethereal man page.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8254 f5534014-38df-0310-8fa8-9805f1628bb7

From Matthijs Melchior:

make the "Help" menu the rightmost menu item, as is done in

recent versions of Windows;

Mac OS X;

recent versions of KDE;

recent versions of GNOME;

rather than making it an item on the far right side.

Make the "Protocol" display in the help mention the number of
entries, and give it has 3 columns, starting with the one that
was used to sort this list.

Make the "Display Filters" display mention the number of fields
for each protocol and at the end the total number of fields.
Give it 4 columns, including the 'blurb'.

List all fields with the correct protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8253 f5534014-38df-0310-8fa8-9805f1628bb7

Include the header files required by new APIs in the plugin API table.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8252 f5534014-38df-0310-8fa8-9805f1628bb7

Update to IO-Stat to put the capture filename on the titlebar
to make it easier to navigate when having multiple instances of ethereal
and io-stat open
at the same time.

Updates to all endpoint talkers and service response time windows to do this as well.

Bonus, when the user opens a new capture file when having these windows open,
the title bar will be updated to reflect the name of the new capture file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8251 f5534014-38df-0310-8fa8-9805f1628bb7

Due to popular demand:

The heuristic for RPC detection sometimes mistakenly decodes something as RPC when in reality it is payload.

Since the heuristics is based on the PDU suze as specified in the record marker
make this limit settable from the preferences.

Arbitrary limit of 256kb is choosen as default instead of the original limit of 2mb.
(face it, the largest common oncrpc pdus are those for nfs read/write anyway and these seldom go above 32kb.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8250 f5534014-38df-0310-8fa8-9805f1628bb7

Use "XXX Talkers", rather than "IO-USERS Statistics" and "Type:xxx", as
the title on the Tethereal -z talkers,xxx output, along the lines of
what the Ethereal version uses as the title.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8249 f5534014-38df-0310-8fa8-9805f1628bb7

From Matthijs Melchior:

support for registering fields after all the protocol
    registration routines are called (i.e., adding fields to the
    named field tree as they're registered);

fix the GTK 2.x version of the field list dialog to show the
    correct name.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8248 f5534014-38df-0310-8fa8-9805f1628bb7

From Matthijs Melchior: "P" in "PER" stands for "Packed", not "Packet".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8247 f5534014-38df-0310-8fa8-9805f1628bb7

Add default development package locations to README.win32. Use zlib 1.1.4
by default in config.nmake.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8246 f5534014-38df-0310-8fa8-9805f1628bb7

Get rid of the wrappers around "address_to_str()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8245 f5534014-38df-0310-8fa8-9805f1628bb7

Clean up the text, and boldface "-z talkers" in "These statistics
windows can also be invoked from the Ethereal command line using the -z
talkers argument" (as pod2man suggests be done).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8244 f5534014-38df-0310-8fa8-9805f1628bb7

Put in some comments about possible future work on "address_to_str()".

Put in some additional "case AT_" statements to

1) squelch compiler warnings;

2) add AT_ARCNET (cheap and easy);

3) add placeholders for some other address types.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8243 f5534014-38df-0310-8fa8-9805f1628bb7

Update for the tethereal talkers to amke it support IPX.

Useage is -z talkers,ipx[,<filter>]

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8242 f5534014-38df-0310-8fa8-9805f1628bb7

The IPX endpoint talkers implementation

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8241 f5534014-38df-0310-8fa8-9805f1628bb7

Add endpoint talker support for IPX

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8240 f5534014-38df-0310-8fa8-9805f1628bb7

Minor update to IPX. Move a lot of proto_tree_add_items outside of the if(tree) where the subtree is (optionally) created.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8239 f5534014-38df-0310-8fa8-9805f1628bb7

Add a tap to the IPX protocol

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8238 f5534014-38df-0310-8fa8-9805f1628bb7

Add support for Fibre Channel talker statistics for tethereal.

-z talkers,fc[,<filter>] to invoke it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8237 f5534014-38df-0310-8fa8-9805f1628bb7

Update manpage for ethereal.
Update the talkers tap for tethereal (iousers) and change the command line to invoke the tethereal version from -z io,users, to -z talkers, to be the same
as for ethereal.

Sorry if it breaks some scripts but io,users was a very nonintuitive name for this option.
talkers is not much better but at least a little bit more descriptive/intuitive. Anyone with a better name for this are welcome to provide a patch.

The tethereal version is now agnostic to wether v4 or v6 are transporting UDP/TCP

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8236 f5534014-38df-0310-8fa8-9805f1628bb7

Update address_to_str to handle FC and ETH addresses as well.
Update the fc and eth and tr endpoint talker list to use the new api

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8235 f5534014-38df-0310-8fa8-9805f1628bb7

Add a new function address_to_str to to_str.c
Implement conersion from address to string for IPv4 and IPv6
and update the conversation tables to use the new interface.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8234 f5534014-38df-0310-8fa8-9805f1628bb7

From Erwin Rol, updates to teh ArtNet plugin dissector

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8233 f5534014-38df-0310-8fa8-9805f1628bb7

Cast the argument to "ip6_to_str()" to avoid compiler warnings.

Use "%u", not "%d", for unsigned values.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8232 f5534014-38df-0310-8fa8-9805f1628bb7

Cast arguments to "g_free()" to avoid compiler warnings (those are known
to be mallocated, so it's safe to cast them).

Use "%u", not "%d", for unsigned values.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8231 f5534014-38df-0310-8fa8-9805f1628bb7

Use "ip_to_str_buf()" to turn a pointer to an IP address to a string.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8230 f5534014-38df-0310-8fa8-9805f1628bb7

"tvb_get_ptr()" returns a "const guint8 *"; make the pointers to which
you assign its return value pointers to "const" as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8229 f5534014-38df-0310-8fa8-9805f1628bb7

From Devin H, update to NTLMSSP to better handle address lists

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8228 f5534014-38df-0310-8fa8-9805f1628bb7

From Niklas O

Add the blurb description to the hF fields in the H.263 dissector

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8227 f5534014-38df-0310-8fa8-9805f1628bb7

FC addresses are no longer extracted into guint32s, so "fc32_to_str()"
is no longer needed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8226 f5534014-38df-0310-8fa8-9805f1628bb7

Write Token Ring as Token Ring and not TokenRing

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8225 f5534014-38df-0310-8fa8-9805f1628bb7

Update the UDP and the TCP conversation list tool so that it can handle IPv6 as well.
Make no distinction between UDP/TCP over IPv4 and UDP/TCP over IPv6
and present them in the same list.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8224 f5534014-38df-0310-8fa8-9805f1628bb7

Add FibreChannel to the types of protocols we can show a conversation list for

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8223 f5534014-38df-0310-8fa8-9805f1628bb7

New feature. Statistics/EndpointTalkjers can now present a sortable table with a list of all seen conversations of a certain type.

Supported types are Ethernet/TokenRing/IP/UDP and TCP.
Will add FibreChannel soon.

The framework for this feature needs to be enhanced in the future so that by selecting one entry and click the right mousebutton, this will bring up a menu with Prepare/Match options with suboptions for AnyDirection, ForwardOnly or ReverseOnly which updates the display filter accordingly.

Had to update some of the taps as well to change them to use a proper address structure for the address fields.
We should now be able to to these stats correctly even for ip tunneled over ip tunnelled over ip ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8222 f5534014-38df-0310-8fa8-9805f1628bb7

Use "file_access.c", not "file_io.c", as the latter is already in use in
a not-yet-ready-for-prime-time project of mine (fast random access to
gzipped files, plus an mechanism to allow support for other forms of
compression).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8221 f5534014-38df-0310-8fa8-9805f1628bb7

From Tomas Kukosa: export the PER dissection routines, and some
H.225/H.245 routines, to plugins on platforms where they have to go
through the function call table.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8220 f5534014-38df-0310-8fa8-9805f1628bb7

From Tomas Kukosa: export the PER dissection routines, and some
H.225/H.245 routines, to plugins on platforms where they have to go
through the function call table.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8219 f5534014-38df-0310-8fa8-9805f1628bb7

The Python 1.5.2 I have installed didn't seem to like "+=", so use "x =
x + y" instead.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8218 f5534014-38df-0310-8fa8-9805f1628bb7

_U_ is for definitions, not declarations; putting it there caused a
compiler problem when rebuilding the X* files for the plugin API.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8217 f5534014-38df-0310-8fa8-9805f1628bb7

From Tomas Kukosa: export the PER dissection routines, and some
H.225/H.245 routines, to plugins on platforms where they have to go
through the function call table.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8216 f5534014-38df-0310-8fa8-9805f1628bb7

Add a dissector table for RTP payload types, and have dissectors
register themselves in that table rather than exporting their dissectors
by name and having the RTP dissector know about particular dissectors
for particular payload types.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8215 f5534014-38df-0310-8fa8-9805f1628bb7

The FreeTDS TDS document says that the first string in an RPC packet is
a procedure name.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8214 f5534014-38df-0310-8fa8-9805f1628bb7

If a Netlib message has "Not last buffer" set, flag it as such in the
Info column, to distinguish it from the message with the last buffer in
it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8213 f5534014-38df-0310-8fa8-9805f1628bb7

From Niklas Ogren

the H263 dissector

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8212 f5534014-38df-0310-8fa8-9805f1628bb7

From Niklas Ogren

New Protocol: H.263 called and used by the RTP dissector

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8211 f5534014-38df-0310-8fa8-9805f1628bb7

Add the packet type name for the "Remote Procedure Call Packet" (which I
suspect refers to stored SQL procedures on the server, not to RPCs in
the traditional sense), and the beginnings of a routine to dissect those
packets (at least as seen in one capture).

Don't use "get_unicode_or_ascii_string()", as it really expects to be
used inside an SMB dissector, and wants arguments like the "bc"
argument. Just use "tvb_fake_unicode()" and "tvb_get_string()",
instead.

If we're doing reassembly, and the PDU is split across segment
boundaries, return after setting the desegmentation offset and length,
don't just drive on and dissect the partial PDU.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8210 f5534014-38df-0310-8fa8-9805f1628bb7

From Biot Oliver

Support in SMPP for GSM SMS and GSM CBS.
Reassembly of SMPP has also been fixed so that it now works.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8209 f5534014-38df-0310-8fa8-9805f1628bb7

Rename "wiretap/file.c" to "wiretap/file_io.c", as some tools, such as
the MS Visual Studio debugger, get confused by two files with the same
name being in a program's source, even though they're in different
directories.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8208 f5534014-38df-0310-8fa8-9805f1628bb7

Sometimes Ethernet captures include an FCS at the end of the packet.

An Ethernet trailer is only needed to pad the packet to 60 bytes of
Ethernet header plus payload; if the packet has what appears to be a
trailer, and it's 4 or more bytes (i.e., long enough to include an FCS),
and the Ethernet frame was claimed to have 64 or more bytes (i.e., it
has at least an FCS worth of data more than the minimum 60 bytes),
assume that the last 4 bytes of the frame were an FCS.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8207 f5534014-38df-0310-8fa8-9805f1628bb7

From Tomas Kukosa: allow subdissectors to be registered for
NonStandardParameter data in the H.245 dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8206 f5534014-38df-0310-8fa8-9805f1628bb7

From Lars Roland:

A scrollable GtkCList is used now for both GTK1 and GTK2.

Removed "overall" line from statistics table. It is not useful.

"Response Time Delay" was renamed into "Service Response Time".

Menu Item moved to "Service Response Time" folder.

As Ronnie suggested, the active display filter is now used as
default statistics filter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8205 f5534014-38df-0310-8fa8-9805f1628bb7

Label the Count field in a Write AndX response as such, rather than as
"Data Length".

Fix some low-16-bits-of fields to have "_low", rather than "_high", at
the ends of their names.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8204 f5534014-38df-0310-8fa8-9805f1628bb7

Align the --with-pcap help message with other help messages.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8203 f5534014-38df-0310-8fa8-9805f1628bb7

Fix up --with messages that include square brackets.

Put --with-plugins on the left margin, as the rest of the messages are.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8202 f5534014-38df-0310-8fa8-9805f1628bb7

Note that the "=DIR" argument to "--with-adns" is optional.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8201 f5534014-38df-0310-8fa8-9805f1628bb7

Note that the "=DIR" argument to "--with-ssl" and "--with-adns" is
optional.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8200 f5534014-38df-0310-8fa8-9805f1628bb7

Fix up --with messages that include square brackets.

Put --with-plugins on the left margin, as the rest of the messages are.

Fix up the description of --with-net-snmp.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8199 f5534014-38df-0310-8fa8-9805f1628bb7

The MaxCountHigh field in a READ_ANDX is given as a ULONG, i.e. 32 bits,
in the SNIA CIFS spec, although it's probably a 16-bit MaxCountHigh and
a 16-bit reserved field (it's a 32-bit timeout field in an earlier SMB
spec).

Call the MaxCount and MaxCountHigh fields in a READ_ANDX "Max Count Low"
and "Max Count High", rather than "Data Length Low" and "Data Length
High".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8198 f5534014-38df-0310-8fa8-9805f1628bb7

Don't do a check inside an AC_MSG_CHECKING/AC_MSG_RESULT pair - the
output looks bad if you do. Split the check for "should I check for an
SNMP library?" into "should I check for NET-SNMP?" and "should I check
for UCD SNMP?" (which makes sense because they're controlled by
different configure script options).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8197 f5534014-38df-0310-8fa8-9805f1628bb7

The length and offset for large file support for LockingAndX was broken.

We treated this as just a normal 64bit integer in LittleEndian format.
However, this is actually 2   32 bit integers, each in LittleEndian format
but the two 32 bit fields are stored in BigEndian format relative to each other.

Since we dont do 64 bit aritmetic I had to convert the field to FT_STRING as well
so sorry, no creative len>xxx    filters anymore.   but at least we present
the data in the correct way in the tree pane.

We didnt see this one earlier since most locking_andx requests are probably for offset : 0   and length: -

Funnily enough it seems that certain popular commercial products have the same bug as ethereal had up until 5 minutes ago.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8196 f5534014-38df-0310-8fa8-9805f1628bb7

packet-dcerpc-lsa had some idea that EnumDomainsEx had a funny NDR rep for
the array of domain info stuff returned. Removing the offending bit
fixed the dissection, at least of a capture we have.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8195 f5534014-38df-0310-8fa8-9805f1628bb7

Construct the About box ourselves, so it has the title "About Ethereal"
and doesn't have a message-box-type icon.

This might want to be tweaked further, to more closely resemble various
desktop environments' About boxes (although what's appropriate might
depend on the environment).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8194 f5534014-38df-0310-8fa8-9805f1628bb7

Void functions don't return values, even though GCC likes to pretend
that they do.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8193 f5534014-38df-0310-8fa8-9805f1628bb7

Update to the Response Time Statistics taps.
SMB/FC/ONC-RPC/DCE-RPC now all use the default tap filter string as the
same filter string as is used in the main window instead of using a default
NULL filter string.

The idea is that if you have applied a certain filter to your main window, it
is likely that if you want to invoke the response time statistics feature you
probably want to do the response time statistics over the same set of packets, i.e. the ones you see in the main window.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8192 f5534014-38df-0310-8fa8-9805f1628bb7

Update to the SMB dissector so that the HighLen 16 bit integer is decoded
instead of as being represented as RESERVED.
This updates the ReadAndX and WriteAndX calls and replies.

This should really try to keep track of the negotiation of the conversation to make sure we only do it for those sessions where LARGE file io has been negotiated. Currently it does it for all Read/Write AndX calls.
It is probably safe to do so since for those clients where this is not supported these bytes are RESERVED and MBZ anyway.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8191 f5534014-38df-0310-8fa8-9805f1628bb7

Define GCC_GLIB_CFLAGS as a GCC equivalent of GLIB_CFLAGS, and use it
instead of -I$(GLIB_DIR) when running GCC to generate the xyzzy file, so
that the right -I flags are used.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8190 f5534014-38df-0310-8fa8-9805f1628bb7