14 years agoadded compression support for capture file output. The Save/As dialog now has a check...
ulfl [Wed, 14 Sep 2005 21:57:30 +0000 (21:57 +0000)]
added compression support for capture file output. The Save/As dialog now has a checkbox "Compress with gzip"

currently limited to Ethereal and all the variants of libpcap filetypes only.

We might want to add output compression support to the other tools as well (tethereal, mergecap, ...).

We might also want to add support for the other filetypes, but this is only possible if the filetype functions doesn't use special output operations like fseek.

One bug is still left: if the input and output filetypes while saving are the same, Ethereal currently optimizes this by simply copy the binary file instead of using wiretap (so it will be faster but it will ignore the compress setting).

Don't know a good workaround for this, as I don't know a way to find out if the input file is currently compressed or not. One idea might be to use a heuristic on the filesize (compared to the packet size summmary). Another workaround I see is to remove this optimization, which is of course not the way I like to do it ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15804 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoadd E_OUTOFMEMORY
ulfl [Wed, 14 Sep 2005 20:09:17 +0000 (20:09 +0000)]

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15803 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Peter Johansson
etxrab [Wed, 14 Sep 2005 19:14:23 +0000 (19:14 +0000)]
From Peter Johansson
I added a description for the call to DISSECTOR_ASSERT in proto.c to be
printed to stderr.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15802 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFix a warning.
etxrab [Wed, 14 Sep 2005 19:11:23 +0000 (19:11 +0000)]
Fix a warning.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15801 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Brian Bogora:
etxrab [Wed, 14 Sep 2005 19:06:54 +0000 (19:06 +0000)]
From Brian Bogora:
Our company (Mitel) has developed an LLDP-MED plug-in for Ethereal.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15800 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Dinesh G Dutt
etxrab [Wed, 14 Sep 2005 18:40:16 +0000 (18:40 +0000)]
From Dinesh G Dutt

Support some new messages and fix a couple of bugs.

packet-fc.h - Added a #define for a Cisco MDS-specific frame called OHMS (online health mgmt srv) packet-fc.c - Support for OHMS frame, fixed an incorrect "malformed frame" error caused on ACK1 frames (they
                   don't contain anything but (encap hdr + FC hdr + encap trailer), fixed incorrect detection of

packet-fcct.h - Support for new service type, "Fabric Controller", used in conjunction with FC-SW3 ESS message,
                     exported the service name value string definitions and
packet-fcct.c - Support for recognizing "Fabric Controller" service type and "vendor-specific" service

packet-fcswils.h - Support for ESS & MRRA messages, defined as part of FC-SW3 packet-fcswils.c - Support for ESS & MRRA messages, defined as part of FC-SW3

packet-scsi.c - Support for Verify and Write&Verify SBC commands.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15799 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDo the variable binding with dissect_ber_x() routines rather than asn1 ones.
etxrab [Wed, 14 Sep 2005 17:08:41 +0000 (17:08 +0000)]
Do the variable binding with dissect_ber_x() routines rather than asn1 ones.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15798 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDont't carsh if dissect_ber_null() isn't passed a hf_id.
etxrab [Wed, 14 Sep 2005 17:04:36 +0000 (17:04 +0000)]
Dont't carsh if dissect_ber_null() isn't passed a hf_id.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15797 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAllow dissection of dcerpc of short frames instead of aborting as soon as it is...
sahlberg [Wed, 14 Sep 2005 16:06:11 +0000 (16:06 +0000)]
Allow dissection of dcerpc of short frames   instead of aborting as soon as it is detected the pdu is "short"

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15796 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofor octet strings that span beyond the end of a "short" tvb, create a new subset...
sahlberg [Wed, 14 Sep 2005 16:04:59 +0000 (16:04 +0000)]
for octet strings that span beyond the end of a "short" tvb,   create a new subset tvb of what we have and use that  instead of bailing out completely.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15795 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agowhen we have raw keberos inside the spnego blob, pass it as is over to
sahlberg [Wed, 14 Sep 2005 16:02:54 +0000 (16:02 +0000)]
when we have raw keberos inside the spnego blob,   pass it as is over to
the kerberos dissector  and do not strip the ber tag and lengths off

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15794 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoHave cf_retap_packets() take an argument that indicates whether to
guy [Wed, 14 Sep 2005 08:59:41 +0000 (08:59 +0000)]
Have cf_retap_packets() take an argument that indicates whether to
generate columns; use cf_retap_packets instead of cf_redissect_packets()
when running taps (the general flow graph stat uses the Info column).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15793 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofix #388: add /desktopicon and /quicklaunchicon command line options to the NSIS...
ulfl [Wed, 14 Sep 2005 02:07:20 +0000 (02:07 +0000)]
fix #388: add /desktopicon and /quicklaunchicon command line options to the NSIS installer

update the User's Guide accordingly

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15792 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoMove "Expert Info" from "Statistics" to "Analyze" menu item.
ulfl [Tue, 13 Sep 2005 23:46:42 +0000 (23:46 +0000)]
Move "Expert Info" from "Statistics" to "Analyze" menu item.

*significantly* improve performance (100000 infos from ~5min to 25sec!)

Add a simple severity based filter mechanism.

replace // style comments by /**/

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15791 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoTurn around the sequence of PATH, so the former PATH will be in front of the newly...
ulfl [Tue, 13 Sep 2005 19:01:08 +0000 (19:01 +0000)]
Turn around the sequence of PATH, so the former PATH will be in front of the newly added things.

This way, the cygwin link.exe command will be behind the link.exe from MSVC.

Also added a definition of the docbook dir, floating around in my personal file for a while. This will be needed if the User's Guide is included in the NSIS installer later.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15790 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoIn smb_trans_defragment(), throw an exception if we encounter a too-large
gerald [Tue, 13 Sep 2005 19:01:01 +0000 (19:01 +0000)]
In smb_trans_defragment(), throw an exception if we encounter a too-large
fragment size.  The limit is conservatively set at 65536 bytes.  It may
have to be increased.  Fixes bug 421.

Add an entry to the release notes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15789 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoimplement a way to add menu items to the "Analyze" menu
ulfl [Tue, 13 Sep 2005 18:45:52 +0000 (18:45 +0000)]
implement a way to add menu items to the "Analyze" menu

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15788 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agodon't crash with a NULL pointer exception, if "do not decode as" is used
ulfl [Tue, 13 Sep 2005 18:42:12 +0000 (18:42 +0000)]
don't crash with a NULL pointer exception, if "do not decode as" is used

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15787 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoadd to the protocol item a short description what a "Short Frame" is
ulfl [Tue, 13 Sep 2005 18:40:58 +0000 (18:40 +0000)]
add to the protocol item a short description what a "Short Frame" is

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15786 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoincrement index of IID's in COL_INFO
ulfl [Tue, 13 Sep 2005 18:39:26 +0000 (18:39 +0000)]
increment index of IID's in COL_INFO

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15785 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agouse the same name for menu item and dialog box title, use the right capitalization...
ulfl [Tue, 13 Sep 2005 18:38:19 +0000 (18:38 +0000)]
use the same name for menu item and dialog box title, use the right capitalization for both

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15784 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoGet application ID from the packet.
etxrab [Tue, 13 Sep 2005 16:56:28 +0000 (16:56 +0000)]
Get application ID from the packet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15783 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Peter Johansson
etxrab [Tue, 13 Sep 2005 16:48:13 +0000 (16:48 +0000)]
From Peter Johansson
PATH contents one had before starting the  build, that PATH is added to the new PATH variable 5 additional times
instead of 1.
I have made changes (supplied) to config.nmake that takes care of this

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15782 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agodon't simply remove the expert_info output at BoundsError, but add the comment from...
ulfl [Tue, 13 Sep 2005 08:03:16 +0000 (08:03 +0000)]
don't simply remove the expert_info output at BoundsError, but add the comment from Guy why this (usually) isn't a bug (because of a short snapshot length).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15781 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Ankur Aggarwal:
etxrab [Tue, 13 Sep 2005 05:05:19 +0000 (05:05 +0000)]
From Ankur Aggarwal:
First phase of testing revealed the following errors

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15780 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Stefan Metzmacher
etxrab [Tue, 13 Sep 2005 05:00:17 +0000 (05:00 +0000)]
From Stefan Metzmacher
Some updates to the winsrepl-dssector to add COL_INFO strings...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15779 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Alejandro Vaquero.
etxrab [Tue, 13 Sep 2005 04:53:36 +0000 (04:53 +0000)]
From Alejandro Vaquero.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15778 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Piros Lucian:
etxrab [Tue, 13 Sep 2005 04:51:49 +0000 (04:51 +0000)]
From Piros Lucian:
A new dissector - cimd dissector. CIMD stands for Computer Interface to Message Distribution and it's used to transfer short messages between applications and Nokia Short Message Service Center.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15777 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoMove the definition of GNUC_FORMAT_CHECK() to its own header, use it in
guy [Tue, 13 Sep 2005 04:00:47 +0000 (04:00 +0000)]
Move the definition of GNUC_FORMAT_CHECK() to its own header, use it in
column-utils.h, and add it to expert.h, so we check the arguments to
"expert_add_info_format()", at least if the format argument is a
constant string.

Fix some more calls to "expert_add_info_format()" to pass it a format

Don't record BoundsError exceptions as expert events - they merely
reflect a capture done with a snapshot length too short to capture all
of the packet (any case where it's caused by something else is a bug).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15776 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDon't pass an arbitrary string from a packet to a routine expecting a
guy [Tue, 13 Sep 2005 02:39:37 +0000 (02:39 +0000)]
Don't pass an arbitrary string from a packet to a routine expecting a
format string - the arbitrary string might contain "%" characters, so
the routine might then fetch arbitrary junk and try to use it as, for
example, a string pointer.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15775 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoConvert some more "tvb_memcpy()"s fetching IPv4 and IPv6 addresses to
guy [Tue, 13 Sep 2005 00:50:43 +0000 (00:50 +0000)]
Convert some more "tvb_memcpy()"s fetching IPv4 and IPv6 addresses to
calls to "tvb_get_ipv4()" and "tvb_get_ipv6()".

Fix a call in the BGP dissector to properly fetch an IEEE floating-point

Update some I-D info.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15774 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoIgnore files generated from dtd_grammar.lemon, dtd_parse.l, and
guy [Mon, 12 Sep 2005 21:01:25 +0000 (21:01 +0000)]
Ignore files generated from dtd_grammar.lemon, dtd_parse.l, and

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15773 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoWhen jumping (e.g. using menu item Go/Go to Packet...) to a new packet which is curre...
ulfl [Mon, 12 Sep 2005 20:10:44 +0000 (20:10 +0000)]
When jumping (e.g. using menu item Go/Go to Packet...) to a new packet which is currently not displayed, this newly selected packet will become the first in the packet list.

This is inconvenient, as most of the time (at least) I'm interested not only in the packets behind the newly selected one, but also to have some history *before* it.

So this change will scroll the packet list to have the selected packet after the first third of the packet list.

This change won't take effect if the new packet is already visible (only the selection is changed) or it's near the beginning or end of the packet list (so the whole beginning/end of the list is shown).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15772 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoadd number of defragmented bytes to the expert info output
ulfl [Mon, 12 Sep 2005 20:02:58 +0000 (20:02 +0000)]
add number of defragmented bytes to the expert info output

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15771 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoGet rid of "dtd_grammar.out" on a "make distclean".
guy [Mon, 12 Sep 2005 19:50:45 +0000 (19:50 +0000)]
Get rid of "dtd_grammar.out" on a "make distclean".

Get rid of all the Flex-generated (and Lemon-generated) files on a
"nmake -f Makefile.nmake distclean".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15770 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd a header file to declare routines defined in lexer and used in
guy [Mon, 12 Sep 2005 19:32:35 +0000 (19:32 +0000)]
Add a header file to declare routines defined in lexer and used in
parser, or vice versa.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15769 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAgain, "g_strdown()" doesn't return a value in GLib 1.2[.x].
guy [Mon, 12 Sep 2005 15:54:20 +0000 (15:54 +0000)]
Again, "g_strdown()" doesn't return a value in GLib 1.2[.x].

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15768 f5534014-38df-0310-8fa8-9805f1628bb7

14 years ago"g_strdown()" doesn't return a value in GLib 1.2[.x]; don't depend on it
guy [Mon, 12 Sep 2005 07:55:14 +0000 (07:55 +0000)]
"g_strdown()" doesn't return a value in GLib 1.2[.x]; don't depend on it
doing so.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15767 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoThe previous checkin for packet-isup.c was accidentally checked in along
guy [Mon, 12 Sep 2005 07:44:11 +0000 (07:44 +0000)]
The previous checkin for packet-isup.c was accidentally checked in along
with some unrelated changes; it got rid of some calls to get IPv4/IPv6
addresses and add them to the protocol tree, replacing them with
proto_tree_add_item() calls, and fixed up the length of one protocol
tree item.

Note that we have (at least) three count 'em three different routines
for dissecting/displaying NSAPs (there might be more - I might have
missed some), and suggest that we might want to reduce that to one.

Update the URL for ICP values for IPv{4,6} addresses inside NSAPs.

Fix the offset in the call to add the IPv6 address part of an NSAP
containing such an address, and the length in the call adding the DSP
for an NSAP containing an IPv4 address.

Fix up indentation a bit.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15766 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoIn now supports also:
tuexen [Mon, 12 Sep 2005 06:24:02 +0000 (06:24 +0000)]
In now supports also:
  - http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-sctpimpguide-15.txt
  - http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-addip-sctp-13.txt
  - http://www.ietf.org/internet-drafts/draft-stewart-sctp-pktdrprep-02.txt
  - http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-sctp-auth-01.txt
  - http://www.ietf.org/internet-drafts/draft-ladha-sctp-nonce-02.txt

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15765 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDon't collide with the "regular" IPv6 defintions in at least some
guy [Mon, 12 Sep 2005 06:21:35 +0000 (06:21 +0000)]
Don't collide with the "regular" IPv6 defintions in at least some
platforms in ipv6-utils.h.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15764 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofix fault defragmentation the same way as in the request/response path
ulfl [Mon, 12 Sep 2005 00:29:19 +0000 (00:29 +0000)]
fix fault defragmentation the same way as in the request/response path

Unfortunately, I don't have a capture file to test this...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15763 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofix reassembling problem I've introduced yesterday, by using fragment_add_seq_next...
ulfl [Mon, 12 Sep 2005 00:16:57 +0000 (00:16 +0000)]
fix reassembling problem I've introduced yesterday, by using fragment_add_seq_next() function instead of fragment_add()

in addition, I had to implement fragment_get_reassembled() in addition to fragment_get(), which works with reassembled_table

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15762 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFix a typo.
guy [Sun, 11 Sep 2005 22:31:36 +0000 (22:31 +0000)]
Fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15761 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrame numbers are unsigned, and they start at 1; 0 is what's used for
guy [Sun, 11 Sep 2005 22:25:33 +0000 (22:25 +0000)]
Frame numbers are unsigned, and they start at 1; 0 is what's used for
"unknown" for frame numbers.  Note that in epan/frame_data.h, and make
the frame number in experts unsigned, and use 0 for "unknown", and
display it as an unsigned number - and, if it's 0, don't display it at

Fix the signature of "expert_dlg_draw()" to match what a tap's draw
routine's signature is expected to be.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15760 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd some braces to squelch a compiler warning.
guy [Sun, 11 Sep 2005 22:19:41 +0000 (22:19 +0000)]
Add some braces to squelch a compiler warning.

Fix up indentation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15759 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoReplace tvb_memcpy() calls that extract IPv4 addresses into a guint32,
guy [Sun, 11 Sep 2005 21:25:37 +0000 (21:25 +0000)]
Replace tvb_memcpy() calls that extract IPv4 addresses into a guint32,
and that extract IPv6 addresses into a "struct e_in6_addr", with
tvb_get_ipv4() and tvb_get_ipv6() calls - except for some that we
remove, by using proto_tree_add_item(), rather than replacing.

Have epan/tvbuff.h include epan/ipv6-utils.h, to define "struct
e_in6_addr" (not necessary to declare the tvbuff routines, but including
it there means "struct e_in6_addr" is guaranteed to be defined before
those declarations, so we don't get compiler complaints if we define it
*after* those declarations).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15758 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agorename fragment_add_dcerpc -> fragment_add_dcerpc_dg to avoid confusion a bit,
ulfl [Sun, 11 Sep 2005 21:10:26 +0000 (21:10 +0000)]
rename fragment_add_dcerpc -> fragment_add_dcerpc_dg to avoid confusion a bit,
as connection oriented (cn) and connectionless (dg) DCE/RPC uses different ways to handle defragmentation and this function is only used for dg

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15757 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoGet rid of dependency on format-oid.h
etxrab [Sun, 11 Sep 2005 21:10:20 +0000 (21:10 +0000)]
Get rid of dependency on format-oid.h

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15756 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agosome things fixed, leftover from code cleanup (thanks to the buggy MSVC dependencies)
ulfl [Sun, 11 Sep 2005 17:15:00 +0000 (17:15 +0000)]
some things fixed, leftover from code cleanup (thanks to the buggy MSVC dependencies)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15755 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoI'm adding the "Expert Info" prototype now, as it seems to be in a state where others...
ulfl [Sun, 11 Sep 2005 16:55:34 +0000 (16:55 +0000)]
I'm adding the "Expert Info" prototype now, as it seems to be in a state where others might have a look and probably already find it useful :-). Anyway, we can easily disable it at one or two places in the code if it get's in our way of a new release.

Please see: http://wiki.ethereal.com/Development/ExpertInfo for a complete overview of the intended feature and it's current state of implementation.

While I'm working on this, I've also added some more status result codes to the DCE/RPC and DCOM dissectors.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15754 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd "tvb_get_ipv4()" and "tvb_get_ipv6()" addresses, to fetch IPv4 and
guy [Sat, 10 Sep 2005 19:43:41 +0000 (19:43 +0000)]
Add "tvb_get_ipv4()" and "tvb_get_ipv6()" addresses, to fetch IPv4 and
IPv6 addresses.  Use "tvb_get_ipv4()" in the WINS Replication dissector,
so that it gets the right answer on little-endian *AND* big-endian

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15753 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoIn "dissect_sip()", return 0 if "dissect_sip_common()" returns a
guy [Sat, 10 Sep 2005 19:39:56 +0000 (19:39 +0000)]
In "dissect_sip()", return 0 if "dissect_sip_common()" returns a
negative value, so we reject the packet as "not SIP".

Add a "dissect_sip_tcp_heur()" that's heuristic - it'll return FALSE if
the first packet doesn't look like SIP, but once it's dissected one
packet it'll just treat subsequent SIP packets as continuations if they
don't look right.

Clean up indentation a bit.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15752 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agopropperly handle the errors when loading a file fails.
lego [Sat, 10 Sep 2005 18:59:02 +0000 (18:59 +0000)]
propperly handle the errors when loading a file fails.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15751 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agodon't use fgets() as MSVC does not implement it. use fgetc instead.
lego [Sat, 10 Sep 2005 18:46:03 +0000 (18:46 +0000)]
don't use fgets() as MSVC does not implement it. use fgetc instead.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15750 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofix MSVC slash/backslash and other such problems, now getting:
ulfl [Sat, 10 Sep 2005 18:33:32 +0000 (18:33 +0000)]
fix MSVC slash/backslash and other such problems, now getting:

dtd_preparse.obj : error LNK2001: Nichtaufgeloestes externes Symbol _fgetln

MSVC doesn't support fgetln!

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15749 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoMake sure lemon is built before trying to use it
lego [Sat, 10 Sep 2005 18:00:28 +0000 (18:00 +0000)]
Make sure lemon is built before trying to use it

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15748 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofix the dtd_grammar.c rule
lego [Sat, 10 Sep 2005 17:55:16 +0000 (17:55 +0000)]
fix the dtd_grammar.c rule

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15747 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agonmake does not have the $^ macro
lego [Sat, 10 Sep 2005 17:47:02 +0000 (17:47 +0000)]
nmake does not have the $^ macro

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15746 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agothe dtd parser (still missing the glue) and few fixes to packet-xml.c
lego [Sat, 10 Sep 2005 17:29:15 +0000 (17:29 +0000)]
the dtd parser (still missing the glue) and few fixes to packet-xml.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15745 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofix DCE/RPC defragmentation, if both middle and last DCE/RPC fragments are in the...
ulfl [Sat, 10 Sep 2005 15:11:21 +0000 (15:11 +0000)]
fix DCE/RPC defragmentation, if both middle and last DCE/RPC fragments are in the same TCP desegmented data blob

I had to change the way the reassemble code works if the dissector is telling that more fragments *will* follow. In this case the reassemble code shouldn't try to reassemble already at that time ...

I've also changed the way if a fragment was already seen or not, as it's not enough to check for the frame number, in the scenario described above.

Unfortunately both changes *might* broke other protocols from reassemble properly. I've checked with excessive TCP desegmentation and it's still working without any changes :-)

use a tvb subset to limit the "end of bytes" processed in a single fragment dissect run, as each fragment has it's own DCE/RPC header (and isn't part of the stub data of the previous packet).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15744 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoNSIS warning removed: the label "lbl_winpcap_dont_install" is currently unused
ulfl [Fri, 9 Sep 2005 21:04:19 +0000 (21:04 +0000)]
NSIS warning removed: the label "lbl_winpcap_dont_install" is currently unused

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15743 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDissect "nbs-9".
etxrab [Fri, 9 Sep 2005 19:46:57 +0000 (19:46 +0000)]
Dissect "nbs-9".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15742 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd some 3GPP AVP:s
etxrab [Fri, 9 Sep 2005 16:19:51 +0000 (16:19 +0000)]
Add some 3GPP AVP:s

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15741 f5534014-38df-0310-8fa8-9805f1628bb7

14 years ago- dissect_per_choice() creates now only one level tree insted of two levels tree
kukosa [Fri, 9 Sep 2005 15:36:39 +0000 (15:36 +0000)]
- dissect_per_choice() creates now only one level tree insted of two levels tree
- dissect_per_choice() rewritten

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15740 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Bill Meier:
guy [Fri, 9 Sep 2005 08:40:58 +0000 (08:40 +0000)]
From Bill Meier:

define "timezone" as "gint16", as it can be positive (west of
UTC) or negative (east of UTC);

update comments to refer to the new names for structure members;

say the precision of the time stamps is 1 nanosecond only if the
ticks per second is > 10 million;

fix the handling of files truncated exactly on a frame boundary.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15739 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Didier Gautheron: pass error replies to the tap.
guy [Fri, 9 Sep 2005 08:29:10 +0000 (08:29 +0000)]
From Didier Gautheron: pass error replies to the tap.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15738 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoUpdate new RSVP host list and conversation stats to match recent changes
guy [Fri, 9 Sep 2005 08:20:16 +0000 (08:20 +0000)]
Update new RSVP host list and conversation stats to match recent changes
to the way command-line arguments and menu items for stats are done.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15737 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDon't handle the ETHEREAL_STOCK_CAPTURE_START button if we don't have
guy [Fri, 9 Sep 2005 08:11:47 +0000 (08:11 +0000)]
Don't handle the ETHEREAL_STOCK_CAPTURE_START button if we don't have
libpcap - ETHEREAL_STOCK_CAPTURE_START isn't defined, and we can't
capture in any case, so we don't need that button.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15736 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofix MSVC warning: sigcomp_state_hdlr.c(601) : warning C4101: 'partial_state_str'...
ulfl [Fri, 9 Sep 2005 00:22:37 +0000 (00:22 +0000)]
fix MSVC warning: sigcomp_state_hdlr.c(601) : warning C4101: 'partial_state_str' : unreferenced local variable

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15735 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agothe xml plugin was removed
lego [Thu, 8 Sep 2005 22:55:39 +0000 (22:55 +0000)]
the xml plugin was removed

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15734 f5534014-38df-0310-8fa8-9805f1628bb7

14 years ago some content-types are now handled by xml
lego [Thu, 8 Sep 2005 22:51:12 +0000 (22:51 +0000)]
 some content-types are now handled by xml

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15733 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agostart with fdata->num = -1, so we don't have an uninitialised value while doing read_...
ulfl [Thu, 8 Sep 2005 21:36:40 +0000 (21:36 +0000)]
start with fdata->num = -1, so we don't have an uninitialised value while doing read_filter style dissection

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15732 f5534014-38df-0310-8fa8-9805f1628bb7

14 years ago(very minor) issue found while working on a new tap
ulfl [Thu, 8 Sep 2005 21:33:11 +0000 (21:33 +0000)]
(very minor) issue found while working on a new tap

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15731 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoforgot the Id
lego [Thu, 8 Sep 2005 21:21:05 +0000 (21:21 +0000)]
forgot the Id

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15730 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoLet's migrate the xml dissector...
lego [Thu, 8 Sep 2005 21:18:58 +0000 (21:18 +0000)]
Let's migrate the xml dissector...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15729 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoa new version of the xml dissector, look ma no lex!
lego [Thu, 8 Sep 2005 21:14:24 +0000 (21:14 +0000)]
a new version of the xml dissector, look ma no lex!
mmh  still missing the dtd parser...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15728 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofix the svn keywords and some comments that were out of date
lego [Thu, 8 Sep 2005 20:11:01 +0000 (20:11 +0000)]
fix the svn keywords and some comments that were out of date

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15727 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoan API for "bufferless" parsing of text tvbs
lego [Thu, 8 Sep 2005 19:50:13 +0000 (19:50 +0000)]
an API for "bufferless" parsing of text tvbs

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15726 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFix more problems found by Steve Grubb, along with other changes:
gerald [Thu, 8 Sep 2005 15:01:16 +0000 (15:01 +0000)]
Fix more problems found by Steve Grubb, along with other changes:

Camel: Fix an off-by-one error.  Don't alloc and free where it's not
needed.  Remove an unused variable.

PPP and K12: Fix memory leaks.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15725 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agostart making winsrepl into a new style dissector and use tcp_dissect_pdus()
sahlberg [Thu, 8 Sep 2005 12:39:02 +0000 (12:39 +0000)]
start making winsrepl into a new style dissector and use tcp_dissect_pdus()

also fix bugs 417 / 418

this dissector still needs to have heuristics to be added to it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15724 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofrom M&Y Kaul
sahlberg [Thu, 8 Sep 2005 10:12:12 +0000 (10:12 +0000)]
from M&Y Kaul

rename Wins to WINS

add some new decodes

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15723 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agofrom Michal & Yaniv Kaul
sahlberg [Thu, 8 Sep 2005 10:08:01 +0000 (10:08 +0000)]
from Michal & Yaniv Kaul

Updates to prettify the Bind ACK context handles

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15722 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoadd description of the Windows installer command line parameters
ulfl [Thu, 8 Sep 2005 09:42:19 +0000 (09:42 +0000)]
add description of the Windows installer command line parameters

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15721 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoset the window title of the Win32 debug console
ulfl [Thu, 8 Sep 2005 09:19:46 +0000 (09:19 +0000)]
set the window title of the Win32 debug console

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15720 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoclose the capture interfaces dialog if the user pressed "Capture" or "Prepare"
ulfl [Wed, 7 Sep 2005 22:00:25 +0000 (22:00 +0000)]
close the capture interfaces dialog if the user pressed "Capture" or "Prepare"

this dialog is live capturing from all "known" interfaces while it's open, so huge system load is generated, which is not preferred while doing a real capture.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15719 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agodon't wait for a keypress if this is a capture child. This was very annoying, as...
ulfl [Wed, 7 Sep 2005 21:47:51 +0000 (21:47 +0000)]
don't wait for a keypress if this is a capture child. This was very annoying, as stopping a capture seems to freeze Ethereal, but it simply waits for a keypress on the capture_child's console window.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15718 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoMSVC don't like empty structs, add a dummy element to rsvp_session_ipv6_info
ulfl [Wed, 7 Sep 2005 20:50:03 +0000 (20:50 +0000)]
MSVC don't like empty structs, add a dummy element to rsvp_session_ipv6_info

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15717 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd Valgrind core files to CLEANFILES.
gerald [Wed, 7 Sep 2005 20:49:16 +0000 (20:49 +0000)]
Add Valgrind core files to CLEANFILES.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15716 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd bounds checking in several places to the SigComp UDVM. Use memset()
gerald [Wed, 7 Sep 2005 20:09:40 +0000 (20:09 +0000)]
Add bounds checking in several places to the SigComp UDVM.  Use memset()
instead of while loops to initialize variables.  Use a define instead
of magic numbers.  Don't use guint8s for counters.  Add a corresponding
entry to the release notes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15715 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Manu Pathak
sahlberg [Wed, 7 Sep 2005 19:52:44 +0000 (19:52 +0000)]
From Manu Pathak

Make RSVP tappable

add hostlist and conversation listing for RSVP conversations

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15714 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoIf dissect_ber_octet_string() gives us a null tvb, assume we have a malformed
gerald [Wed, 7 Sep 2005 15:40:59 +0000 (15:40 +0000)]
If dissect_ber_octet_string() gives us a null tvb, assume we have a malformed
packet and throw an exception.  Don't pass the null tvb to tvb_length().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15713 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd patterns to svn:ignore.
gerald [Wed, 7 Sep 2005 13:59:10 +0000 (13:59 +0000)]
Add patterns to svn:ignore.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15712 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Metze with minor changes.
sahlberg [Wed, 7 Sep 2005 13:29:44 +0000 (13:29 +0000)]
From Metze  with minor changes.

New protocol
NBNS Replication support

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15711 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoSet "COPYCMD=/Y" and remove the "/Y" from each XCOPY command in order
gerald [Wed, 7 Sep 2005 13:26:23 +0000 (13:26 +0000)]
Set "COPYCMD=/Y" and remove the "/Y" from each XCOPY command in order
to fix compilation under Windows NT.  This should fix bug 403.

The changes were made using "find . -name Makefile.nmake | xargs perl
-pi.bak -e 's: /y::i'".  They appear to work under XP, but if anything
broke I blame Larry Wall.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15710 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoSIP reassembly using req_resp_hdrs_do_reassembly()
kukosa [Wed, 7 Sep 2005 10:08:13 +0000 (10:08 +0000)]
SIP reassembly using req_resp_hdrs_do_reassembly()

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15709 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd a note about PCRE.
gerald [Tue, 6 Sep 2005 22:07:35 +0000 (22:07 +0000)]
Add a note about PCRE.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15708 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd patterns to svn:ignore.
gerald [Tue, 6 Sep 2005 19:50:31 +0000 (19:50 +0000)]
Add patterns to svn:ignore.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15707 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoMove to the latest ethereal-win32-libs tag.
gerald [Tue, 6 Sep 2005 19:48:57 +0000 (19:48 +0000)]
Move to the latest ethereal-win32-libs tag.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15706 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd a section on file locations.
gerald [Tue, 6 Sep 2005 19:21:48 +0000 (19:21 +0000)]
Add a section on file locations.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15705 f5534014-38df-0310-8fa8-9805f1628bb7