20 years agoSet "v120len" regardless of whether "tree" is null or not; we use it
guy [Sun, 12 Dec 1999 23:08:20 +0000 (23:08 +0000)]
Set "v120len" regardless of whether "tree" is null or not; we use it
regardless of whether it's null or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1306 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut the "." in "V.120".
guy [Sun, 12 Dec 1999 22:53:25 +0000 (22:53 +0000)]
Put the "." in "V.120".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1305 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded Bert Driehuis <driehuis@playbeing.org>'s I4B wiretap module
gram [Sun, 12 Dec 1999 22:40:10 +0000 (22:40 +0000)]
Added Bert Driehuis <driehuis@playbeing.org>'s I4B wiretap module
and V.120 decoder.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1304 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd short names (for "editcap" command lines and the like) for the
guy [Sun, 12 Dec 1999 21:34:51 +0000 (21:34 +0000)]
Add short names (for "editcap" command lines and the like) for the
Kuznetsov "libpcap" format and the early Kuznetsov format Red Hat 6.1

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1303 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAnother commit from a Qantas Club Lounge ... :-)
sharpe [Sun, 12 Dec 1999 21:04:29 +0000 (21:04 +0000)]
Another commit from a Qantas Club Lounge ... :-)

Update editcap to print out the type of capture file if -v specified and
add a -h flag.  Also fix a few compiler warnings ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1302 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoCopy the pseudo_header from frame_data to the wtap_pkthdr structure before
oabad [Sun, 12 Dec 1999 13:25:54 +0000 (13:25 +0000)]
Copy the pseudo_header from frame_data to the wtap_pkthdr structure before
passing it to wtap_dump()
It allows to save correct "from_dce/from_dte" flags in ngsniffer_dump.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1301 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFinished improving display of facilities :
oabad [Sun, 12 Dec 1999 12:59:01 +0000 (12:59 +0000)]
Finished improving display of facilities :
- use a subtree for each facility
- decode the DTE address when appropriate

Address decoding in call setup and clearing packets :
- the A bit is the first bit of the general format identifier
- correct use of this A bit (toa parameter) in x25_ntoa

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1300 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAvoid loading "." and ".." when scanning directories for plugins
oabad [Sun, 12 Dec 1999 10:22:41 +0000 (10:22 +0000)]
Avoid loading "." and ".." when scanning directories for plugins

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1299 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoHighlight the hex dump at the correct offset for Who utmp Entry
gram [Sun, 12 Dec 1999 06:59:24 +0000 (06:59 +0000)]
Highlight the hex dump at the correct offset for Who utmp Entry

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1298 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd the who protocol (rwho/rwhod/ruptime)
gram [Sun, 12 Dec 1999 05:11:57 +0000 (05:11 +0000)]
Add the who protocol (rwho/rwhod/ruptime)

In packet_hex_print(), compute (bstart + blen) only once.

In time_secs_to_str(), return a meaningful string when time == 0, instead
of returing pointer to char buffer with old, inappropriate data in it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1297 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd a URL for the WCCP 1.0 draft.
guy [Sun, 12 Dec 1999 03:10:14 +0000 (03:10 +0000)]
Add a URL for the WCCP 1.0 draft.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1296 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoWCCP 1.0 dissection, from Jerry Talkington.
guy [Sun, 12 Dec 1999 03:05:57 +0000 (03:05 +0000)]
WCCP 1.0 dissection, from Jerry Talkington.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1295 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFixed up the problems with compilation warnings, as per some patched
sharpe [Sun, 12 Dec 1999 02:19:00 +0000 (02:19 +0000)]
Fixed up the problems with compilation warnings, as per some patched
from Guy, plus a few more of my own.

Also added in basic response decoding where we don't know what it is ...

Got more to do, as well as decoding returned data ... Thinking about that
now, and will have a data-drived approach.

I need some way to specify that an internal routine be called for some types
of data where we know what type it is, in the case of Server Types for
example ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1294 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIf we have an SNMP library, use its routines for printing values; that
guy [Sun, 12 Dec 1999 01:51:47 +0000 (01:51 +0000)]
If we have an SNMP library, use its routines for printing values; that
way, it checks that the type of the variable matches the type it's
claimed to have in the MIB (and indicates if it isn't), it can decode
enumerated types, and it may also use the DISPLAY-HINT string in the

Handle unknown types better.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1293 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut in a private data structure hanging off the "wtap_dumper" structure
guy [Sat, 11 Dec 1999 10:02:13 +0000 (10:02 +0000)]
Put in a private data structure hanging off the "wtap_dumper" structure
the "this is the first frame" flag, and the time stamp of the first
frame, used when writing Sniffer files, so that more than one could be
open at a time (Wiretap doesn't forbid that) and so that they're
initialized when you start writing a capture.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1292 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoCorrect timestamp calculation in ngsniffer_dump
oabad [Sat, 11 Dec 1999 09:22:36 +0000 (09:22 +0000)]
Correct timestamp calculation in ngsniffer_dump

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1291 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix a couple of typos.
guy [Sat, 11 Dec 1999 06:58:41 +0000 (06:58 +0000)]
Fix a couple of typos.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1290 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoWe no longer use "asn_parse_header()" from the SNMP libraries; we use
guy [Sat, 11 Dec 1999 05:30:31 +0000 (05:30 +0000)]
We no longer use "asn_parse_header()" from the SNMP libraries; we use
"sprint_objid()", however.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1289 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoProvide different file types for "modified" and Red Hat 6.1 "libpcap"
guy [Sat, 11 Dec 1999 00:40:40 +0000 (00:40 +0000)]
Provide different file types for "modified" and Red Hat 6.1 "libpcap"
files (the former have a different per-packet header, and a different
magic number, from the standard "libpcap"; the latter have the same
per-packet header as "modified" "libpcap" files, but the same magic
number as standard "libpcap" files, sigh).

Support writing "libpcap" captures in all three formats (so that, for
example, people running Ethereal on RH 6.1 can write out captures that
the "tcpdump" that comes with RH 6.1 can read, although that's not the
default format we save in - there's no way to tell whether you're
running on RH 6.1, as far as I know; "uname()" just tells you, on Linux
systems, that the kernel is Linux 2.x, and what "x" is, it doesn't say
what the *rest* of the system is).

Fix the table in "file.c" to use Olivier's code for writing Sniffer

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1288 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDon't do "if this is PPP, do this, else do that" quite so much - use
guy [Fri, 10 Dec 1999 21:27:13 +0000 (21:27 +0000)]
Don't do "if this is PPP, do this, else do that" quite so much - use
mechanisms that let you add new encapsulations more easily.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1287 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDon't use MAX_NAME_LEN*6 for string buffers, define our own
guy [Fri, 10 Dec 1999 21:00:53 +0000 (21:00 +0000)]
Don't use MAX_NAME_LEN*6 for string buffers, define our own
MAX_STRING_LEN and use that.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1286 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoCMU SNMP doesn't have a documented way of including *only* those header
guy [Fri, 10 Dec 1999 20:45:37 +0000 (20:45 +0000)]
CMU SNMP doesn't have a documented way of including *only* those header
files you need for the MIB-related routines, so I'm including
<snmp/snmp.h>; unfortunately, that "helpfully" defines a pile of things
we later define, giving rise to a bunch of compiler complaints, so we
undefine them after including <snmp/snmp.h>.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1285 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFixed a typo (tee instead of tree) in dissect_transact_next
oabad [Fri, 10 Dec 1999 12:51:01 +0000 (12:51 +0000)]
Fixed a typo (tee instead of tree) in dissect_transact_next

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1284 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoBeginning to handle LANMAN in a data-driven way, with tables etc.
sharpe [Fri, 10 Dec 1999 11:53:18 +0000 (11:53 +0000)]
Beginning to handle LANMAN in a data-driven way, with tables etc.

Next will handle responses, and data returned ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1283 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMore v3 dissectors added. 11 function are still missing.
girlich [Fri, 10 Dec 1999 10:52:40 +0000 (10:52 +0000)]
More v3 dissectors added. 11 function are still missing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1282 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agohex output of 64 Bit numbers with 0x prefixed
girlich [Fri, 10 Dec 1999 10:40:54 +0000 (10:40 +0000)]
hex output of 64 Bit numbers with 0x prefixed

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1281 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMake the SNMP dissector use the ASN.1 code, rather than the SNMP library
guy [Fri, 10 Dec 1999 09:49:29 +0000 (09:49 +0000)]
Make the SNMP dissector use the ASN.1 code, rather than the SNMP library
code, to dissect SNMP PDUs; use the SNMP library code only to translate
OIDs into strings.

Put into the ASN.1 code an annoying hack to cope with the fact that UCD
SNMP makes an OID out of "u_long"s whilst CMU SNMP makes it out of
"u_int"s - have the ASN.1 code make it out of "subid_t"s, and typedef
"subid_t" appropriately depending on the SNMP library you have.

Eventually, we should be able to use "libsmi" instead of a full-blown
SNMP library, and thus possibly work around various aggravations with
the SNMP libraries.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1280 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoChange the comments to reflect the fact that this is now no longer a tab
guy [Fri, 10 Dec 1999 07:20:57 +0000 (07:20 +0000)]
Change the comments to reflect the fact that this is now no longer a tab
of the "Edit:Preferences" dialog box.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1279 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoSquelch a GCC complaint.
guy [Fri, 10 Dec 1999 07:04:30 +0000 (07:04 +0000)]
Squelch a GCC complaint.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1278 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUse decode_numeric_bitfield for address length in call packets
oabad [Fri, 10 Dec 1999 07:02:29 +0000 (07:02 +0000)]
Use decode_numeric_bitfield for address length in call packets

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1277 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMake the protocol tree GUI pane associate with the packet list pane
gram [Fri, 10 Dec 1999 06:44:39 +0000 (06:44 +0000)]
Make the protocol tree GUI pane associate with the packet list pane
instead of the hex dump pane.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1276 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoJerry Talkington's patch to remove the filter stuff from
guy [Fri, 10 Dec 1999 06:28:24 +0000 (06:28 +0000)]
Jerry Talkington's patch to remove the filter stuff from
"Edit:Preferences" and put it directly under "Edit:Filters", and to add
an "Apply" button to it, which makes the currently selected filter the
current filter and applies it to the current capture.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1275 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoRemove unnecessary gtk-related #includes.
gram [Fri, 10 Dec 1999 04:25:59 +0000 (04:25 +0000)]
Remove unnecessary gtk-related #includes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1274 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMove GTK code out of summary.c and into gtk/summary_dlg.c
gram [Fri, 10 Dec 1999 04:21:04 +0000 (04:21 +0000)]
Move GTK code out of summary.c and into gtk/summary_dlg.c
summary.c now provides a struct of info (see summary.h)

Changed the name of the summary dialogue callback (hence the change
in menu.c), and added a close button to the dialogue.

Moved #include <gtk/gtk.h> out of print.c and into prefs.h where it
was needed for GdkColor.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1273 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPrint only 4 hex digits for the "Flags and version" field, as it's 16
guy [Fri, 10 Dec 1999 02:29:48 +0000 (02:29 +0000)]
Print only 4 hex digits for the "Flags and version" field, as it's 16

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1272 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoadded hack for aarp to deal with linux kernel byteswapping misfeature
nneul [Fri, 10 Dec 1999 00:45:15 +0000 (00:45 +0000)]
added hack for aarp to deal with linux kernel byteswapping misfeature

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1271 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd support to Wiretap for writing sniffer capture files.
oabad [Thu, 9 Dec 1999 23:17:20 +0000 (23:17 +0000)]
Add support to Wiretap for writing sniffer capture files.

I'm using 4.0 as the version in the REC_VERS record. It seems to work
with sniffer versions 4.40 and 5.0

No ATM support yet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1270 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoClass A facilities decoding :
oabad [Thu, 9 Dec 1999 23:03:49 +0000 (23:03 +0000)]
Class A facilities decoding :
- correct a problem with throughput class calculation
- improved the display using decode_xxx_bitfield()

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1269 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoThou Shalt Not Cast Pointers Into A Packet To Pointers To Anything
guy [Thu, 9 Dec 1999 21:58:04 +0000 (21:58 +0000)]
Thou Shalt Not Cast Pointers Into A Packet To Pointers To Anything
Bigger Than A Byte, as there's no guarantee that the pointer is aligned
the way you'd like (consider, for example, FDDI packets, which may be
aligned on an *odd-byte* boundary).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1268 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut in an RCS ID.
oabad [Thu, 9 Dec 1999 20:55:49 +0000 (20:55 +0000)]
Put in an RCS ID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1267 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDissect port 3128 as HTTP, as per Jamie Coe's patch and Squid and
guy [Thu, 9 Dec 1999 20:54:32 +0000 (20:54 +0000)]
Dissect port 3128 as HTTP, as per Jamie Coe's patch and Squid and
NetCache's use of it as a proxy port, and dissect port 3132 as HTTP, as
per NetCache's use of it for its HTTP-based administrative UI.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1266 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoJamie Coe's update to add D-link's OUI.
guy [Thu, 9 Dec 1999 20:52:54 +0000 (20:52 +0000)]
Jamie Coe's update to add D-link's OUI.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1265 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoSRVLOC updates from James Coe.
guy [Thu, 9 Dec 1999 20:46:28 +0000 (20:46 +0000)]
SRVLOC updates from James Coe.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1264 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoplugins support (i.e. Dynamically loadable dissectors)
oabad [Thu, 9 Dec 1999 20:43:38 +0000 (20:43 +0000)]
plugins support (i.e. Dynamically loadable dissectors)
depends on dlopen() being available on the target platform

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1263 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agocleaned up nbp and added rtmp dissector
nneul [Thu, 9 Dec 1999 17:06:37 +0000 (17:06 +0000)]
cleaned up nbp and added rtmp dissector

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1262 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agocleanup/renaming of fields for nbp dissector
nneul [Thu, 9 Dec 1999 15:31:24 +0000 (15:31 +0000)]
cleanup/renaming of fields for nbp dissector

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1261 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut X.25 Facilities in call packets in a subtree
oabad [Thu, 9 Dec 1999 13:51:08 +0000 (13:51 +0000)]
Put X.25 Facilities in call packets in a subtree
Decode a new facility (0xD2 : Priority)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1260 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMore v3 dissector routines. 14 functions are still missing.
girlich [Thu, 9 Dec 1999 12:54:10 +0000 (12:54 +0000)]
More v3 dissector routines. 14 functions are still missing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1259 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMore v3 dissector routines. 25 functions still missing.
girlich [Thu, 9 Dec 1999 10:10:29 +0000 (10:10 +0000)]
More v3 dissector routines. 25 functions still missing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1258 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoNew defines for create modes.
girlich [Thu, 9 Dec 1999 10:08:05 +0000 (10:08 +0000)]
New defines for create modes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1257 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoGet rid of an unused variable.
guy [Thu, 9 Dec 1999 07:37:13 +0000 (07:37 +0000)]
Get rid of an unused variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1256 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMove the GTK+ implementations of various UI utilities out of "util.c"
guy [Thu, 9 Dec 1999 07:19:20 +0000 (07:19 +0000)]
Move the GTK+ implementations of various UI utilities out of "util.c"
into "gtk/ui_util.c", and move the declarations of those UI utilities
out of "util.h" into "ui_util.h".  (The header file is in the top-level
directory, rather than the "gtk" directory, because it declares
window-system-independent interfaces to routines with
window-system-dependent implementations.)

Add to "gtk/ui_util.c" a routine to set the window and icon title.

Use that routine to make the title of an Ethereal top-level window be

{filename} - Ethereal

if there's a capture open, and have "{filename}" be "<capture>" if it's
a temporary capture file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1255 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoadded ldap dissector placeholder, just does request/response for now, until I have...
nneul [Thu, 9 Dec 1999 04:06:54 +0000 (04:06 +0000)]
added ldap dissector placeholder, just does request/response for now, until I have a chance to figure out ASN.1

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1254 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoextended nbp dissector, is stable, but i believe it's not completely correct yet
nneul [Thu, 9 Dec 1999 04:02:50 +0000 (04:02 +0000)]
extended nbp dissector, is stable, but i believe it's not completely correct yet

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1253 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd RFC 1702 GRE-over-IPv4.
guy [Thu, 9 Dec 1999 02:53:33 +0000 (02:53 +0000)]
Add RFC 1702 GRE-over-IPv4.

The routing information in a GRE packet is a list of items; dissect all
of them (partially - we don't actually dissect the routing data).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1252 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agostarted nbp dissector
nneul [Wed, 8 Dec 1999 23:55:01 +0000 (23:55 +0000)]
started nbp dissector

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1251 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agochanged numbers to bullets and removed nbp dissector item - in progress
nneul [Wed, 8 Dec 1999 23:41:41 +0000 (23:41 +0000)]
changed numbers to bullets and removed nbp dissector item - in progress

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1250 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agofix stupid atalk typo and remove other proto names stuff
nneul [Wed, 8 Dec 1999 23:25:37 +0000 (23:25 +0000)]
fix stupid atalk typo and remove other proto names stuff

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1249 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoadded a couple of ddp protocol names based on looking at packets in genbroad.snoop...
nneul [Wed, 8 Dec 1999 23:21:08 +0000 (23:21 +0000)]
added a couple of ddp protocol names based on looking at packets in genbroad.snoop, added placeholder routines for nbp and rtmp dissection

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1248 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agobetter info line for ipx message
nneul [Wed, 8 Dec 1999 22:07:26 +0000 (22:07 +0000)]
better info line for ipx message

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1247 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoadded decode support for 'poll inactive station' ipx message
nneul [Wed, 8 Dec 1999 21:59:12 +0000 (21:59 +0000)]
added decode support for 'poll inactive station' ipx message

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1246 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut the "0[xX]" prefix for "%#[Xx]", and the "0" prefix for "%#o",
guy [Wed, 8 Dec 1999 21:44:33 +0000 (21:44 +0000)]
Put the "0[xX]" prefix for "%#[Xx]", and the "0" prefix for "%#o",
*before* any padding "0"s.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1245 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoRegister "ett_gre_flags" as an subtree type.
guy [Wed, 8 Dec 1999 21:38:14 +0000 (21:38 +0000)]
Register "ett_gre_flags" as an subtree type.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1244 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoproto tree style fixes
nneul [Wed, 8 Dec 1999 18:12:06 +0000 (18:12 +0000)]
proto tree style fixes

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1243 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded Philip Gladstone <philip@raptor.com>'s patch to check IP header
gram [Wed, 8 Dec 1999 17:54:41 +0000 (17:54 +0000)]
Added Philip Gladstone <philip@raptor.com>'s patch to check IP header
checksum, and noted the need for user-selectable lines in the GUI tree.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1242 f5534014-38df-0310-8fa8-9805f1628bb7

20 years ago- don't print RFC1771 NLRI length if == 0
itojun [Wed, 8 Dec 1999 08:12:27 +0000 (08:12 +0000)]
- don't print RFC1771 NLRI length if == 0
- don't do AS_PATH parsing if AS_PATH is empty, just print empty

From: Greg Hankins <gregh@twoguys.org>

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1241 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd Dave Chapeskie's name to the list of contributors.
guy [Tue, 7 Dec 1999 22:59:31 +0000 (22:59 +0000)]
Add Dave Chapeskie's name to the list of contributors.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1240 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIt appears that the IRIX SIOCSNOOPLEN "ioctl", as used by "libpcap" to
guy [Tue, 7 Dec 1999 22:11:02 +0000 (22:11 +0000)]
It appears that the IRIX SIOCSNOOPLEN "ioctl", as used by "libpcap" to
set the capture length on IRIX, may fail if the capture length supplied
is too large, rather than just truncating it.  Use MIN_PACKET_SIZE,
rather than WTAP_MAX_PACKET_SIZE, in our sample open.

Let's hope some *other* platform doesn't barf if the capture length is
too *small*....

(Sigh.  Would that "pcap_open_live()" accepted 0 as a capture size,
meaning "give me the whole packet".  Unfortunately, it doesn't, so IRIX
users may have to crank the capture size back in the capture dialog

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1239 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoRemove 3 GTK+ header files and have our gtkclist.c use
gram [Tue, 7 Dec 1999 22:06:27 +0000 (22:06 +0000)]
Remove 3 GTK+ header files and have our gtkclist.c use
the the system version of the gtk header files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1238 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agostyle improvements in ARP dissector proto tree, added todo items
nneul [Tue, 7 Dec 1999 15:38:20 +0000 (15:38 +0000)]
style improvements in ARP dissector proto tree, added todo items

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1237 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd the "-R" flag to the usage message.
guy [Tue, 7 Dec 1999 07:12:49 +0000 (07:12 +0000)]
Add the "-R" flag to the usage message.

Don't list capture-oriented flags in the usage message if Ethereal was
built without "libpcap".

If a capture-oriented flag is given to an Ethereal built without
"libpcap", print a message noting that and give a usage message.

Print only one usage message, even if more than one bad command-line
flag is given.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1236 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoHere I am commit'ing again in a Qantas Club lounge :-)
sharpe [Tue, 7 Dec 1999 06:36:12 +0000 (06:36 +0000)]
Here I am commit'ing again in a Qantas Club lounge :-)

Fixed up some bugs to do with NetShareEnum.  There is still a persistent bug
left that looks like an alignment problem. Damn documentation does not talk
about the need to align the response structures for a NetServerEnum2 on SHORT
boundaries, but it sure looks like they should be so.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1235 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoJames Coe's patch to add SRVLOC and NCP-over-IP support.
guy [Tue, 7 Dec 1999 06:13:19 +0000 (06:13 +0000)]
James Coe's patch to add SRVLOC and NCP-over-IP support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1234 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFixes to highlighting for irc dissector req/resp lines
nneul [Tue, 7 Dec 1999 00:22:11 +0000 (00:22 +0000)]
Fixes to highlighting for irc dissector req/resp lines
Change to dns dissector to display "Domain Name System (request)" instead of
"DNS request" in the proto tree, as it is more in keeping with the style
of the other proto tree entries.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1233 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoadded simple irc dissector
nneul [Mon, 6 Dec 1999 23:57:51 +0000 (23:57 +0000)]
added simple irc dissector

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1232 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPatch from Jerry Talkington to:
guy [Mon, 6 Dec 1999 20:27:40 +0000 (20:27 +0000)]
Patch from Jerry Talkington to:

treat CONNECT as an HTTP request;

add DELETE and OPTIONS as request names.

Make the order of names in the AUTHORS file match that of the man page
and the About box.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1231 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUse WORDS_BIGENDIAN, rather than BYTE_ORDER, to determine which values
guy [Mon, 6 Dec 1999 20:20:35 +0000 (20:20 +0000)]
Use WORDS_BIGENDIAN, rather than BYTE_ORDER, to determine which values
is defined as long as you include "config.h"; BYTE_ORDER is defined only
if you include "global.h" (or if your OS *happens* to define it in an
include file that's being included), and we're trimming the number of
files that include "global.h".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1230 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoRemove #include "globals.h" from packet-atalk.c (not needed) and from
gram [Mon, 6 Dec 1999 18:33:49 +0000 (18:33 +0000)]
Remove #include "globals.h" from packet-atalk.c (not needed) and from
packet-ipv6.h. Of all the files that include packet-ipv6.h, only
ipproto.c needs "globals.h", so I put the #include in ipproto.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1229 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoNFS v2 ist ready.
girlich [Mon, 6 Dec 1999 09:57:34 +0000 (09:57 +0000)]
NFS v2 ist ready.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1228 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agodissect_rpc_string() can now better handle truncated strings.
girlich [Mon, 6 Dec 1999 09:51:56 +0000 (09:51 +0000)]
dissect_rpc_string() can now better handle truncated strings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1227 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd support for saving files in a format other than the one they're in
guy [Mon, 6 Dec 1999 09:08:58 +0000 (09:08 +0000)]
Add support for saving files in a format other than the one they're in
and other than "libpcap", now that Wiretap can write files other than

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1226 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd support for saving files in a format other than the one they're in
guy [Mon, 6 Dec 1999 09:02:48 +0000 (09:02 +0000)]
Add support for saving files in a format other than the one they're in
and other than "libpcap", now that Wiretap can write files other than

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1225 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoChanges from Dave Chapeskie.
guy [Mon, 6 Dec 1999 03:39:34 +0000 (03:39 +0000)]
Changes from Dave Chapeskie.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1224 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoWhen dissecting the reference clock ID field:
guy [Mon, 6 Dec 1999 03:18:24 +0000 (03:18 +0000)]
When dissecting the reference clock ID field:

if it's stratum 0 or 1, use "memcmp()" to compare it against the
strings in our table, rather than assuming it's aligned on a
4-byte boundary and doing an integral comparison - neither of
the strings being compared are necessarily so aligned - and, if
it doesn't match any of them, include the value in the
"Unidentified reference source" description;

if it's stratum 2 or higher, extract the value with "pntohl()"
before interpreting it as an IP address - IP addresses are in
network byte order, and, again, it's not necessarily neatly
aligned on a 4-byte boundary.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1223 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd ^G as an accelerator for Display:Go To Frame.
guy [Sun, 5 Dec 1999 23:44:24 +0000 (23:44 +0000)]
Add ^G as an accelerator for Display:Go To Frame.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1222 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUpdates from Kojak.
guy [Sun, 5 Dec 1999 22:59:55 +0000 (22:59 +0000)]
Updates from Kojak.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1221 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoApple, for some unknown reason, doesn't just encapsulate AppleTalk data
guy [Sun, 5 Dec 1999 22:52:00 +0000 (22:52 +0000)]
Apple, for some unknown reason, doesn't just encapsulate AppleTalk data
packets as SNAP-encapsulated Ethernet; instead, they use one of their
*own* OUIs, followed by the Ethernet packet type for AppleTalk.  (Even
more oddly, they *do* use SNAP-encapsulated Ethernet for AARP....)

Dissect OUI 08-00-07 the same way we dissect the SNAP-encapsulated
Ethernet OUI of 00-00-00, and identify it as an Apple OUI.

Add checks to make sure we actually have a full LLC header and, if it's
a SNAP frame, that we have a full SNAP header as well.

For non-SNAP frames, list both the DSAP and the SSAP in the Info column,
and, for SNAP frames, list the OUI and PID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1220 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agovlan updates for etype<maxlen and capture counters
nneul [Sun, 5 Dec 1999 20:05:45 +0000 (20:05 +0000)]
vlan updates for etype<maxlen and capture counters

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1219 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix a typo.
guy [Sun, 5 Dec 1999 09:50:58 +0000 (09:50 +0000)]
Fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1218 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDon't assume that the OUI of all SNAP frames is 00-00-00; treat only
guy [Sun, 5 Dec 1999 09:45:32 +0000 (09:45 +0000)]
Don't assume that the OUI of all SNAP frames is 00-00-00; treat only
frames with an OUI of 00-00-00 as SNAP-encapsulated Ethernet, and, for
other SNAP frames, display the protocol ID as hex and dissect the
payload as data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1217 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoSome small fixes to the smb decoding of sessionsetup&X.
sharpe [Sun, 5 Dec 1999 08:22:22 +0000 (08:22 +0000)]
Some small fixes to the smb decoding of sessionsetup&X.

Will have to do some more soon.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1216 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoCheck in the ASN.1 code for reference purposes, although the SNMP
guy [Sun, 5 Dec 1999 07:50:01 +0000 (07:50 +0000)]
Check in the ASN.1 code for reference purposes, although the SNMP
dissector doesn't use it yet - Nathan Neulinger might use it for a
Kerberos 5 dissector, and it might be of use for other dissectors as

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1215 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAs per Nathan Leulinger's suggestion, have a stub SNMP dissector if
guy [Sun, 5 Dec 1999 02:33:52 +0000 (02:33 +0000)]
As per Nathan Leulinger's suggestion, have a stub SNMP dissector if
there are no SNMP libraries to use in a real dissector; this means that
other dissectors don't have to care if there are SNMP libraries, they
can just call "dissect_snmp()" - and this also simplifies "Makefile.am"
and "configure.in" a bit, as they just treat "packet-snmp.c" and
"packet-snmp.h" the same way they treat other dissector source files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1214 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUse the new routines in Wiretap to make the argument to "-T" be a
guy [Sun, 5 Dec 1999 01:27:14 +0000 (01:27 +0000)]
Use the new routines in Wiretap to make the argument to "-T" be a
symbolic name, and to list the encapsulation types in the usage message.

Note in the usage message that the default output encapsulation type is
"same as the input file" and that the default output file type is

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1213 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoProvide a table of descriptive and short (command-line) names for
guy [Sun, 5 Dec 1999 01:24:54 +0000 (01:24 +0000)]
Provide a table of descriptive and short (command-line) names for
encapsulation types, and routines to translate encapsulation types to
names and short names to encapsulation types, for the benefit of

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1212 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoExpand on the description of "libpcap" and "snoop" capture file formats.
guy [Sun, 5 Dec 1999 01:23:22 +0000 (01:23 +0000)]
Expand on the description of "libpcap" and "snoop" capture file formats.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1211 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIt's now called "editcap", as it can read any file format Wiretap can
guy [Sat, 4 Dec 1999 21:42:56 +0000 (21:42 +0000)]
It's now called "editcap", as it can read any file format Wiretap can
read, and write any format it can write; change the error messages.

Make the "-F" flag take a symbolic capture file type; use
"wtap_short_string_to_file_type()" to translate it to a WTAP_FILE_

List, in the usage message, the capture file types we can write, and the
symbolic types you use on the command line to specify them.

Give it an RCS ID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1210 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd rules for making "editcap".
guy [Sat, 4 Dec 1999 21:37:56 +0000 (21:37 +0000)]
Add rules for making "editcap".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1209 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoOops! First check if the short name in the "dump_open_table[]" entry is
guy [Sat, 4 Dec 1999 21:32:58 +0000 (21:32 +0000)]
Oops!  First check if the short name in the "dump_open_table[]" entry is
NULL before checking if it matches the name you were handed....

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1208 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoGive those capture file formats we can write a "short name", to be used
guy [Sat, 4 Dec 1999 21:20:09 +0000 (21:20 +0000)]
Give those capture file formats we can write a "short name", to be used
to, for example, specify on a command line the format that a program
should write; provide a routine to translate a file type to its short
name, and to translate a short name to the corresponding file type.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1207 f5534014-38df-0310-8fa8-9805f1628bb7