guy [Fri, 23 Feb 2001 07:09:39 +0000 (07:09 +0000)]
Boolean fields are just like other fields - if you use the field name
without a comparison operator, it tests for the field's presence or
absence, not its value; to test whether a Boolean field is true, you
compare it with a non-zero value, and to test whether it's false, you
compare it with a zero value.
Make the filter expression construction dialog handle that correctly.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3068
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 23 Feb 2001 05:54:27 +0000 (05:54 +0000)]
The text entry box that a filter construction dialog manipulates is
always attached to the dialog as the E_FILT_FILTER_TE_KEY data, but only
sometimes attached as the E_FILT_TE_KEY data.
Get rid of E_FILT_TE_KEY completely, as it's redundant, and use only
E_FILT_FILTER_TE_KEY; this keeps us from crashing as a result of trying
to manipulate the widget referred to by E_FILT_TE_KEY if E_FILT_TE_KEY
hasn't been set to refer to any widget.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3067
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 22 Feb 2001 22:03:31 +0000 (22:03 +0000)]
Etherpeek version 5, 6, and 7 support, from Daniel Thompson.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3066
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 21 Feb 2001 23:53:25 +0000 (23:53 +0000)]
NFSv4 updates from Mike Frisch to fix some cosmetic issues when
displaying XDR arrays.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3065
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 21 Feb 2001 19:42:37 +0000 (19:42 +0000)]
Initialize hf_ip_checksum_bad to -1 like all other fields.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3064
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 21 Feb 2001 19:35:50 +0000 (19:35 +0000)]
Change from James E. Flemer to add hidden Boolean fields that are set if
the IP or ICMP checksum is bad.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3063
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 20 Feb 2001 20:25:08 +0000 (20:25 +0000)]
Make the "activate" signal on the text entry boxes in the filter editing
dialog activate the entire dialog box.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3062
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 20 Feb 2001 20:14:18 +0000 (20:14 +0000)]
Catch the "destroy" signal on the filter-expression-construction dialog,
and, when it's being destroyed, disconnect from the "destroy" signal on
the text entry box to which it's attached, so that, when that text entry
box is destroyed, we don't try to get rid of the no-longer-extant
filter-expression-construction dialog.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3061
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 20 Feb 2001 20:06:04 +0000 (20:06 +0000)]
Catch the "destroy" signal on the text entry box to which a
filter-expression-construction dialog box is attached; if the text entry
box is destroyed (which typically means the window it's in was
destroyed), get rid of the filter-expression-construction dialog box.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3060
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 20 Feb 2001 19:09:30 +0000 (19:09 +0000)]
The all-purpose answer to "this widget expands to fill the space
available for it and it looks ugly" is "throw an alignment around it".
(I *still* don't know why it's not required in other dialog boxes, e.g.
the filter-editing dialog box.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3059
f5534014-38df-0310-8fa8-
9805f1628bb7
nneul [Tue, 20 Feb 2001 16:25:52 +0000 (16:25 +0000)]
added support for dissecting SRV RRs
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3058
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 20 Feb 2001 09:53:48 +0000 (09:53 +0000)]
Make the "activate" signal on the text entry boxes in the filter
expression construction dialog activate the entire dialog box.
Make a desperate but failed attempt to bludgeon GTK+, The Toolkit That
Knows Better Than You Do How Big Buttons Should Be Made, Even If It
Looks Butt-Ugly, And Which Appears To Randomly Decide Whether To Make It
Look Ugly Or Not, into making the "Cancel" button as tall as the inside
of the "Accept" button, not as tall as the "Accept" button plus its
"this is the default button" surround.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3057
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 20 Feb 2001 09:28:28 +0000 (09:28 +0000)]
Call the test for a protocol "is present", just like the test for other
fields.
Show a relational operator on a field if the field supports it *or* if
the field can be sliced and the type generated by a range (FT_BYTES)
supports it. (This lets you do a comparison on a protocol, not just on
a range of a protocol - e.g., "arp == 2", not just "arp[0:1] == 2" - but
the alternative would be to show only the "is present" test, as if you
don't offer the other tests, you can't turn on the range text box when
they select a comparison expression if you don't show comparison
expresions...).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3056
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 20 Feb 2001 08:10:14 +0000 (08:10 +0000)]
In the DIAMETER dissector, clear the Info column before fetching
anything from the packet, so that if we throw an exception before
setting the Info column, it doesn't have stuff left over from the
previous dissector.
Tvbuffify the RADIUS dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3055
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 20 Feb 2001 07:48:44 +0000 (07:48 +0000)]
Temporarily bring "packet-diameter.h" back from the dead; changing it
and deleting it might've confused the stuff that generates the anonymous
CVS tree, as it didn't propagate the deletion. I'll delete it again
after this checkin shows up in the anonymous CVS tree.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3054
f5534014-38df-0310-8fa8-
9805f1628bb7
itojun [Tue, 20 Feb 2001 07:17:20 +0000 (07:17 +0000)]
correct TSIG decoding (specifically offset/length in dump list).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3053
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 20 Feb 2001 04:09:37 +0000 (04:09 +0000)]
On Win32, if Ethereal started as a GUI rather than a console
application, catch what GLib message-logging calls we can, and create a
console and make it the standard input, output, and error if such a call
is made, so those messages show up in a console window. Create the
console for the output of "ethereal -v" as well.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3052
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 20 Feb 2001 01:20:24 +0000 (01:20 +0000)]
Don't do anything with 64-bit integral types if G_HAVE_GINT64 isn't
defined.
Use "gint64" and "guint64", not "long long int", for 64-bit integral
types, so that this code works with compilers (such as Microsoft Visual
C++) that have 64-bit integral types but that don't call them "long
long".
Use "pntohll()" to extract 64-bit integral types from a field.
Put a "break;" into a "default:" clause - MSVC++ doesn't like
switch (XXX) {
...
default:
}
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3051
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 19 Feb 2001 23:16:36 +0000 (23:16 +0000)]
As "dissect_diameter()" is now static to "packet-diameter.c", there's no
need to declare it in "packet-diameter.h" - and no need for
"packet-diameter.h".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3050
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 19 Feb 2001 23:14:02 +0000 (23:14 +0000)]
New tvbuffified DIAMETER dissector, from David Frascone.
It doesn't do DIAMETER-over-UDP, so the RADIUS dissector no longer
checks for DIAMETER packets and calls the DIAMETER dissector if it finds
one.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3049
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 19 Feb 2001 21:02:33 +0000 (21:02 +0000)]
Updates from Alexandre P. Ferreira.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3048
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 18 Feb 2001 03:38:44 +0000 (03:38 +0000)]
In the MSVC++ 6.0 C library, "line-buffered" doesn't mean what one might
expect - it means "same as fully-buffered". This means that the "-l"
flag is a no-op on Windows.
Instead of setting line-buffered mode with "setvbuf()", set a flag and,
if that flag is set, flush the standard output after the information for
ever packet is printed; this isn't "line-buffered", either, but, as the
reason for doing line-buffering is to allow the output of Tethereal to
be piped to a program and to have that program see the output for a
packet as soon as the packet is seen and dissected, it should be just as
good as line-buffered.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3047
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 16 Feb 2001 22:53:07 +0000 (22:53 +0000)]
3rd time's a charm.
Check against the *correct* buffer size.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3046
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 16 Feb 2001 21:44:54 +0000 (21:44 +0000)]
Off-by-a-little-bit in adjusting the offset.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3045
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 16 Feb 2001 21:41:00 +0000 (21:41 +0000)]
Don't trust avp_length, which is taken directly from the packet data.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3044
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 16 Feb 2001 19:45:38 +0000 (19:45 +0000)]
Actually, this works better.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3043
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 16 Feb 2001 19:44:16 +0000 (19:44 +0000)]
Use the proper way to denote that a single operation
produces 2 files. (grammar.lemon --> grammar.c grammar.h)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3042
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 15 Feb 2001 19:46:41 +0000 (19:46 +0000)]
Updates from Alexandre P. Ferreira.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3041
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 15 Feb 2001 09:25:38 +0000 (09:25 +0000)]
Don't cast the function argument to "qsort()" to the expected type, make
the function have the expected type.
Make the arguments to comparison functions used by the merge sort be
"const void *", not "void *", just as the arguments to the comparison
functions used by "qsort()" are "const void *".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3040
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 15 Feb 2001 06:22:46 +0000 (06:22 +0000)]
More prototype fun - make the Lemon parser allocate and free routines
take fully-prototyped function arguments with types appropriate to
"g_malloc()" and "g_free()", and change the calls to the functions
pointed to by those arguments not pass the extra __FILE__ and __LINE__
arguments.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3039
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 15 Feb 2001 06:08:23 +0000 (06:08 +0000)]
More paranoia - when compiling with GCC 2.x, do checks of the format
string argument and subsequent arguments to "ErrorMsg()".
Fix up the bugs the checks in question found.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3038
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 15 Feb 2001 06:01:23 +0000 (06:01 +0000)]
Change "lemon" *NOT* to cast pointers to "int", as that doesn't work on
LP64 platforms.
Change "lemon" to use function prototypes and the official ANSI C style
of variable-argument-list functions, and to include various system
header files rather than to use non-prototype declaration of various
system functions, to do a lot more type checking.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3037
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 14 Feb 2001 20:03:05 +0000 (20:03 +0000)]
Get rid of the "CHECK_DISPLAY_AS_DATA()" call and the setting of
"pinfo->current_proto" - this routine is called only through a dissector
table, and the code to call through a dissector table does that stuff
for you.
Clear the Info column before doing anything that could throw an
execption, so that if an exception is thrown the display doesn't show
junk left over from the protocol above us.
Get rid of the GCCism "case N ... M".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3036
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 14 Feb 2001 17:01:44 +0000 (17:01 +0000)]
Add MIP extensions. Re-work some of the tvbuff-handling logic.
Update Stefan's e-mail address.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3035
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 14 Feb 2001 09:40:20 +0000 (09:40 +0000)]
Rename "SP_ERROR" to "SP_ERROR_MSG" to avoid a #define collision with
yet another Windows #define.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3034
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 14 Feb 2001 09:38:10 +0000 (09:38 +0000)]
Sigh. Microsoft Visual C++ 6.0 won't convert a "guint64" to a "double"
- it only allows you to convert a *signed* 64-bit integer to a "double".
Cast the result of "pletohll()" to "gint64" before returning it from a
function that returns a "double".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3033
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 14 Feb 2001 07:15:39 +0000 (07:15 +0000)]
"Decode As" UI cleanups, and documentation, from David Hampton.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3032
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 13 Feb 2001 20:47:17 +0000 (20:47 +0000)]
Updates from Yaniv Kaul to show the certificate encoding and type
symbolically.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3031
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 13 Feb 2001 18:34:51 +0000 (18:34 +0000)]
In a display filter expression, make a field name refer to any of the
fields with that name.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3030
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 13 Feb 2001 18:28:29 +0000 (18:28 +0000)]
Updates from Mike Frisch.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3029
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 13 Feb 2001 07:07:17 +0000 (07:07 +0000)]
You have to define "htolell()" on little-endian platforms, too....
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3028
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 13 Feb 2001 00:50:05 +0000 (00:50 +0000)]
Changes from Chris Jepeway to
in some places use "guint64", on plaforms where it's available,
rather than floating point (we don't yet use it universally, as
we'd have to provide code to do 64-bit arithmetic on
platforms/compilers where 64-bit integral types aren't
supported);
use .838096 microseconds rather than 1 microseconds as the time
stamp units for NetXRay 2.x format, as those capture files seem
to use that time stamp (that's the Sniffer "PC" time stamp;
perhaps when Network Associates assimilated Cinco, they changed
the time stamp units).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3027
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 13 Feb 2001 00:17:55 +0000 (00:17 +0000)]
Updates from Neil Hunter.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3026
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 13 Feb 2001 00:01:08 +0000 (00:01 +0000)]
Changes to correctly decode BOOTP option 82, from Greg Kilfoyle.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3025
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 12 Feb 2001 10:06:51 +0000 (10:06 +0000)]
If there are multiple fields with the same name, list only one of them
in the output of "{ethereal,tethereal} -G", so that it appears only once
in the documentation.
Expand some comments to give more details.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3024
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 12 Feb 2001 09:06:19 +0000 (09:06 +0000)]
If you register more than one field with the same name, the dfilter code
can now handle that; this allows us to register both the modulo-8 and
the modulo-128 versions of various X.25 bitfields with "x.25.XXX" names,
which lets us get rid of the "ex.25" protocol stuff completely and use
"x.25" for both modulo-8 and modulo-128 X.25. Do so. (Also, fix up
some cases where we appeared to be using the modulo-8 fields when
dissecting modulo-128 X.25.)
This, in turn, allows us to register the X.25 dissector, as there's now
only one protocol with which it's associated, and make it static and
have it called only through a handle, and to, when registering it with
the "llc.dsap" dissector table, associate it with "proto_x25".
That, in turn, allows us to get rid of the "CHECK_DISPLAY_AS_DATA()"
calls, and the code to set "pinfo->current_proto", in the X.25
dissector.
The code for the display filter expression dialog would, if there are
two fields with the same name registered under a protocol, list both of
them; have it list only one of them - the fields should have the same
type, the same radix, and the same value_string/true_false_string table
if any (if they don't, they're really not the same field...).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3023
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 12 Feb 2001 01:17:23 +0000 (01:17 +0000)]
Display Ethernet protocol types in hex, not decimal (that's how they're
generally shown), and display port numbers and IP protocol numbers as
unsigned.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3022
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 11 Feb 2001 23:19:00 +0000 (23:19 +0000)]
"Off-hoke"? What had I been smoking when I typed that?
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3021
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 11 Feb 2001 23:02:05 +0000 (23:02 +0000)]
Inactivate the "Decode As" menu item if the "Decode As" dialog box
wouldn't actually offer any options to the user.
Make a bunch of routines static that aren't used outside
"decode_as_dlg.c".
Remove the declaration of the nonexistent "decode_as_register_tcpudp()"
routine.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3020
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 11 Feb 2001 22:46:27 +0000 (22:46 +0000)]
In an "Update list of packets in real time" capture, pass the number of
dropped packets from the child to the parent.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3019
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 11 Feb 2001 22:36:57 +0000 (22:36 +0000)]
Change the protocol between the parent and child processes in an "Update
list of packets in real time" capture so that "!" always indicates an
error, with the "!" preceded by a count of characters in the error
message and followed by the text of the error, and so that those error
messages can be sent after the capture has started.
Use that to report capture errors, and errors writing to the capture
file, while the capture is under way.
Use #defines for the message type characters in that protocol.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3018
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 11 Feb 2001 21:29:03 +0000 (21:29 +0000)]
Report failures of "pcap_stats()", as tcpdump does.
Print the "Capturing on <interface>" message, the running count of
packets captured, and error messages to the standard error in Tethereal,
so that you can pipe the output of a live capture that's printing
packets to a program or script without that script having to worry about
parsing stuff other than dissected packet summaries or details (tcpdump
does the same).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3017
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 11 Feb 2001 09:28:17 +0000 (09:28 +0000)]
In Ethereal, attempt to get the packet statistics from libpcap when
capturing; if we succeed, display the packet drops count as the "Drops"
value in the status line and as the "Dropped packets" statistics in the
summary dialog box, otherwise don't display it at all.
In Tethereal, attempt to get the packet statistics from libpcap when
capturing; if we succeed, and if there were any dropped packets, print
out the count of dropped packets when the capture finishes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3016
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sun, 11 Feb 2001 03:29:53 +0000 (03:29 +0000)]
Make boolean equality/inequality tests smarter; they don't test
for exact value matches, but just that the two values are either zero
or non-zero.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3015
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sun, 11 Feb 2001 03:19:45 +0000 (03:19 +0000)]
Add rule for dftest.exe
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3014
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sun, 11 Feb 2001 03:12:46 +0000 (03:12 +0000)]
Remove unused variable and add copyright and RCS ID.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3013
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 10 Feb 2001 09:28:04 +0000 (09:28 +0000)]
Updates from Alexandre P. Ferreira.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3012
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 10 Feb 2001 09:08:14 +0000 (09:08 +0000)]
Check for errors when writing a capture file.
Report errors when writing or closing a capture file.
Clean up some I/O error messages.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3011
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 9 Feb 2001 18:26:04 +0000 (18:26 +0000)]
Further NFSV4 updates from Mike Frisch.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3010
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 9 Feb 2001 08:38:13 +0000 (08:38 +0000)]
When dissecting an indirect call reply, if either there's an old-style
or new-style dissector for the reply, we can dissect the reply; there
doesn't have to be a new-style dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3009
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 9 Feb 2001 07:59:00 +0000 (07:59 +0000)]
For indirect RPC calls, remember the call information, and add a
dissector for indirect replies that looks up the call. Use them in the
portmapper/RPCBIND dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3008
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 9 Feb 2001 06:49:29 +0000 (06:49 +0000)]
Make a "dissect_rpc_indir_call()" routine to dissect arguments to a
specified program/version/procedure, and a "rpc_proc_name()" routine to
return the name of a specified program/version/procedure, and make the
callit dissector use those, rather than doing the work itself.
Un-export various routines and declarations that can again be private to
the RPC dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3007
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 9 Feb 2001 06:08:11 +0000 (06:08 +0000)]
Add "TFTP_" before the packet type names, to avoid compiler warnings on
Windows where ERROR is #defined by some header file that gets included
by "packet-tftp.c".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3006
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 9 Feb 2001 00:11:44 +0000 (00:11 +0000)]
Change to include Service ID field in dissection of Service Info
component of WCCP 2 messages even if the service type is
WCCP2_SERVICE_DYNAMIC, from Simharajan Srishylam.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3005
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 8 Feb 2001 08:38:58 +0000 (08:38 +0000)]
On at least one capture, the PIM checksum appears to be correct, so
add code to check it - I've no idea what's going on with the other
captures where it's not correct, but those captures have a different
(and apparently incorrect) checksum for packets with the *exact same
contents* (other than the checksum) as the PIM packet in the capture
where the checksum is correct, so perhaps those packets actually had bad
checksums.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3004
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 8 Feb 2001 07:32:11 +0000 (07:32 +0000)]
Don't fetch any of the fields past the BPDU type if the BPDU type isn't
0; topology change notification frames don't *have* anything past the
BPDU type to fetch.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3003
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 8 Feb 2001 07:08:05 +0000 (07:08 +0000)]
Pull a lot of common code for handling 802.3 frames (i.e., frames with a
length field rather than an Ethernet type field) into a
"dissect_802_3()" routine.
In that routine, catch exceptions thrown by the IPX or LLC dissector or
dissectors under them, so that the trailer information is added to the
tree even if an exception is thrown (similar to what "ethertype()"
does).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3002
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 8 Feb 2001 07:06:55 +0000 (07:06 +0000)]
In "call_dissector()", if the protocol for the dissector referred to by
the handle has been disabled, return after calling "dissect_data()",
rather than driving on and calling the dissector anyway.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3001
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 8 Feb 2001 03:59:12 +0000 (03:59 +0000)]
Set the Protocol column, and clear the Info column, before we start
fetching anything from the packet, so that if an exception is thrown
those columns don't show something from the previous protocol.
Don't fetch the protocol identifier or protocol version identifier
before you use them.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3000
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 8 Feb 2001 03:55:45 +0000 (03:55 +0000)]
If we failed to open a capture file specified by the "-r" flag, don't
attempt to free the read filter if we don't have a read filter.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2999
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 7 Feb 2001 22:10:49 +0000 (22:10 +0000)]
Updates from Mike Frisch.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2998
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 7 Feb 2001 00:20:02 +0000 (00:20 +0000)]
Add in the various payload type definitions from RFC 1890.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2997
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 6 Feb 2001 18:43:24 +0000 (18:43 +0000)]
The "short name" and "filter name" were reversed; put them in the right
order.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2996
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 6 Feb 2001 06:56:19 +0000 (06:56 +0000)]
Add support for dissecting V3 CALLIT and V4 BCAST/INDIRECT calls.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2995
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 6 Feb 2001 06:46:10 +0000 (06:46 +0000)]
Tvbuffify the portmap/rpcbind dissector, and implement part of CALLIT
dissection (dissection of V2 CALLIT calls; no V3/V4 stuff or reply
handling yet).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2994
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 5 Feb 2001 02:47:31 +0000 (02:47 +0000)]
Fix up some MSVC complaints about (narrowing) type conversions by
widening formal arguments or narrowing variables passed as actual
arguments.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2993
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 5 Feb 2001 02:06:27 +0000 (02:06 +0000)]
Maximum frame size values in the second byte of the routing control
information aren't shifted right 4 bytes when put into the protocol
tree; shift left by 4 bytes the values in the value_string table for
them.
A value of 7 means 65535 bytes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2992
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 4 Feb 2001 19:44:24 +0000 (19:44 +0000)]
Add a "-f" flag to the "rm", so that "make clean" won't get an error
(and cause a higher-level "make clean" to stop) if any of the files to
be removed aren't there.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2991
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 4 Feb 2001 10:29:49 +0000 (10:29 +0000)]
Pass the correct tvbuff from the Vines Fragmentation Protocol dissector
to the Vines IP dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2990
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 4 Feb 2001 09:37:28 +0000 (09:37 +0000)]
L3PIDs are Ethertypes; display them as such.
Use "decode_boolean_bitfield()" to dissect flag bits.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2989
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 4 Feb 2001 09:04:11 +0000 (09:04 +0000)]
Add support for replies to NLMv3 SHARE and UNSHARE requests and to the
remaining NLMv4 requests.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2988
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 4 Feb 2001 08:21:35 +0000 (08:21 +0000)]
Tvbuffify the RSVP dissector.
Display the message checksum, and check it if possible.
Fix some IPv6 entries to be 16 bytes long, not 4 bytes long.
Make the routine to fetch an IEEE floating point number and turn it into
a "long" take a tvbuff pointer and offset rather than a pointer to data.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2987
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Sat, 3 Feb 2001 20:08:04 +0000 (20:08 +0000)]
As pointed out by Aaron C. Springer (and according to RFC 1827), it's
"Encapsulating Security Payload," and not "Encapsulated Security Payload."
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2986
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 3 Feb 2001 08:21:47 +0000 (08:21 +0000)]
Tvbuffify the Oracle TNS dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2985
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 3 Feb 2001 08:07:04 +0000 (08:07 +0000)]
Use "pinfo", not "pi", to get packet info.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2984
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 3 Feb 2001 07:58:27 +0000 (07:58 +0000)]
Tvbuffify the IRC dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2983
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 3 Feb 2001 06:25:17 +0000 (06:25 +0000)]
Use "dfilter_apply_edt()" rather than "dfilter_apply()".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2982
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 3 Feb 2001 06:10:11 +0000 (06:10 +0000)]
Increment the line number for every line seen.
Fix the handling of one error case.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2981
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 3 Feb 2001 06:03:42 +0000 (06:03 +0000)]
Allow filter names and expressions of arbitrary length, and, in the
filter files, escape quotes and backslashes so that quotes and
backslashes in filter names work.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2980
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 2 Feb 2001 04:03:43 +0000 (04:03 +0000)]
Add Makefile.nmake files for new subdirs.
Add them to EXTRA_DIST in corresponding Makefile.am's so that they
get packaged with the distribution.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2979
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Thu, 1 Feb 2001 23:39:18 +0000 (23:39 +0000)]
Catch any exception thrown by accessing the tvbuff.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2978
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 1 Feb 2001 22:40:49 +0000 (22:40 +0000)]
Fix the previous checkin to correctly handle presence tests on
protocols.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2977
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 1 Feb 2001 22:33:58 +0000 (22:33 +0000)]
For protocols, call the test for the field being present "has this
protocol" rather than "is present".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2976
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 1 Feb 2001 22:28:58 +0000 (22:28 +0000)]
Use the pretty name for the type, not the internal name, in the help
dialog for display filter fields.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2975
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 1 Feb 2001 22:21:30 +0000 (22:21 +0000)]
Use the ftype routines to determine what tests can be done on a field,
and whether you can slice a field.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2974
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 1 Feb 2001 22:01:42 +0000 (22:01 +0000)]
FT_PROTOCOL is like FT_NONE; you can only test for the field's presence
(XXX or absence - we should offer that choice in the dialog).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2973
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 1 Feb 2001 21:52:16 +0000 (21:52 +0000)]
Make some pointers "guchar" pointers, so that characters extracted from
strings are unsigned, so that we can hand them to "isXXX()" macros
without GCC warning us that an array subscript is "char" (as in "if this
is a character with the 8th bit set, you may not get the answer you
think you should from 'isXXX()'").
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2972
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 1 Feb 2001 21:48:02 +0000 (21:48 +0000)]
Declare "proto_tree_set_protocol_tvb()" at the top, along with the other
"proto_tree_set_XXX_tvb()" routines.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2971
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 1 Feb 2001 21:46:48 +0000 (21:46 +0000)]
Rename the "optarg()" and "opterr()" functions to "get_optarg()" and
"get_opterr()" so they don't collide with "getopt()"s "optarg" and
"opterr" globals (Solaris 2.6's <stdio.h> declares both "optarg" and
"opterr", causing "lemon.c" not to compile).
Define "safe_isXXX()" macros to call "isXXX()" after casting the
argument to "unsigned char" to handle characters with the 8th bit set.
Make some "int" variables used only to hold characters "char" instead.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2970
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Thu, 1 Feb 2001 20:36:01 +0000 (20:36 +0000)]
Always show the scrollbar in the tree view panel, so that the scrollbar
doesn't appearn and disappear depending on the size of the proto tree
in relation to the view window. I didn't like the horizontal jumps that
the proto tree had to do when the scrollbar either disappeared or
appeared.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2969
f5534014-38df-0310-8fa8-
9805f1628bb7