18 years agoOn Windows, put Ethereal configuration files under the "Application
guy [Wed, 24 Oct 2001 06:13:07 +0000 (06:13 +0000)]
On Windows, put Ethereal configuration files under the "Application
Data\Ethereal" directory under the user's profile, as that appears to be
the Windows 2000 standard.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4071 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoShow parameter types in hex.
guy [Tue, 23 Oct 2001 20:14:20 +0000 (20:14 +0000)]
Show parameter types in hex.

Make enumerated types be fields with a value_string table, so that you
can filter on them by name.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4070 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoIn some versions of GRE, you can have ACK-only packets; if a packet
guy [Tue, 23 Oct 2001 19:02:59 +0000 (19:02 +0000)]
In some versions of GRE, you can have ACK-only packets; if a packet
doesn't have the S bit set, check whether it has any payload before
attempting to hand off the payload to the next dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4069 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoInclude <direct.h> on Windows systems, to declare "mkdir()".
guy [Tue, 23 Oct 2001 08:15:11 +0000 (08:15 +0000)]
Include <direct.h> on Windows systems, to declare "mkdir()".

On Windows, put the ".ethereal" directory under the user profile
directory rather than the home directory.

Update the documentation to reflect that, and to fix other out-of-date
information, as well as some typos.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4068 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoWhen putting protocols into the list of protocols, do a case-insensitive
guy [Tue, 23 Oct 2001 05:40:36 +0000 (05:40 +0000)]
When putting protocols into the list of protocols, do a case-insensitive

Give iSCSI the short name "iSCSI" rather than "ISCSI".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4067 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFix some field names to begin with "iua", not "hf".
guy [Tue, 23 Oct 2001 05:23:58 +0000 (05:23 +0000)]
Fix some field names to begin with "iua", not "hf".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4066 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoAdd a new routine to create the ".ethereal" directory for a user.
guy [Tue, 23 Oct 2001 05:01:02 +0000 (05:01 +0000)]
Add a new routine to create the ".ethereal" directory for a user.

Use that routine rather than duplicating that code in the routines to
write out the preference file and filter files.

Use it in the code for the color filter dialog, so that the directory in
question is created if necessary.

As that routine returns an error indication, have the code that calls
that routine put up a message box if the attempt fails.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4065 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoAdditional items for RADIUS tunnels, from Pavel Novotny.
guy [Tue, 23 Oct 2001 04:11:58 +0000 (04:11 +0000)]
Additional items for RADIUS tunnels, from Pavel Novotny.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4064 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoInclude <stdio.h> to declare "sprintf()".
guy [Tue, 23 Oct 2001 03:40:39 +0000 (03:40 +0000)]
Include <stdio.h> to declare "sprintf()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4063 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoThe only reason we care about the user's home directory is that their
guy [Mon, 22 Oct 2001 23:16:01 +0000 (23:16 +0000)]
The only reason we care about the user's home directory is that their
".ethereal" directory is under it; get rid of "get_home_dir()", and put
its code inside "get_persconffile_dir()".  (The personal configuration
file directory may move, on Windows, to the user's profile directory.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4062 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoAdd a routine to get the directory in which personal configuration files
guy [Mon, 22 Oct 2001 22:59:26 +0000 (22:59 +0000)]
Add a routine to get the directory in which personal configuration files
reside.  Use it, rather than concatenating the user's home directory and
".ethereal" in a number of files.

Fix up some additional places to use G_DIR_SEPARATOR_S as the pathname

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4061 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFix Martti Kuparinen's e-mail address, as per his request.
guy [Mon, 22 Oct 2001 21:05:15 +0000 (21:05 +0000)]
Fix Martti Kuparinen's e-mail address, as per his request.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4060 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Yaniv Kaul - handle UDP-encapsulated IPSec NAT Keepalive packets.
guy [Mon, 22 Oct 2001 20:45:58 +0000 (20:45 +0000)]
From Yaniv Kaul - handle UDP-encapsulated IPSec NAT Keepalive packets.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4059 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Georg von Zezschwitz: fix an uninitialized variable, dissect the
guy [Mon, 22 Oct 2001 20:37:51 +0000 (20:37 +0000)]
From Georg von Zezschwitz: fix an uninitialized variable, dissect the
S-max-age value in Cache-Control headers, and handle the 1.1, 1.3, and
1.4 encoding of Cache-Control headers.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4058 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoUse G_DIR_SEPARATOR_S rather than "/" as a pathname separator in format
guy [Sun, 21 Oct 2001 21:56:05 +0000 (21:56 +0000)]
Use G_DIR_SEPARATOR_S rather than "/" as a pathname separator in format
strings used to generate pathnames.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4057 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoUse G_DIR_SEPARATOR_S rather than "/" as a pathname separator in format
guy [Sun, 21 Oct 2001 21:48:00 +0000 (21:48 +0000)]
Use G_DIR_SEPARATOR_S rather than "/" as a pathname separator in format
strings used to generate pathnames.

Move the definition of PF_DIR from <epan/epan.h> to <epan/filesystem.h>,
so that files requiring only the definition of PF_DIR don't have to
include <epan/epan.h>, and get rid of no-longer-necessary includes of

Add a routine to get the directory for "system files" such as
"/etc/ethers" - it's "/etc" on UNIX, and the datafile directory on
Windows (as there's no "/etc" on Windows).  Use that to construct the
pathname of the ethers and ipxnet files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4056 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoOn Windows, get the "ethers" and "ipxnets" file from the directory in
guy [Sun, 21 Oct 2001 19:54:49 +0000 (19:54 +0000)]
On Windows, get the "ethers" and "ipxnets" file from the directory in
which the Ethereal binary is found; there's no notion of "/etc" or of
"/etc/ethers" or "/etc/ipxnets" files on Windows.

Update the documentation to reflect that, and fix a typo in the Ethereal
and Tethereal man pages.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4055 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoGive the "iscsi_desegment" and "iscsi_port" the right types, matching
guy [Sun, 21 Oct 2001 19:04:20 +0000 (19:04 +0000)]
Give the "iscsi_desegment" and "iscsi_port" the right types, matching
the declarations of the functions to which a pointer to them is passed;
this also fixes it so it compiles with MSVC++, as there's no "uint" type
declared by MSVC++ by default.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4054 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoEnhanced Ethereal icon from Gordon McKinney:
guy [Sun, 21 Oct 2001 17:38:43 +0000 (17:38 +0000)]
Enhanced Ethereal icon from Gordon McKinney:

I have enhanced the standard Ethereal Icon and added the following

    * 32x32 - 256 Colour with transparency
    * 16x16 - 256 Colour with transparency
    * 16x16 - 16 Colour

Add to the list of authors in the man page the names of people who've
contributed to Wiretap but not to the rest of Ethereal - there's
currently no Wiretap man page, so we might as well give them credit in
the Ethereal man page.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4053 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoKeep the list of modules with preferences sorted by the module name, in
guy [Sun, 21 Oct 2001 17:30:50 +0000 (17:30 +0000)]
Keep the list of modules with preferences sorted by the module name, in
dictionary order (case-insensitive), so that they show up in order in
the "Preferences" dialog box.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4052 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoUpdates from Mark Burton:
guy [Sun, 21 Oct 2001 17:20:10 +0000 (17:20 +0000)]
Updates from Mark Burton:

The enclosed code contains the following improvements:

1 - Compatible with 08 version of the protocol

2 - Handles both header and data digests

3 - Supports desegmentation

4 - Dissects multiple PDUs per packet

5 - Stronger heuristics to avoid dissecting non-iSCSI packets

6 - General rationalisation and de-crufting!

The old code that attempted to automatically detect the presence
of a header digest has been removed.  You now have to specify in
the iSCSI preferences whether digests are enabled and if they
are, whether they are CRC32 or not.  If not CRC32, you also need
to specify the size of the digests (in bytes).

Another new option specifies the iSCSI port number.  This is
used in the heuristics to filter out packets with silly port
numbers, set to 0 to disable the port filter.

One problem that I haven't been able to track down is that if
desegmentation is enabled and you turn digests on or off
ethereal throws a SEGV.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4051 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoAdd little arrows to the column titles to indicate which column we're
gerald [Sun, 21 Oct 2001 16:15:21 +0000 (16:15 +0000)]
Add little arrows to the column titles to indicate which column we're
using to sort as well as the sort direction.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4050 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoProperly handle the andX command in a LockingAndX message.
guy [Sat, 20 Oct 2001 19:29:21 +0000 (19:29 +0000)]
Properly handle the andX command in a LockingAndX message.

Fix up some closing braces.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4049 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoIf we decide that a packet to or from port 2000 isn't really a Skinny
guy [Sat, 20 Oct 2001 18:42:01 +0000 (18:42 +0000)]
If we decide that a packet to or from port 2000 isn't really a Skinny
Client Control Protocol packet, at least dissect its payload as data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4048 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFT_UINTn values must always have a base, even if they're bitfields - the
guy [Sat, 20 Oct 2001 18:30:50 +0000 (18:30 +0000)]
FT_UINTn values must always have a base, even if they're bitfields - the
width of the item containing the bitfield is "n", so you don't have to
specify it explicitly, as you have to do with FT_BOOLEAN bitfields.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4047 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoUse "val_to_str()", rather than "match_strval()", in "socket_text()".
guy [Sat, 20 Oct 2001 18:10:39 +0000 (18:10 +0000)]
Use "val_to_str()", rather than "match_strval()", in "socket_text()".

Make the source and destination socket fields enumerated types, so we
don't have to use "proto_tree_add_uint_format()" on them, and so that
you can match on them by service name.

Use lower-case letters when formatting the hex value of sockets; that's
what's done with fields not added with "proto_tree_add_XXX_format".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4046 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Tom Uijldert: fix to the date decoding, fix a field's name, and
guy [Fri, 19 Oct 2001 21:40:48 +0000 (21:40 +0000)]
From Tom Uijldert: fix to the date decoding, fix a field's name, and
protocol-name cosmetic changes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4045 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Tom Uijldert: fix the port number for Push-traffic dissecting for
guy [Fri, 19 Oct 2001 21:34:28 +0000 (21:34 +0000)]
From Tom Uijldert: fix the port number for Push-traffic dissecting for

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4044 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Mark Burton: update to the -08 draft.
guy [Fri, 19 Oct 2001 20:53:14 +0000 (20:53 +0000)]
From Mark Burton: update to the -08 draft.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4043 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoDBS Etherwatch wiretap module, from Marc Milgram.
guy [Fri, 19 Oct 2001 20:18:48 +0000 (20:18 +0000)]
DBS Etherwatch wiretap module, from Marc Milgram.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4042 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoL2TP Dissconnect Cause Information AVP support, from Motonori Shindo.
guy [Fri, 19 Oct 2001 09:12:53 +0000 (09:12 +0000)]
L2TP Dissconnect Cause Information AVP support, from Motonori Shindo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4041 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Frank Singleton: catch attempts to use recursive unions or
guy [Thu, 18 Oct 2001 21:49:58 +0000 (21:49 +0000)]
From Frank Singleton: catch attempts to use recursive unions or

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4040 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoVMS TCPIPtrace wiretap module, from Marc Milgram.
guy [Thu, 18 Oct 2001 20:29:56 +0000 (20:29 +0000)]
VMS TCPIPtrace wiretap module, from Marc Milgram.

Update the lists of known capture file formats in the Tethereal,
editcap, and mergecap man pages to match the current list (as found in
the Ethereal man page).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4039 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoAdd link to local mirror.
gerald [Thu, 18 Oct 2001 15:44:36 +0000 (15:44 +0000)]
Add link to local mirror.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4038 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Georg von Zezschwitz:
guy [Thu, 18 Oct 2001 08:23:24 +0000 (08:23 +0000)]
From Georg von Zezschwitz:

Fix a bug with WSP Connect requests with headers > 256 bytes
Implement attributes of WSP Suspend/Resume

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4037 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agofixed bug in packet-smb-pipe.c dissect_transact_data routine. If the
jfoster [Wed, 17 Oct 2001 21:24:28 +0000 (21:24 +0000)]
fixed bug in packet-smb-pipe.c dissect_transact_data routine. If the
aux_count_p value was NULL the program would SIGSEGV when *aux_count_p
was initially set to 0. Added NULL pointer test.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4036 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoEnable building of the coseventcomm plugin on Win32.
gram [Wed, 17 Oct 2001 19:27:43 +0000 (19:27 +0000)]
Enable building of the coseventcomm plugin on Win32.
Some of these changs are from Frank Singleton, some are mine.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4035 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoThe Quake3 dissector wasn't in the previous release, only users running
guy [Tue, 16 Oct 2001 07:35:11 +0000 (07:35 +0000)]
The Quake3 dissector wasn't in the previous release, only users running
CVS versions would've had "quake3.udp.port" in the preferences file;
therefore, we can remove the code to map them to "quake3.udp.arena_port"
and "quake3.udp.master_port".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4034 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoUpdate from Scott Renfro: a simple patch that adds support for FIPS
guy [Tue, 16 Oct 2001 07:13:01 +0000 (07:13 +0000)]
Update from Scott Renfro: a simple patch that adds support for FIPS
Cipher Suite identifiers.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4033 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoDon't create a Wiretap dump file unless we're at least sure we support
guy [Tue, 16 Oct 2001 04:58:24 +0000 (04:58 +0000)]
Don't create a Wiretap dump file unless we're at least sure we support
the specified encapsulation with the specified capture file type, and
that we can allocate a "wtap_dumper *".

If we could do all that, and could create the dump file, but the
file-type-specific create routine fails (e.g., because there's not
enough disk space to write out the header), remove the dump file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4032 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFix conversation_new description. Add descriptions for
gerald [Tue, 16 Oct 2001 01:57:12 +0000 (01:57 +0000)]
Fix conversation_new description.  Add descriptions for
conversation_add_proto_data, conversation_get_proto_data, and

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4031 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFixes from Steffen Weinreich:
guy [Mon, 15 Oct 2001 03:54:05 +0000 (03:54 +0000)]
Fixes from Steffen Weinreich:

fix the processing of the month and year fields in the SCTC
Timestamp (the month is 1-origin, so subtract 1 from it before
putting it in "tm_mon", which is 0-origin; the year is a 2-digit
field that is, at least, Y2K-safe (but Y2.1K-unsafe), so if it's
less than 90, assume it's in the 21st century);

UCP OT 50-57 messages have a fixed number of fields and a
special handling of the MT is not necessary, so get rid of that.

Also, fix a typo in a comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4030 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFixes to take the Vendor-Specific attribute into consideration when
guy [Mon, 15 Oct 2001 03:27:38 +0000 (03:27 +0000)]
Fixes to take the Vendor-Specific attribute into consideration when
dissecting L2TP, from Motonori Shindo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4029 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoMake NEWS current to today (October 13).
gerald [Sat, 13 Oct 2001 19:31:47 +0000 (19:31 +0000)]
Make NEWS current to today (October 13).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4027 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoA small patch from Moronori Shindo to fix compiles under MSVC etc ...
sharpe [Sat, 13 Oct 2001 12:05:32 +0000 (12:05 +0000)]
A small patch from Moronori Shindo to fix compiles under MSVC etc ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4026 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoPut the scrollbar for the scrolled window containing the CList in the
guy [Sat, 13 Oct 2001 07:56:27 +0000 (07:56 +0000)]
Put the scrollbar for the scrolled window containing the CList in the
preferences dialog where the user specified, and register that scrolled
window so that if the preference is changed the scrollbar moves.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4025 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoSet the data for E_{PRINT,COLUMN,STREAM,GUI}_PAGE_KEY to the notebook
guy [Sat, 13 Oct 2001 07:47:30 +0000 (07:47 +0000)]
Set the data for E_{PRINT,COLUMN,STREAM,GUI}_PAGE_KEY to the notebook
page for the preferences item rather than to the frame for the
preferences item, as that's what the code in "gtk/gui_prefs.c" expects
(otherwise you get errors).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4024 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoThe Quake III dissector called both the arena server port preference and
guy [Sat, 13 Oct 2001 07:43:25 +0000 (07:43 +0000)]
The Quake III dissector called both the arena server port preference and
the master server port preference "quake3.udp.port"; rename them to
"quake3.udp.arena_port" and "quake3.udp.master_port".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4023 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoMake current up to August 31.
gerald [Fri, 12 Oct 2001 21:20:40 +0000 (21:20 +0000)]
Make current up to August 31.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4022 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoGet NEWS current up to July 31, update version to 0.8.20.
gerald [Fri, 12 Oct 2001 17:17:05 +0000 (17:17 +0000)]
Get NEWS current up to July 31, update version to 0.8.20.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4021 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Frank Singleton:
guy [Fri, 12 Oct 2001 17:14:41 +0000 (17:14 +0000)]
From Frank Singleton:

Added some functionality to idl2eth to allow C code generation
and display of CORBA IDL Enum's as symbolic values, along side
the numerical value currently being displayed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4020 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoSigh. A MacOS X 10.1 appeared to have put out a malformed NetBIOS
guy [Fri, 12 Oct 2001 01:41:03 +0000 (01:41 +0000)]
Sigh.  A MacOS X 10.1 appeared to have put out a malformed NetBIOS
session request with a length greater than 128 bytes; crank the length
limitation up to 256.  (Perhaps I've misread the DNS spec or the
NetBIOS-over-TCP spec, but the request sure *looked* as if it had a
bogus second-level-encoding in the calling machine name.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4019 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFor the SCCP message ID field, use the formerly commented-out version
guy [Thu, 11 Oct 2001 16:04:36 +0000 (16:04 +0000)]
For the SCCP message ID field, use the formerly commented-out version
with the value_string table, as per mail from Joerg.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4018 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoGet rid of C++ comment.
guy [Thu, 11 Oct 2001 16:01:53 +0000 (16:01 +0000)]
Get rid of C++ comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4017 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoInitial Skinny Client Control Protocol support, from Joerg Mayer.
guy [Thu, 11 Oct 2001 16:01:10 +0000 (16:01 +0000)]
Initial Skinny Client Control Protocol support, from Joerg Mayer.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4016 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoReduce the CinemaScope-like proportions of the preferences dialog by
gerald [Thu, 11 Oct 2001 02:17:29 +0000 (02:17 +0000)]
Reduce the CinemaScope-like proportions of the preferences dialog by
getting rid of the notebook tabs and using a CTree to select pages.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4015 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoInstead of saying the "manuf" file is in "/usr/local/etc/manuf", say
guy [Thu, 11 Oct 2001 01:21:50 +0000 (01:21 +0000)]
Instead of saying the "manuf" file is in "/usr/local/etc/manuf", say
it's in the "etc" subdirectory of the installation directory on UNIX and
in the installation directory on Windows, and give the typical pathnames
of both of those directories.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4014 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoInstall the "manuf" file.
guy [Thu, 11 Oct 2001 01:04:19 +0000 (01:04 +0000)]
Install the "manuf" file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4013 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoadd a couple of socket numbers that seem to be consistently allocated for these services
nneul [Mon, 8 Oct 2001 18:20:01 +0000 (18:20 +0000)]
add a couple of socket numbers that seem to be consistently allocated for these services

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4012 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoAs UCP is atop TCP, its dissector isn't called unless there's at least
guy [Mon, 8 Oct 2001 17:42:18 +0000 (17:42 +0000)]
As UCP is atop TCP, its dissector isn't called unless there's at least
one byte in the tvbuff being handed to it, so the check I added for the
existence of that byte is unnecessary.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4011 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoRemove the check I added to see whether the length of the packet, based
guy [Mon, 8 Oct 2001 17:37:52 +0000 (17:37 +0000)]
Remove the check I added to see whether the length of the packet, based
on the location of the UCB_ETX, is greater than the length of the tvbuff
- that can never happen, as the UCB_ETX is, as it was found, definitely
inside the tvbuff.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4010 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoUCP support, from Tom Uijldert.
guy [Mon, 8 Oct 2001 17:30:23 +0000 (17:30 +0000)]
UCP support, from Tom Uijldert.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4009 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agomore packet types and fix some incorrect offsets and sizes in other packets
nneul [Mon, 8 Oct 2001 14:32:06 +0000 (14:32 +0000)]
more packet types and fix some incorrect offsets and sizes in other packets

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4008 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Joerg Mayer: explain in the "LWP isn't installed" message where you
guy [Sun, 7 Oct 2001 22:19:14 +0000 (22:19 +0000)]
From Joerg Mayer: explain in the "LWP isn't installed" message where you
can get LWP.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4007 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Joerg Mayer: a patch to add 00:40:96 as an OUI for Aironet wireless
guy [Sun, 7 Oct 2001 09:27:57 +0000 (09:27 +0000)]
From Joerg Mayer: a patch to add 00:40:96 as an OUI for Aironet wireless
devices (which are now Cisco wireless devices, as Cisco bought Aironet).

This overrides the out-of-date assignment of 00:40:96 to Telesystems SLW
in the cavebear.com file (Telesystems SLW were bought by Telxon, who
then apparently spun off their RF division, plus Telesystems, as

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4006 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFix to show FN_PROFILE_WARNING14, rather than FN_PROFILE_WARNING, as
guy [Sun, 7 Oct 2001 08:49:46 +0000 (08:49 +0000)]
Fix to show FN_PROFILE_WARNING14, rather than FN_PROFILE_WARNING, as
"Profile-Warning (encoding 1.4)".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4005 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Georg von Zezschwitz:
guy [Sun, 7 Oct 2001 08:37:29 +0000 (08:37 +0000)]
From Georg von Zezschwitz:

  - A bug related to "WSP header pages" is fixed, that
    resulted into "malformed WSP frame" alerts
  - "Concatenated PDUs" (Multiple PDUs within one UDP
    packet) are now supported (used e.g. by Nokia 8310)
  - The URL of WSP GET/POST requests is display in the
    info column, same like HTTP GET requests

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4004 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agocorrect subtrees for redirect/refuse, alter how data packets are processed, bitfield...
nneul [Sat, 6 Oct 2001 17:58:56 +0000 (17:58 +0000)]
correct subtrees for redirect/refuse, alter how data packets are processed, bitfield'ize the data flag

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4003 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoUse separate items for accept/etc data fields
nneul [Sat, 6 Oct 2001 16:48:00 +0000 (16:48 +0000)]
Use separate items for accept/etc data fields
Add support for redirect and refuse packets (however, I don't have
examples of content for these.)
Change some variable names to match the routines they are in.
Make sure to insert boolean for each packet type.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4002 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agobreak out fields of accept packet, only print connect data if it is actually present
nneul [Sat, 6 Oct 2001 15:45:38 +0000 (15:45 +0000)]
break out fields of accept packet, only print connect data if it is actually present

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4001 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoexpand out all fields in connect packet
nneul [Sat, 6 Oct 2001 15:27:47 +0000 (15:27 +0000)]
expand out all fields in connect packet

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4000 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agomore packet types - starting work on more complete dissection of tns
nneul [Sat, 6 Oct 2001 14:24:36 +0000 (14:24 +0000)]
more packet types - starting work on more complete dissection of tns

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3999 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoUpdate from Todd Sabin to the data representation decoding:
guy [Fri, 5 Oct 2001 20:25:41 +0000 (20:25 +0000)]
Update from Todd Sabin to the data representation decoding:

Fixes a typo in the offset used for the floating point byte
(offset should be offset+1), changes cn_drep* to just drep*
(since it's the same for connection oriented and connectionless
packets), and adds the corresponding code to the connectionless
side of things.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3998 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoDecode the mailslot payload as data in some additional cases where we
guy [Thu, 4 Oct 2001 23:19:01 +0000 (23:19 +0000)]
Decode the mailslot payload as data in some additional cases where we
didn't dissect it as some other protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3997 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoIf the body of a mailslot message isn't decoded as anything we know
guy [Thu, 4 Oct 2001 23:06:49 +0000 (23:06 +0000)]
If the body of a mailslot message isn't decoded as anything we know
about, dump it as data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3996 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Motonori Shindo: have CVS ignore some files generated by Win32
guy [Thu, 4 Oct 2001 21:08:11 +0000 (21:08 +0000)]
From Motonori Shindo: have CVS ignore some files generated by Win32

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3995 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFrom Motonori Shindo:
guy [Thu, 4 Oct 2001 08:52:38 +0000 (08:52 +0000)]
From Motonori Shindo:

Use hex notation in strings for ISO 8859-1 characters as keysym

Fix one error in the table of keysym names.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3994 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoUse longs as file offsets, so that on platforms with 64-bit "long" we
guy [Thu, 4 Oct 2001 08:30:36 +0000 (08:30 +0000)]
Use longs as file offsets, so that on platforms with 64-bit "long" we
can handle capture files bigger than 2GB.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3993 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoAvoid using non-ASCII characters in labels in the protocol tree - some
guy [Thu, 4 Oct 2001 00:30:23 +0000 (00:30 +0000)]
Avoid using non-ASCII characters in labels in the protocol tree - some
compilers may not interpret them as the ISO 8859/1 characters they're
intended to be, and the GUI toolkit or other software through which the
text passes might not interpret them as such, either.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3992 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoAttribute the packet-x11-keysym.h fixes properly.
sharpe [Wed, 3 Oct 2001 15:15:34 +0000 (15:15 +0000)]
Attribute the packet-x11-keysym.h fixes properly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3991 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoApply Monotori Shindo's fixes for X11 double byte chars ...
sharpe [Wed, 3 Oct 2001 15:13:24 +0000 (15:13 +0000)]
Apply Monotori Shindo's fixes for X11 double byte chars ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3990 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFix Monotori Shindo's attributions. I screwed up before ...
sharpe [Mon, 1 Oct 2001 08:58:36 +0000 (08:58 +0000)]
Fix Monotori Shindo's attributions. I screwed up before ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3989 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoMerge the two AUTHORS entries for Motonori Shindo.
guy [Mon, 1 Oct 2001 08:51:31 +0000 (08:51 +0000)]
Merge the two AUTHORS entries for Motonori Shindo.

Fix a typo in the AUTHORS entry for Pasi Eronen, and add him to the list
of authors in the man page.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3988 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoDamn the torpedos[1], commit it anyway.
sharpe [Mon, 1 Oct 2001 08:47:50 +0000 (08:47 +0000)]
Damn the torpedos[1], commit it anyway.

Who said that? I think I know ... F...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3987 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoHave a flag in the "packet_info" structure, which indicates whether the
guy [Mon, 1 Oct 2001 08:29:37 +0000 (08:29 +0000)]
Have a flag in the "packet_info" structure, which indicates whether the
stuff currently being dissected is part of a packet included in an error
packet (e.g., an ICMP Unreachable packet).  Have the TCP dissector not
bother doing reassembly if the TCP segment is part of an error packet,
rather than an actual TCP transmission; other dissectors might want to
treat those packets specially as well.

Add to the "tcpinfo" structure a flag indicating whether the URG flag
was set, rather than having the zero or non-zero value of the urgent
pointer indicate that.  (Yes, at least as I read RFC 793, a zero urgent
pointer value isn't useful, as it means "the stuff before this segment
is urgent", but it's certainly possible to put onto the wire a TCP
segment with URG set and a zero urgent pointer.)

Don't dissect the TCP header by grabbing the entire header with
"tvb_memcpy()" and then pulling stuff out of it - extract stuff with
individual tvbuff calls, and put stuff into the protocol tree and the
Info column as we extract it, so that we can dissect a partial header.
This lets us, for example, get the source and destination ports from the
TCP header of the part of a TCP segment included in a minimum-length
ICMPv4 error packet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3986 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoMake several of the fields in the SMB header filterable.
guy [Sun, 30 Sep 2001 23:36:46 +0000 (23:36 +0000)]
Make several of the fields in the SMB header filterable.

Get rid of the "unknown-0xXX" entries in the "value_string" table for
SMB command codes - they make it much more painful to select one of them
in the filter-editing dialog box.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3985 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoThe length of an NBSS message can be bigger than 64K, so make the
guy [Sun, 30 Sep 2001 23:14:43 +0000 (23:14 +0000)]
The length of an NBSS message can be bigger than 64K, so make the
variable that holds it an "int" rather than a "guint16".

Further strengthen the heuristics the NBSS dissector uses to distinguish
NBSS messages from continuations of NBSS messages.

If an frame contains an NBSS continuation, put the protocol tree item
for the continuation data under an NBSS protocol tree item.

Have the TCP dissector supply information to subdissectors via a "struct
tcpinfo" pointed to by "pinfo->private"; move the urgent pointer value
from a global variable into that structure, and add a Boolean flag that
indicates whether the data it's handing to a subdissector is reassembled
data or not.

Make the NBSS dissector check for continuations only in non-reassembled

Fix the computation, in the TCP dissector, of the offset into the tvbuff
handed to the subdissector of the first byte of stuff that needs further
reassembly, and fix the computation of the sequence number corresponding
to that byte.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3984 f5534014-38df-0310-8fa8-9805f1628bb7

18 years ago"packet-ipv6.c" doesn't need anything from "packet-tcp.h" or
guy [Sun, 30 Sep 2001 23:07:12 +0000 (23:07 +0000)]
"packet-ipv6.c" doesn't need anything from "packet-tcp.h" or
"packet-udp.h", so it shouldn't #include them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3983 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoFor requests and responses for unknown interfaces, put an entry into the
guy [Sun, 30 Sep 2001 21:56:24 +0000 (21:56 +0000)]
For requests and responses for unknown interfaces, put an entry into the
DCE RPC protocol tree for the stub data.

Use the counts of context items and transfer syntax items when
dissecting a bind or alter context PDU.

In bind and alter context PDUs, create the conversation, attach the
context ID and interface to it, and put the interface information into
the Info column as soon as the first context item is dissected, so that
if we get an exception after that, we've still processed the context ID
and interface information.

Use the count of results when dissecting a bind ack PDU.

In bind ack PDUs, dissect the transfer syntax and syntax version fields,
and put the opnum and context ID information into the Info column as
soon as it's dissected.

When dissecting a connection-oriented request or response, don't make
the tvbuff the full fragment length if we don't have that much data in
the frame being dissected.  (We should do TCP reassembly there,

In connection-oriented response PDUs, put the opnum and context ID
information into the Info column as soon as it's dissected.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3982 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoPasi Eronen's attribution ...
sharpe [Sun, 30 Sep 2001 13:50:14 +0000 (13:50 +0000)]
Pasi Eronen's attribution ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3981 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoCommitting Pasi Eronen's patches to dcerpc.
sharpe [Sun, 30 Sep 2001 13:48:20 +0000 (13:48 +0000)]
Committing Pasi Eronen's patches to dcerpc.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3980 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoCommitting Montonori Shindo's patched to ppp for chap support.
sharpe [Sun, 30 Sep 2001 13:30:51 +0000 (13:30 +0000)]
Committing Montonori Shindo's patched to ppp for chap support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3979 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoCommit Montori Shindo's small patch.
sharpe [Sun, 30 Sep 2001 13:23:20 +0000 (13:23 +0000)]
Commit Montori Shindo's small patch.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3978 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoMake the item for NetBIOS only as long as the NetBIOS header, so that it
guy [Sat, 29 Sep 2001 20:32:29 +0000 (20:32 +0000)]
Make the item for NetBIOS only as long as the NetBIOS header, so that it
doesn't cover the payload.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3977 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoThe Wiretapped.net mirror is OK again (it was a problem with the
guy [Sat, 29 Sep 2001 19:56:08 +0000 (19:56 +0000)]
The Wiretapped.net mirror is OK again (it was a problem with the
mirroring procedure, due to the Politecnico di Torino site's IIS not
being configured to allow the relevant "virtual directories" to be
listed, thus keeping Wiretapped.net from figuring out what files were
there and whether they've changed), so put back the references to it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3976 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoThe Wiretapped.net mirror is OK again (it was a problem with the
guy [Sat, 29 Sep 2001 19:31:31 +0000 (19:31 +0000)]
The Wiretapped.net mirror is OK again (it was a problem with the
mirroring procedure, due to the Politecnico di Torino site's IIS not
being configured to allow the relevant "virtual directories" to be
listed, thus keeping Wiretapped.net from figuring out what files were
there and whether they've changed), so put back the references to it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3975 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoUse tvbuff routines to extract data from the SMB header.
guy [Sat, 29 Sep 2001 01:44:09 +0000 (01:44 +0000)]
Use tvbuff routines to extract data from the SMB header.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3974 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoStart the process of tvbuffifying the SMB dissector - give it a
guy [Sat, 29 Sep 2001 01:19:01 +0000 (01:19 +0000)]
Start the process of tvbuffifying the SMB dissector - give it a
tvbuffified heuristic-dissector interface, but have it immediately turn
its arguments into an old-style buffer pointer and offset.

Register the SMB dissector as a heuristic NetBIOS dissector, and have
"dissect_netbios_payload()" just try the heuristics, as it no longer has
to call the SMB dissector explicitly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3973 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoHave "dissect_netbios_payload()" take as an argument a tvbuff containing
guy [Sat, 29 Sep 2001 00:57:36 +0000 (00:57 +0000)]
Have "dissect_netbios_payload()" take as an argument a tvbuff containing
only the NetBIOS payload, and have the NBSS dissector construct tvbuffs
of that sort (i.e., stop at the end of the NBSS session message, not at
the end of the data handed to the NBSS dissector).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3972 f5534014-38df-0310-8fa8-9805f1628bb7

18 years agoRe-strengthen the check for NBSS continuations, to avoid, for example,
guy [Sat, 29 Sep 2001 00:00:26 +0000 (00:00 +0000)]
Re-strengthen the check for NBSS continuations, to avoid, for example,
session messages with a zero byte count.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3971 f5534014-38df-0310-8fa8-9805f1628bb7