guy [Fri, 20 Aug 1999 06:55:20 +0000 (06:55 +0000)]
Add support for reading Full Frontal ATM from an ATM Sniffer capture
file, instead of throwing out all but LANE or RFC 1483 data frames and
pretending that the former are just Ethernet or Token-Ring frames.
Add some level of decoding for ATM LANE, but not all of it; the rest,
including decoding non-LANE frames, is left as an exercise for somebody
who has captures they want to decode, an interest in decoding them, ATM
expertise, and time....
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@523
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 20 Aug 1999 06:01:07 +0000 (06:01 +0000)]
Made handling of byte strings in scanner and parser much simpler,
improving size of grammar and creating the possibility of dfilter_compile
reporting errors back to user. In this case, if an ETHER variable is
compared against a byte string that is not 6 bytes, an error condition is
flagged appropriately. I have not put in the code to conver that error flag
to a message to the user, but that's what I'm working on next.
Also, fixed sample debug session in README to show correct gdb prompt.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@522
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 20 Aug 1999 04:49:18 +0000 (04:49 +0000)]
Made LanAlyzer smarter about reading trace files, thereby removing a
variable from lanalyzer_t (plus an additional variable which wasn't being
used). While I was in there I cleaned up some comments and renamed a couple
variables to make more sense.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@521
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 20 Aug 1999 04:41:31 +0000 (04:41 +0000)]
"open_cap_file()" calls "close_cap_file()" if its attempt to open the
capture file succeeds, so that it cleans out any state in the
"capture_file" structure it was handed before filling it in with new
state for the new capture file.
This means it destroys any read filter associated with the
"capture_file" structure it was handed, so the "rfcode" field must be
set *after* calling "open_cap_file()" but *before* calling
"read_cap_file()". Do so for the "capture file (and possibly read
filter) supplied on the command line" case.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@520
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 20 Aug 1999 04:07:09 +0000 (04:07 +0000)]
Made iptrace wiretap module return error on partial packets, instead of
expecting it as normal. Added paragraph about iptrace oddities to README.
I also added a section to the README about how to report bugs.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@519
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 19 Aug 1999 05:52:55 +0000 (05:52 +0000)]
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@518
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 19 Aug 1999 05:42:22 +0000 (05:42 +0000)]
Use "g_strdup()" rather than "strdup()".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@517
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 19 Aug 1999 05:31:38 +0000 (05:31 +0000)]
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@516
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 18 Aug 1999 22:49:48 +0000 (22:49 +0000)]
Changes to compile in win32.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@515
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 18 Aug 1999 17:49:34 +0000 (17:49 +0000)]
In "wtap_dump_close()", don't shove the return value of "fclose()" into
the variable for the return value of "wtap_dump_close()", just check it
against EOF; shoving it into "ret" means it gets set to 0 on a
successful close, but a return value of 0 means "wtap_dump_close()"
failed.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@514
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 18 Aug 1999 17:08:47 +0000 (17:08 +0000)]
"wtap_pcap_encap_to_wtap_encap()" shouldn't return a file type if it
can't translate the encapsulation type, it should return an
encapsulation type; we add a new one, WTAP_ENCAP_UNKNOWN. and have it
return that.
Have "capture()" handle "wtap_pcap_encap_to_wtap_encap()" returning that
encapsulation type (if it happens, we need to add a new Wiretap
encapsulation type to handle the new "libpcap" encapsulation type).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@513
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 18 Aug 1999 16:28:22 +0000 (16:28 +0000)]
Re-arranged Ethereal's definitions of DLT_RAW et al. since capture.c
is the only file that uses them. I hope to avoid some compiler warnings
with this.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@512
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 18 Aug 1999 15:29:06 +0000 (15:29 +0000)]
Small change to create_tempfile, initializing static vars.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@511
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 18 Aug 1999 04:41:20 +0000 (04:41 +0000)]
Make "wtap_dump()" and "wtap_dump_close()" return error codes, and check
for errors when closing a file to which we've written packets (we don't
bother checking if we're giving up on a capture).
Add some more error checks in Wiretap.
Make a single list of all Wiretap error codes, giving them all different
values (some can be returned by more than one routine, so they shouldn't
be per-routine).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@510
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 18 Aug 1999 04:17:38 +0000 (04:17 +0000)]
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@509
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 18 Aug 1999 03:11:14 +0000 (03:11 +0000)]
Fix up the call to "reassemble_tcp()" to use "pi.len" and
"pi.captured_len" to compute the total amount of TCP payload and the
captured amount of TCP payload.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@508
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 18 Aug 1999 02:59:05 +0000 (02:59 +0000)]
Make a "create_tempfile()" routine that constructs the template to be
used by "mkstemp()" into a buffer supplied as an argument, trying
several directories for the tempfile, in the same fashion that the BSD
(and probably other) "tempnam()" routines do.
Have that routine cope with temporary-file directory names that don't
end with "/", as "P_tmpdir" doesn't necessarily end with "/" (and
doesn't, in GNU "libc" 2.x, at least on Linux); thanks to Gilbert
Ramirez for catching this one, and supplying the code to cope with that.
Have the code that creates the temporary file for the "Follow TCP
Stream" text use it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@507
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 18 Aug 1999 00:57:54 +0000 (00:57 +0000)]
Declare the "packet_info" structure "pi" in "packet.h", rather than in a
bunch of source files.
Replace the "payload" field of a "packet_info" structure with "len" and
"captured_len" fields, which contain the total packet length and total
captured packet length (including all headers) at the current protocol
layer (i.e., if a given layer has a length field, and that length field
says its shorter than the length we got from the capture, reduce the
"pi.len" and "pi.captured_len" values appropriately). Those fields can
be used in the future if we add checks to make sure a field we're
extracting from a packet doesn't go past the end of the packet, or past
the captured part of the packet.
Get rid of the additional payload argument to some dissection functions;
use "pi.captured_len - offset" instead.
Have the END_OF_FRAME macro use "pi.captured_len" rather than
"fd->cap_len", so that "dissect the rest of the frame" becomes "dissect
the rest of the packet", and doesn't dissect end-of-frame padding such
as padding added to make an Ethernet frame 60 or more octets long. (We
might want to rename it END_OF_PACKET; if we ever want to label the
end-of-frame padding for the benefit of people curious what that extra
gunk is, we could have a separate END_OF_FRAME macro that uses
"fd->cap_len".)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@506
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Tue, 17 Aug 1999 03:09:39 +0000 (03:09 +0000)]
Converted more of the IP fields to filterable fields.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@505
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 17 Aug 1999 00:26:37 +0000 (00:26 +0000)]
Fix a typo in a comment.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@504
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 17 Aug 1999 00:10:22 +0000 (00:10 +0000)]
Expand some comments.
Check for errors reading the "Follow TCP Stream" temporary file.
Unlink the temporary file after attempting to open and read the file,
even if the attempt to open it failed.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@503
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 16 Aug 1999 23:58:30 +0000 (23:58 +0000)]
Pick up a change from the OpenBSD ports collection, to use "mkstemp()"
to create the temporary file to which the "Follow TCP Stream" code
writes the contents of the TCP stream; this was presumably done to close
a potential security hole opened by the possibility of somebody
replacing the file referred to by the name generated by "tmpnam()"
before we open it.
(We may have to provide our own version of "mkstemp()" if there are any
platforms on which we run that lack it. Note that Solaris 2.5.1 has it,
even though it's not documented and isn't declare in its "stdlib.h".)
Have the "Follow TCP Stream" code put up a dialog box, rather than
spitting a message out to the standard error, if the attempt to create
the temporary file fails.
Check also whether the attempt to open the "Follow TCP Stream" temporary
file for reading fails, and put up a dialog box for that as well.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@502
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 16 Aug 1999 05:54:32 +0000 (05:54 +0000)]
Get rid of the comments saying "make ["decode_numeric_bitfield()"] shift
the value appropriately!" - a change from Olivier Abad did so.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@501
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sun, 15 Aug 1999 23:40:33 +0000 (23:40 +0000)]
Fixed segfault with new gtk_tree_item deselection routine and -S option.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@500
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 15 Aug 1999 22:31:22 +0000 (22:31 +0000)]
The "loop_data" structure is used only in "capture.c"; move its
definition from "capture.h" to "capture.c".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@499
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 15 Aug 1999 22:16:59 +0000 (22:16 +0000)]
"open_cap_file()", if it succeeds, closes any capture file we had open;
that means it destroys any read filter we had, so we don't need to
destroy it in "capture()" after "open_cap_file()" succeeds.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@498
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 15 Aug 1999 19:18:46 +0000 (19:18 +0000)]
Don't preserve the read filter from file to file - you won't necessarily
want to read the next file with the same filter that you used on the
last file.
In the "File/Open" dialog box, parse the read filter before trying to
open the file, and if the parse fails, leave the dialog box up so the
user still has the filter and file name around and can try to fix the
problem.
Keep the compiled read filter attached to the "capture_file" structure,
so you don't have to reparse it on a "File/Reload".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@497
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sun, 15 Aug 1999 07:28:23 +0000 (07:28 +0000)]
Fixed the problem with an assert coming from gtkwidget.c:3196 when
selecting a field from more than one protocol tree. It turns out that
gtktree.c doesn't clear the tree-item selection list when you use
gtk_tree_clear_items() (which calls gtk_tree_remove_items() ). So the next
time a tree item is selected in a new protocol tree (which is our old
protocol tree, with everything removed, and new things added), gtk_tree
tries to _deselect_ our old selection. But that tree-item which is trying
to be deselected is long gone, resulting in the assert because widget == NULL.
A function needs to be added to gtk_tree to deselect the tree-item selection
for us. (or we need to go through the hassle of creating a new gtk_tree
instead of recycling tree_view over and over).
I stole some code from another section of gtktree.c which lets us clear
the selection in clear_tree_and_hex_views().
Also, I modified the argument to gtk_tree_set_view_mode. We were using
"TRUE", when really we should have used a member of the GtkTreeViewMode
enumeration, namely GTK_TREE_VIEW_ITEM ( which is 1, which is TRUE :-)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@496
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 15 Aug 1999 06:59:13 +0000 (06:59 +0000)]
Have "wtap_open_offline()" return, on failure, an indication of the
reason for the failure, and have it do the checks to make sure the file
being opened is a plain file or a pipe.
Have "open_cap_file()" make use of that.
Don't automatically set "last_open_dir" if a "-r" flag was specified on
the command line - do so only if the file in question could actually be
opened.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@495
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 15 Aug 1999 01:02:26 +0000 (01:02 +0000)]
"read_cap_file()" doesn't need to be passed a file name as an argument -
it's called after "open_cap_file()" has been called, and is always
passed the file name passed to "open_cap_file()", and that file name is
stored as "cf->filename", so "read_cap_file()" can just use
"cf->filename" as the pathname of the file.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@494
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 15 Aug 1999 00:55:22 +0000 (00:55 +0000)]
Oops, forgot to get rid of the "open_cap_file()" in "load_cap_file()"
when I turned the latter into "read_cap_file()".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@493
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 15 Aug 1999 00:26:11 +0000 (00:26 +0000)]
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@492
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 14 Aug 1999 23:47:20 +0000 (23:47 +0000)]
Add ICMP to the set of packet types counted in the window shown while a
capture is in progress.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@491
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 14 Aug 1999 19:53:31 +0000 (19:53 +0000)]
Fixed File|Save As (it was using wrong variable for source filename).
Ethereal now remembers the directory where it last opened a file, either
via the GUI File|Open or command-line '-r' option. The next time File|Open
is used, browsing starts from that directory.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@490
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 14 Aug 1999 18:51:26 +0000 (18:51 +0000)]
Fixed segfault with combination of new dfilter struct usage, rfcode,
and File | Open option.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@489
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 14 Aug 1999 06:42:36 +0000 (06:42 +0000)]
Added dfilter-int.h to list of deliverables.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@488
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 14 Aug 1999 06:24:27 +0000 (06:24 +0000)]
Modified YACC grammar to use non-yy symbols, to avoid conflicts with
libpcap's that were compiled with symbols beginning with 'yy'.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@487
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 14 Aug 1999 04:23:22 +0000 (04:23 +0000)]
Have the "delta" format for time stamps show the time delta between a
packet and the previous *displayed* packet, rather than the previous
packet in a capture.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@486
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 14 Aug 1999 03:36:30 +0000 (03:36 +0000)]
Fix up the code that changes the "command-line-specified" time format to
handle a display with a display filter.
(Also, don't have it recompute the time stamps - they were computed when
the packet was added to the packet list in the first place.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@485
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 14 Aug 1999 01:33:29 +0000 (01:33 +0000)]
Enable the "Display/Options" menu item when we're capturing with "-S",
so you can change the time stamp column while you're capturing.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@484
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 14 Aug 1999 01:27:29 +0000 (01:27 +0000)]
In "change_time_formats()", you have to set "fd->cinfo" before you can
use "check_col()", otherwise "check_col()" always fails, and the time
column never gets changed. (How did I manage to break that?)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@483
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 14 Aug 1999 01:26:39 +0000 (01:26 +0000)]
Removed unneeded 'color' field from header_field_info.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@482
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 13 Aug 1999 23:52:49 +0000 (23:52 +0000)]
Added Brad's <brad@openbsd.org> patch to fix compilation from
separate directory.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@481
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 13 Aug 1999 23:47:43 +0000 (23:47 +0000)]
Moved global memory alloction used in display filters (which was stored
in dfilter-grammar.y) to a new struct dfilter. Display filters now have
their own struct, rather than simply being GNode's. This allows multiple
display filters to exist at once, aiding John McDermott in his
work on colorization.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@480
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 12 Aug 1999 21:16:32 +0000 (21:16 +0000)]
Create a "dfilter-int.h" file, containing stuff used internally to the
display filter code but not outside it (and not static to one of the
modules in the display filter code), with most of that stuff moved there
from "dfilter.h".
Add a declaration of "byte_str_to_guint8_array()" to "dfilter-int.h".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@479
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Thu, 12 Aug 1999 15:20:18 +0000 (15:20 +0000)]
One small regex change, just to be safe.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@478
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Thu, 12 Aug 1999 15:10:48 +0000 (15:10 +0000)]
Fixed two bugs in display filter parsing.
1. Some IP addresses (like 0.0.0.0) would be interpreted as byte ranges.
2. Parens were being ignored.
Thanks to Guy for pointing these out to me.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@477
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 12 Aug 1999 07:36:41 +0000 (07:36 +0000)]
"file_sel_ok_cb()" isn't used except with the "File/Open" dialog box;
rename it to "file_open_ok_cb()", move it next to the routine to create
that dialog box, and make it static.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@476
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Thu, 12 Aug 1999 05:19:06 +0000 (05:19 +0000)]
Added Ashok's fix for RSVP and support for RSVP+.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@475
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 11 Aug 1999 20:10:38 +0000 (20:10 +0000)]
The "-R" command-line filter is applied when reading the capture file;
it's not a display filter (packets that don't match the filter are
discarded completely, not just filtered out of the display), although it
has the same syntax as a display filter.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@473
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 11 Aug 1999 20:08:32 +0000 (20:08 +0000)]
The changes to file loading decreased file loading time rather than
increasing it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@472
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 11 Aug 1999 17:02:28 +0000 (17:02 +0000)]
Changed two #include <>'s to #include "" 's, for stylistic reasons only.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@471
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 11 Aug 1999 16:42:51 +0000 (16:42 +0000)]
Fixed packaging problem (the list of deliverables in the doc/ directory).
Updated NEWS file.
Moved version to 0.7.2 for imminent release.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@470
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 11 Aug 1999 16:25:07 +0000 (16:25 +0000)]
Modified the flex scanner to use symbols that start with "dfilter_"
instead of "yy". (dfilter-grammar.y was modified to #define yylex as
dfilter_lex).
VERSION is no longer needed since the doc/Makefile now uses @VERSION@,
passed to it from 'configure'.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@469
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 11 Aug 1999 16:05:19 +0000 (16:05 +0000)]
Modified autoconf/automake files for doc subdirectory so that all of
Ethereal can be compiled in a build directory separated from the source
directory.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@468
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 10 Aug 1999 20:13:21 +0000 (20:13 +0000)]
Display counts of NetBEUI/NBF frames as "NetBIOS".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@467
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 10 Aug 1999 20:06:39 +0000 (20:06 +0000)]
Jeff Foster's changes to add support for NetBEUI/NBF (NetBIOS atop 802.2
LLC, the original NetBIOS encapsulation).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@466
f5534014-38df-0310-8fa8-
9805f1628bb7
deniel [Tue, 10 Aug 1999 11:30:03 +0000 (11:30 +0000)]
Change the test of pcap_dispatch returned value
which might be -1.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@465
f5534014-38df-0310-8fa8-
9805f1628bb7
deniel [Tue, 10 Aug 1999 11:08:38 +0000 (11:08 +0000)]
Fix the -S option timeout handling:
- when in a live capture mode no packet is received
during a timeout, the displayer process is notified
about any remaining captured packets. Note that this
fix works on Linux only with a patched libpcap.
- remove unnecessary time() call and sync_time
loop_data field.
Thanks to John McDermott for his help during fixing
and testing.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@464
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 10 Aug 1999 07:54:07 +0000 (07:54 +0000)]
More whitespace fixups, and fix a typo in a comment.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@463
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 10 Aug 1999 07:52:54 +0000 (07:52 +0000)]
Fix up whitespace.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@462
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 10 Aug 1999 07:37:38 +0000 (07:37 +0000)]
Fix up some comments.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@461
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 10 Aug 1999 07:16:47 +0000 (07:16 +0000)]
Add the ability to specify a filter to be used when reading the file to
the "Open File" dialog box (the "Open File" dialog box equivalent of the
"-R" flag). Have "load_cap_file()" take the filter expression as an
argument, and make the global "rfilter" into a member of a
"capture_file" structure.
When reading a temporary capture file after a live capture, don't apply
any filter.
Move the code that pops up error boxes on file opens when reading a
capture file back to "load_cap_file()"; it also pops up error boxes if
the filter expression can't be parsed.
Don't enable "File/Save" or "File/Save As..." if an attempt to read a
capture file fails - if there was already an open capture file, it was
closed by "load_cap_file()", so we no longer have an open file to save.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@460
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 10 Aug 1999 06:54:12 +0000 (06:54 +0000)]
Initialize the "next" pointer of a "frame_data" structure to NULL before
putting it on the list of frames.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@459
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 10 Aug 1999 04:57:47 +0000 (04:57 +0000)]
Fix the list of descriptions of codes in ICMP Unreachable messages.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@458
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 10 Aug 1999 04:13:37 +0000 (04:13 +0000)]
Building a GList by adding elements to the end with "g_list_append()" is
N^2 in the ultimate size of the list (as "g_list_append()" is linear in
the size of the list, at least when used in the way the GLib
documentation says to use it); instead, maintain our own linked list of
"frame_data" structures for all packets read, including a pointer to the
last element.
"gtk_clist_set_row_data()" is linear in the row number, so if it's used
to attach a pointer to the "frame_data" structure for a packet to the
packet list GtkClist row for each packet, that's also N^2 in the number
of packets in that packet list; instead, store the row number in the
"frame_data" structure, and find the packet for a given row by scanning
the list for it (we were already scanning the list linearly to find that
packet's index in the list of all packets; that's only done when a
packet's selected, so it's not *too* bad, but it might be nice to avoid
having to do that scan).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@457
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Tue, 10 Aug 1999 02:54:59 +0000 (02:54 +0000)]
Fixed a bug in displaying RIF ring/bridge pairs.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@456
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Mon, 9 Aug 1999 18:18:38 +0000 (18:18 +0000)]
Added John McDermott's patch for handling ICMP Unreachable|Fragmentation
Required packets.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@455
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 8 Aug 1999 01:29:24 +0000 (01:29 +0000)]
Jochen Friedrich's patch to add a "-R" flag, which takes a
display-filter syntax expression as an argument, and causes that filter
to be applied to all packets when a capture file is read in; packets
that don't match the filter are discarded.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@454
f5534014-38df-0310-8fa8-
9805f1628bb7
deniel [Sat, 7 Aug 1999 17:28:21 +0000 (17:28 +0000)]
Allow compilation of ethereal in a directory different than
the source directory. The doc makefile is still broken however.
Thanks to Jan Bernard van Doorn for raising this problem.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@453
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 7 Aug 1999 01:34:29 +0000 (01:34 +0000)]
A further memory leak fix from Jochen Friedrich.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@452
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 7 Aug 1999 01:25:04 +0000 (01:25 +0000)]
Move a comment, to correctly reflect which code in
"clear_tree_and_hex_views()" clears the hext dump window and which code
clears the protocol tree window.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@451
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 5 Aug 1999 18:20:41 +0000 (18:20 +0000)]
Use "strrchr()", rather than "strchr()", to find the '/' in "argv[0]"
before the last component; thanks to Laurent Deniel for catching that one.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@450
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Thu, 5 Aug 1999 17:08:13 +0000 (17:08 +0000)]
Changed version to 0.7.1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@448
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Thu, 5 Aug 1999 16:46:04 +0000 (16:46 +0000)]
Added a progress bar to the display filter computation. Unfortunately,
try as I might, I couldn't get gtk_timeout_add to work. I read all the docs,
but no luck. So for now I call dfilter_progress_cb for every 20 packets
that are filtered. I'd rather have *something* for the next Ethereal
release than nothing.
I also modified file_progress_cb to use it's local copy of cf rather
than the global copy.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@447
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Thu, 5 Aug 1999 16:42:31 +0000 (16:42 +0000)]
Logical operands needed to set the yylval as well as return the
token to the yacc parser.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@446
f5534014-38df-0310-8fa8-
9805f1628bb7
deniel [Thu, 5 Aug 1999 11:12:14 +0000 (11:12 +0000)]
Use execlp instead of execl to scan the PATH for the
ethereal executable (but this is only performed if
ethereal_path (i.e. arg[0]) does not contain any '/').
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@445
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 5 Aug 1999 06:34:43 +0000 (06:34 +0000)]
Have Ethereal, when invoked as "ethereal-dump-fields", dump out a
glossary of display filter symbols, just as it does with "-G", except
that, as it can discover that it was so invoked before even looking at
the command-line arguments, it needn't even bother calling "gtk_init()"
to process those command-line arguments GTK+ cares about, and thus
needn't do any X stuff at all when so invoked.
That allows Ethereal to be built in an environment where you don't have
an X server, and, if your connection to your X server is slow, allows
you to built it faster.
Get rid of the "-G" flag, as it had only a somewhat specialized use.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@444
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 5 Aug 1999 06:30:05 +0000 (06:30 +0000)]
Patch from Olivier Abad to make it correctly display non-extended
informatino frames.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@443
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 5 Aug 1999 02:26:21 +0000 (02:26 +0000)]
Put in an RCS ID.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@442
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 5 Aug 1999 00:23:07 +0000 (00:23 +0000)]
Before displaying a packet, clear the tree and hex views; if you
double-click on a packet, it'll select that packet without necessarily
first un-selecting it (this may be a GTK+ 1.0[.x] vs. GTK+ 1.2[.x]
difference; Jeff Jahr said he first saw it when going from Ethereal
0.6.3 to 0.7.0 and going from GTK+ 1.0[.x] to GTK+ 1.2.3, but I saw it
on 0.6.3 with GTK+ 1.2.3 as well).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@441
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 5 Aug 1999 00:05:01 +0000 (00:05 +0000)]
"packet-udp.c" and "packet-x25.c" both have global variables named
"hash_table", but each of them is used only in the file in question;
make them static, so that they don't collide.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@440
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 5 Aug 1999 00:02:55 +0000 (00:02 +0000)]
Fix a "proto_tree_add_text()" call that should've been a
"proto_tree_add_item()" call (and fix the length passed to it, which, it
appears, has been wrong for ages).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@439
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 4 Aug 1999 23:43:42 +0000 (23:43 +0000)]
Fix a couple of memory leaks.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@438
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 4 Aug 1999 21:20:53 +0000 (21:20 +0000)]
Fix a typo.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@437
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 4 Aug 1999 06:15:07 +0000 (06:15 +0000)]
Add a "dissect_xdlc_control()" routine, to dissect the control field of
SDLC-derived protocols such as HDLC and derivatives of it such as LAPB,
IEEE 802.2 LLC, and so on. Have the LLC and LAPB dissectors use it.
Make "dissect_numeric_bitfield()" put the low-order bit of the bitfield
in the low-order bit of an integer when printing it, so that the right
value is printed.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@436
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 4 Aug 1999 06:11:17 +0000 (06:11 +0000)]
Patch from Olivier Abad to implement modulo 128 X.25 decoding, and to
improve X.25 decoding in other ways as well.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@435
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 4 Aug 1999 04:37:46 +0000 (04:37 +0000)]
Add a "dissect_xdlc_control()" routine, to dissect the control field of
SDLC-derived protocols such as HDLC and derivatives of it such as LAPB,
IEEE 802.2 LLC, and so on. Have the LLC and LAPB dissectors use it.
Make "dissect_numeric_bitfield()" put the low-order bit of the bitfield
in the low-order bit of an integer when printing it, so that the right
value is printed.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@434
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 4 Aug 1999 03:44:11 +0000 (03:44 +0000)]
Give some credit.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@432
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Wed, 4 Aug 1999 03:37:45 +0000 (03:37 +0000)]
Fixed match_selected to work with new display filter code. It uses
"frame[x:y]" in the display filte that it creates so that it works with
any datalink type.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@431
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 4 Aug 1999 00:33:11 +0000 (00:33 +0000)]
Fix a comment.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@430
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 4 Aug 1999 00:21:37 +0000 (00:21 +0000)]
Eliminate an extra comma from a message.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@429
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Tue, 3 Aug 1999 20:51:41 +0000 (20:51 +0000)]
Update version numbers to 0.7.0, and update win32 Makefiles. I made some
initial #ifdef changes to capture.c to support the win32 version of libpcap.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@428
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Tue, 3 Aug 1999 16:33:12 +0000 (16:33 +0000)]
Update documentation, including display filter docs.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@427
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Tue, 3 Aug 1999 15:04:33 +0000 (15:04 +0000)]
Removed the "exists" keyword from the grammar. The name of a protocol or a
field by itself assumes you are checking for the existence of that protocol
or field.
Changed the format of the list of filterable fields in the man page.
Developers: run "./configure" so that your configure script will re-create
dfilter2pod from the new dfilter2pod.in
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@426
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Tue, 3 Aug 1999 14:59:16 +0000 (14:59 +0000)]
Checked in Johan's Updated RADIUS dissector which uses the new proto_tree
implementation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@425
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Tue, 3 Aug 1999 14:49:34 +0000 (14:49 +0000)]
Fixed #ifdef to call proto_register_snmp properly when SNMP is compiled in.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@424
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 3 Aug 1999 03:48:04 +0000 (03:48 +0000)]
Patch from Bill Fumerola to quiet some EGCS complaints, at least on
FreeBSD.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@423
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Mon, 2 Aug 1999 06:34:23 +0000 (06:34 +0000)]
I was able to get rid of all the reduce/reduce conflicts by removing
the rules allowing values to precede variables in a relation, like this:
192.168.1.1 eq ip.src
More profound changes should still be made to the grammar, though.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@422
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Mon, 2 Aug 1999 06:08:58 +0000 (06:08 +0000)]
Changed the chmod() call to a pair of umask() calls that straddle the
call to pcap_dump_open. This allows us to control the readability of the
temporary trace file, and avoid a race condition in which a user could
open the trace file after the pcap_dump_open() call and the subsequent
chmod() call.
Thanks to Jeorg for pointing for pointing out the race condition.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@421
f5534014-38df-0310-8fa8-
9805f1628bb7
git.samba.org / obnox / wireshark / wip.git / log