guy [Mon, 24 Jan 2000 04:49:45 +0000 (04:49 +0000)]
Include the "-D" flag in the usage message.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1533
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 24 Jan 2000 04:44:58 +0000 (04:44 +0000)]
Heikki Vatiainen's patch to add a flag to control whether to interpret
the IPv4 TOS field as a TOS field or as a DiffServ field, and allow that
field to be controlled by a command-line option or an option in the
"Display:Options" dialog box.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1532
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 24 Jan 2000 03:51:35 +0000 (03:51 +0000)]
Fix a bunch of dissectors to use "pi.captured_len" rather than
"fd->cap_len" for the frame length - or to use macros such as
"BYTES_ARE_IN_FRAME()", "IS_DATA_IN_FRAME()", and "END_OF_FRAME", which
use "pi.captured_len" - so that they correctly handle frames where the
actual data length of the packet is less than the size of the raw frame,
e.g. with encapsulations such as ISL.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1531
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 24 Jan 2000 03:33:35 +0000 (03:33 +0000)]
Fix a bunch of dissectors to use "pi.captured_len" rather than
"fd->cap_len" for the frame length - or to use macros such as
"BYTES_ARE_IN_FRAME()", "IS_DATA_IN_FRAME()", and "END_OF_FRAME", which
use "pi.captured_len" - so that they correctly handle frames where the
actual data length of the packet is less than the size of the raw frame,
e.g. with encapsulations such as ISL.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1530
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 24 Jan 2000 02:44:52 +0000 (02:44 +0000)]
Add some new SAP values from
http://www.optimized.com/COMPENDI/REF-SAP.htm
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1529
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 24 Jan 2000 02:05:39 +0000 (02:05 +0000)]
xDLC frames other than I and UI frames may have a payload, e.g. TEST
frames; rename "XDLC_HAS_PAYLOAD()" to "XDLC_IS_INFORMATION()", and if
the frame isn't an "information" frame, dissect its payload (if any) as
data.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1528
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 24 Jan 2000 01:45:12 +0000 (01:45 +0000)]
Put the PID of SNAP frames into the protocol tree regardless of whether
the frame has a payload or not.
Note in a comment that in one capture there's a U frame with a function
of TEST, rather than UI, that appears to have a payload.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1527
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 24 Jan 2000 01:15:37 +0000 (01:15 +0000)]
When computing the total frame length of an 802.3 frame, add to the
value in the length field not only the Ethernet MAC header size, but
also the offset in the frame of the Ethernet MAC header, so that, if the
802.3 frame is encapsulated in some other type of frame, the total frame
length includes the header for that frame as well.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1526
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 23 Jan 2000 08:55:37 +0000 (08:55 +0000)]
In "dissect_eth()", update "pi.len" and "pi.captured_len" regardless of
whether we're building a protocol tree or not.
Make "dissect_eth()" use "BYTES_ARE_IN_FRAME()" to see if we have a full
Ethernet header - it can be called with a non-zero offset, if Ethernet
frames are encapsulated inside other frames (e.g., ATM LANE).
Make capture routines take an "offset" argument if the corresponding
dissect routine takes one (for symmetry, and for Cisco ISL or any other
protocol that encapsulates Ethernet or Token-Ring frames inside other
frames).
Pass the frame lengths to capture routines via the "pi" structure,
rather than as an in-line argument, so that they can macros such as
"BYTES_ARE_IN_FRAME()" the way the corresponding dissect routines do.
Make capture routines update "pi.len" and "pi.captured_len" the same way
the corresponding diseect routines do, if the capture routines then call
other capture routines.
Make "capture_vlan()" count as "other" frames that are too short, the
way other capture routines do.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1525
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Sat, 22 Jan 2000 21:49:50 +0000 (21:49 +0000)]
Merge Paul Ionescu's CDP fixes with Guy's. Add #defines to oui.h for Cisco
IOS 9.0 and bridged frame relay and update packet-llc.c accordingly. Add
CDP handler to capture_llc() in packet-llc.c.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1524
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 22 Jan 2000 07:19:34 +0000 (07:19 +0000)]
Allow "-w" and/or "-R" to be specified either when doing a live capture
or when reading a saved capture file; if "-w" is specified, the packets
captured or read from the file are written to the specified file rather
than being dissected and printed, and if "-R" is specified, only packets
that pass the specified read filter are dissected and printed or
written.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1523
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 22 Jan 2000 06:22:44 +0000 (06:22 +0000)]
Fix files that had Gilbert's old e-mail address or that didn't have my
forwarding e-mail address.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1522
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 22 Jan 2000 05:49:08 +0000 (05:49 +0000)]
Give "dissect_rpc_string()" an extra "char **" argument; if it's
non-null, it returns through that argument a pointer to the displayed
version of the string, otherwise it just frees that string.
Use that to put, in the tree item for READDIR and READDIRPLUS reply
directory entry items, the file name from the directory entry.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1521
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 22 Jan 2000 04:59:55 +0000 (04:59 +0000)]
Add "proto_item_set_text()", which sets the "representation" field of an
existing protocol tree item.
Add "proto_tree_add_notext()"; it's just like "proto_tree_add_text()",
but without the text, and it sets the "representation" field to NULL;
that field would be set later with "proto_item_set_text()".
Those routines let you construct, for example, an interior node of the
protocol tree whose text can't be determined until all the nodes under
it have been dissected - it's similar to "proto_item_set_len()" in that
fashion.
Use that when dissecting address TLVs in the CDP dissector - create the
item for an address in an "Addresses" TLV with no text, and then fill in
the items under it one at a time; if we get cut off before we get to the
actual address, set the text to "Truncated address", otherwise set it to
a description of the address.
Also, set the length of the item for the entire address TLV correctly.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1520
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 22 Jan 2000 02:00:27 +0000 (02:00 +0000)]
"tm_mon" in a "struct tm" is 0-based, not 1-based; when printing the
month number, add 1 to "tm_mon".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1519
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 21 Jan 2000 19:19:23 +0000 (19:19 +0000)]
Add URL.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1518
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 21 Jan 2000 08:44:40 +0000 (08:44 +0000)]
Add stuff to add platform-specific compiler flags; currently, we have
only flags for HP's ANSI C compiler, as suggested by Jost Martin.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1517
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 21 Jan 2000 06:18:16 +0000 (06:18 +0000)]
Add "-L" flags to LDFLAGS, not LIBS, and get rid of all the exotic
searching that tries to figure out in what directory libpcap lives - we
should treat "-L" just like "-I", rather than adding a ton of
complication to do it the way the autoconf maintainers think, for some
reason, it should be done (by adding "-L" flags to LIBS - "-L" flags
don't specify libraries, so I have no clue why they think they belong in
LIBS; they specify a search path for libraries, just as "-I" flags
specify a search path for header files, so they strike me as "flags to
the linker" rather than "libraries", and LDFLAGS, unlike LIBS, appears
before *all* "-l" flags, including those specified by PCAP_LIBS and so
on).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1516
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 21 Jan 2000 00:07:53 +0000 (00:07 +0000)]
Applied the vines part of Joerg's vines patch.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1515
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 20 Jan 2000 21:34:16 +0000 (21:34 +0000)]
Joerg Mayer's updates to the VINES dissector and to protocol layers
above VINES.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1514
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 20 Jan 2000 19:16:41 +0000 (19:16 +0000)]
Gerrit Gehnen's patch to add support for the "Inactive Subset" of the
ISO 8473 CLNP protocol.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1513
f5534014-38df-0310-8fa8-
9805f1628bb7
oabad [Thu, 20 Jan 2000 17:13:42 +0000 (17:13 +0000)]
The headers of HP-UX 9.04 and HP-UX 10.20 nettl files seem to be different.
Check for both "magic numbers".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1512
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 20 Jan 2000 07:31:29 +0000 (07:31 +0000)]
Put the RFC number for PPTP into the introductory comment.
Fix a bunch of byte-order problems, as noted by Thomas Quinot in Debian
bug 55347, although his fix addressed only the byte-order problems, not
the blithely-fetching-through-a-possibly-unaligned-pointer problems that
said code also had; we fix both of them.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1511
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 18 Jan 2000 20:35:40 +0000 (20:35 +0000)]
Include CFLAGS in the command to build "rdps".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1510
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 18 Jan 2000 19:01:35 +0000 (19:01 +0000)]
Use "strrchr()" instead of "rindex()" - "strrchr()" is the routine the
ANSI C standard specifies.
Fix up some menu stuff that should've been fixed when I put "Find Frame"
and "Go To Frame" under "Edit".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1509
f5534014-38df-0310-8fa8-
9805f1628bb7
girlich [Tue, 18 Jan 2000 11:56:15 +0000 (11:56 +0000)]
Last dissectors for NFS v3 are finally done.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1508
f5534014-38df-0310-8fa8-
9805f1628bb7
girlich [Tue, 18 Jan 2000 11:54:07 +0000 (11:54 +0000)]
New constants for ftype3 decoding.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1507
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 18 Jan 2000 09:25:04 +0000 (09:25 +0000)]
Put into the "Capture Preferences" dialog box a check box to control
whether, in a live capture that updates the display as packets arrive,
the packet list pane should scroll to show the most recently captured
packets or not.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1506
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 18 Jan 2000 09:05:30 +0000 (09:05 +0000)]
Put the "Find Frame" and "Go To Frame" menu items under "Edit"; leave
them under "Display" as well for now.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1505
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 18 Jan 2000 08:38:18 +0000 (08:38 +0000)]
Jerry Talkington's changes to support, in the packet list and protocol
tree panes, menus popped up by the right mouse button.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1504
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 17 Jan 2000 20:30:17 +0000 (20:30 +0000)]
Squelch some complaints from GCC (and protect against the admittedly
unlikely possibility that, on some platform, converting a "gpointer" to
pointers of the types in question involves more than just reinterpreting
the bits of the "gpointer" value).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1503
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 17 Jan 2000 20:21:40 +0000 (20:21 +0000)]
Use "strchr()" rather than "index()" - the ANSI C standard specifies
"strchr()", and it, unlike "index()", is declared in <string.h>.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1502
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Mon, 17 Jan 2000 18:14:13 +0000 (18:14 +0000)]
Add Makefile.nmake to list of deliverables. I had sent Thomas Parvais
a tarball from the current CVS image using "make dist". That's why
he sent an e-mail today saying that the gtk/Makefile.namek was not
in CVS. It's in CVS, but it wasn't in the tarball I sent him.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1501
f5534014-38df-0310-8fa8-
9805f1628bb7
oabad [Mon, 17 Jan 2000 17:12:43 +0000 (17:12 +0000)]
We have to #include "plugins.h" before using the HAVE_PLUGINS define.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1500
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 17 Jan 2000 08:06:42 +0000 (08:06 +0000)]
Add a "-F" flag, to allow the format of a file being written to be
specified. This will be of more use when I allow "-w" to be used when
reading an existing capture file rather than doing a live capture (which
will also allow you to specify a read filter, and thus to write a
capture file containing those packets from an existing capture file that
match a given display filter).
Fix up some messages to say "tethereal" rather than "ethereal".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1499
f5534014-38df-0310-8fa8-
9805f1628bb7
sharpe [Mon, 17 Jan 2000 08:06:03 +0000 (08:06 +0000)]
Small patch to editcap to allow ranges of packets to be specified
as well as individual packets.
I needed to grab quite a few from the middle of a large capture file.
Will eventually need to sort the extract list.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1498
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 17 Jan 2000 07:49:03 +0000 (07:49 +0000)]
Add a "-x" flag to Tethereal, to make it print a hex and ASCII dump of
the packet data.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1497
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 16 Jan 2000 02:54:49 +0000 (02:54 +0000)]
Get rid of the include of "util.h" that some dissectors do - it's not
necessary.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1496
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 16 Jan 2000 02:48:12 +0000 (02:48 +0000)]
Move the routine to get a list of the network interfaces on the system
to "util.c", and provide a routine to free that list as well.
When picking an interface on which to do a capture (if no "-i" flag was
specified), use that routine, and pick the first interface on the list.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1495
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 16 Jan 2000 00:13:24 +0000 (00:13 +0000)]
The NetBSD zlib problem is probably the same as the FreeBSD and OpenBSD
zlib problems, and my workaround appears to handle that problem, so
let's reenable zlib support in NetBSD and look into it in more detail if
there's still a problem.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1494
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 15 Jan 2000 21:01:04 +0000 (21:01 +0000)]
Rename "save_LIBS" to "ethereal_save_LIBS", to reduce the risk of a name
collision with another variable.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1493
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 15 Jan 2000 13:45:06 +0000 (13:45 +0000)]
Don't exclude register.c from the distribution tarball because we
no longer optionally compile the snmp dissector. But I left the dist-hook
line in the Makefile.am in case we're ever in that situation again.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1492
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 15 Jan 2000 13:27:39 +0000 (13:27 +0000)]
Add in a couple of the artifacts produced from autoconf/automake
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1491
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 15 Jan 2000 13:25:22 +0000 (13:25 +0000)]
Remove libltdl from the build. The directory is still in CVS, but it is
not used in the build. I'll wait a few days to remove the libltdl
directory, just in case.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1490
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 15 Jan 2000 12:54:24 +0000 (12:54 +0000)]
Move top-level window creation to separate function outside of
main().
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1489
f5534014-38df-0310-8fa8-
9805f1628bb7
oabad [Sat, 15 Jan 2000 10:50:23 +0000 (10:50 +0000)]
Add missing #ifdef HAVE_PLUGINS before calling init_plugins()
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1488
f5534014-38df-0310-8fa8-
9805f1628bb7
oabad [Sat, 15 Jan 2000 10:47:56 +0000 (10:47 +0000)]
Add a call to init_plugins() in order to read the plugins.status file and
enable plugins if their saved status is "active".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1487
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 15 Jan 2000 10:25:41 +0000 (10:25 +0000)]
As we're not using the default action for AC_CHECK_LIB in
AC_ETHEREAL_PCAP_CHECK, we have to explicitly define HAVE_LIBPCAP if we
find it, otherwise it doesn't get defined.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1486
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 15 Jan 2000 10:23:10 +0000 (10:23 +0000)]
Pass the number of packets to be captured to "capture()" as an argument,
rather than making it static.
Don't print the "Capturing on <interface>" message until you actually
start capturing, and print it regardless of whether the interface was
explicitly specified or not (that's what snoop and tcpdump do).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1485
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 15 Jan 2000 09:46:28 +0000 (09:46 +0000)]
Arrange that, on Solaris, we link with "-lkstat" if necessary when
linking with "-lsnmp".
Link only Ethereal and Tethereal with "-lpcap"; don't link editcap, or
any of the test programs that the configure script builds, with it
(because that means you also have to arrange that those test programs be
linked with @SOCKET_LIBS@ and @NSL_LIBS@) - i.e., don't add it to LIBS,
add it to PCAP_LIBS, and use that only for programs that need it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1484
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 15 Jan 2000 08:08:20 +0000 (08:08 +0000)]
Tethereal needs the same set of additional objects that Ethereal does;
make it link with them.
Provide dependencies for Tethereal as well.
Tethereal may need to be linked with "-lsocket" and/or "-lnsl"; check
for that, and arrange that it be linked with them if necessary.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1483
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 15 Jan 2000 06:05:21 +0000 (06:05 +0000)]
If no "-i" flag is specified to Tethereal when no file is to be read,,
or to Ethereal when the "-k" flag is specified, i.e. when a capture is
to be started immediately, use "pcap_lookupdev()" to pick an interface,
just as tcpdump does.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1482
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 15 Jan 2000 05:30:52 +0000 (05:30 +0000)]
When configuring for GLib, we have to include gmodule support; the GTK+
options include it automatically, but the GLib options don't, and
Tethereal links with GLib but not with GTK+.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1481
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 15 Jan 2000 04:17:37 +0000 (04:17 +0000)]
Fix up a bunch of places where a pointer into the packet buffer was cast
to a type requiring 2-byte or better alignment and was then
dereferenced; doing that requires that the code generated by your
compiler not trap if it makes an unaligned reference, and on most RISC
processors the code generated by the compiler *will* trap on an
unaligned reference by default.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1480
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 15 Jan 2000 00:23:13 +0000 (00:23 +0000)]
Merge in the final code to make Ethereal run on Win32, compiled
with MSVC 6.0 and 'nmake', the make tool that comes with MSVC.
It compiles, links, and runs. It doesn't run correctly. There's a problem
when reading files. I'm getting short reads. I'm not linking in zlib or
libsnmp because it first needs to be debugged.
I changed the plugin code to use gmodule instead of libltdl, but the
Unix build still links ethereal against libltdl. I'll fix that tonight; sorry
about leaving it in such a sad state, but I wanted to check in this code
before I left work on a Friday night. Ethereal still works, but the
building is less than optimal.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1479
f5534014-38df-0310-8fa8-
9805f1628bb7
nneul [Fri, 14 Jan 2000 23:26:18 +0000 (23:26 +0000)]
better command line syntax description
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1478
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 14 Jan 2000 19:11:26 +0000 (19:11 +0000)]
Don't assume that the RX header is neatly aligned on a 4-byte boundary
in our address space.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1477
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 14 Jan 2000 19:05:30 +0000 (19:05 +0000)]
Set an initial (blank) filter to get around the peculiarities in RH
6.1's libpcap.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1476
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 14 Jan 2000 17:08:41 +0000 (17:08 +0000)]
Fixed small typo in hex printing.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1475
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Fri, 14 Jan 2000 14:21:50 +0000 (14:21 +0000)]
Check for existence of cf.iface before calling capture(). Change
usage statement accordingly.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1474
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 14 Jan 2000 08:44:50 +0000 (08:44 +0000)]
Supply a patch that, at least on HP-UX 11.00, lets you specify to
"pcap_open_live()" a network interface name rather than a "dlpiN" name
(where "N" is the PPA for the device, as reported by lanscan).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1473
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 14 Jan 2000 08:18:58 +0000 (08:18 +0000)]
Note that the Ethereal workaround for the libpcap timeout problem should
prevent Ethereal's GUI from hanging during a capture, even if libpcap on
your Linux system hasn't been patched.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1472
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 14 Jan 2000 08:14:33 +0000 (08:14 +0000)]
Note that we can read "i4btrace" capture files.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1471
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 14 Jan 2000 08:12:14 +0000 (08:12 +0000)]
Note that the Ethereal distribution also comes with Tethereal and
editcap.
Expand the list of OSes on which Ethereal has (at least at one time)
been built and used.
Note that systems other than Solaris that use DLPI (e.g., HP-UX) may
also have "/dev" entries that can be made more widely readable and
writable to allow non-root users to capture packets.
Note that we can read "i4btrace" capture files.
Note that we now always do SNMP dissection, and that an external library
just allows us to do more sophisticated dissection.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1470
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 14 Jan 2000 07:51:14 +0000 (07:51 +0000)]
Add "doc/editcap.pod" and "doc/tethereal.pod.template" to the
distribution.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1469
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 14 Jan 2000 06:46:00 +0000 (06:46 +0000)]
Add "tethereal", a tty-oriented derivative of Ethereal that works like
Sun's snoop or like tcpdump.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1468
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 18:26:15 +0000 (18:26 +0000)]
Add "file_wrappers.c" to the list of things to compile with Microsoft
Visual C{++}.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1467
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 18:02:24 +0000 (18:02 +0000)]
Call the CDP entry listing addresses "Addresses", not "Address" - it can
have more than one address.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1466
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 17:59:14 +0000 (17:59 +0000)]
0x2000, for CDP, doesn't appear to be an Ethernet type - it's not
registered as a type for CDP, and CDP packets appear to be LLC packets
with an OUI of 00-00-0C, not the encapsulated Ethernet OUI of 00-00-00.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1465
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 07:18:50 +0000 (07:18 +0000)]
Fix "ascend-scanner.l" to include "file_wrappers.h" rather than the
defunct "file.h".
Make "file_wrappers.c" include "wtap.h", so that the WTAP_ERR_ZLIB_
values are defined.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1464
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 07:09:20 +0000 (07:09 +0000)]
We are obliged to define HAVE_UNISTD_H in "config.h"; to avoid the
hideous problem on FreeBSD 3.[23] (and perhaps other BSDs) if
HAVE_UNISTD_H is defined before "zlib.h" is included, turn "file_seek()"
into a subroutine defined in a file that *undefines* HAVE_UNISTD_H
before including "zlib.h", so that the *only* call to "gzseek()" is made
from a file that does not have HAVE_UNISTD_H defined when it includes
"zlib.h".
Move "file_error()" to that file while you're at it, so it holds all the
wrappers that hide the presence or absence of zlib from routines to read
capture files.
Turn "file.h", which declared those wrapper functions as well as wrapper
macros, into "file_wrapper.h" - it belongs with the "file_wrapper.c"
file that defines the wrapper functions, not with "file.c" which handles
higher-layer file access functions.
Remove the comment in "configure.in" that explained why defining
HAVE_UNISTD_H was a bad idea, as we're not obliged to define it and work
around the problem. (The comment in "file_wrapper.c" explains the
workaround.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1463
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 06:07:53 +0000 (06:07 +0000)]
Get the NLPID value for ISIS from "nlpid.h", and report the NLPID value
in ISIS packets with "nlpid_vals".
Report the NLPID value in CLNP packets with "nlpid_vals" as well.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1462
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 05:41:24 +0000 (05:41 +0000)]
Add the NLPID value for PPP.
In Q.931 and Q.2931, the TR 9577 values are NLPIDs, so use "nlpid_vals"
to dissect them, and values from "nlpid.h" to refer to them.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1461
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 04:49:54 +0000 (04:49 +0000)]
X.25-over-Ethernet, as I'm inferring it works (i.e., the payload of the
packet is just an X.25 packet).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1460
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 03:18:34 +0000 (03:18 +0000)]
Indicate that the RFC for SDP is 2327.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1459
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 03:12:07 +0000 (03:12 +0000)]
Indicate that the RFC for RTSP is 2326.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1458
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 03:07:26 +0000 (03:07 +0000)]
Changes from Jason to make some RTSP fields filterable.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1457
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 00:53:09 +0000 (00:53 +0000)]
Assign a frame number to a frame only when reading frame data from a
file, not when filtering or colorizing packets - filtering shouldn't
change the frame number of a frame (yes, this means that a filtered
display won't necessarily have packets numbered contiguously 1 through N
- that's a feature).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1456
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 13 Jan 2000 00:41:11 +0000 (00:41 +0000)]
Export the list of OSI NLPIDs in "nlpid.h", for use by the CDP
dissector.
Add a "value_string" table for NLPIDs to the OSI dissector, and export
it for use by the CDP dissector.
Fix the CDP dissector as per the documentation in
http://www.cisco.com/univercd/cc/td/doc/product/lan/trsrb/frames.htm
and as per some traces we have with CDP data in them.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1455
f5534014-38df-0310-8fa8-
9805f1628bb7
oabad [Wed, 12 Jan 2000 22:07:56 +0000 (22:07 +0000)]
Add an "Hex. Dump" radio button to the "Contents of TCP stream" window. It
displays the contents of the TCP connexion in hexadecimal.
The two opposite directions of the conversation are displayed side by side.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1454
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 12 Jan 2000 20:00:19 +0000 (20:00 +0000)]
For the Cisco OUI, always add the protocol ID to the tree if we're
constructing a protocol tree.
Don't add the protocol ID for unknown OUIs unless we're constructing a
protocol tree.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1453
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 12 Jan 2000 19:37:24 +0000 (19:37 +0000)]
Cisco CDP packets appears to be sent as LLC packets with an OUI of
0x00000c and a protocol ID of 0x2000 - we used to recognize those as CDP
because we ignored the OUI and treated all LLC packets as
SNAP-encapsulated packets, and treated 0x2000 as an Ethertype, but we
now treat only encapsulated-Ethernet and Apple packets as
SNAP-encapsulated (and arguably we should handle Apple separately).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1452
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 12 Jan 2000 06:56:32 +0000 (06:56 +0000)]
Enough is enough. Requiring anybody who uses Ethereal on Linux to
update their libpcap probably isn't going to scale - the increasing
frequency with which "Ethereal hangs when I try to capture packets"
shows up on "ethereal-dev" suggests that, unless and until a libpcap
with the "select()" in it becomes ubiquitous on Linux, that'll be the
source of a constant support burden - so we'll just put the "select()"
in Ethereal if it's being built for Linux.
(Putting it in for platforms where the read timeout argument to
"pcap_open_live()" works adds an extra useless system call at best and,
at worst, could make Ethereal not work - "select()" doesn't work on
"/dev/bpf" devices on FreeBSD 3.3, at least, unless you're in "immediate
mode", and, whilst "immediate mode" would make Ethereal respond more
quickly when packets arrive, it might cause Ethereal to respond too
quickly, doing reads for every new packet rather than waiting for
multiple packets to arrive and reading them all with one "read()", which
appears to be at least part of the intent of the read timeout on
"/dev/bpf" devices in BSD.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1451
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Mon, 10 Jan 2000 23:43:15 +0000 (23:43 +0000)]
Remove the reference to my old samples directory on the web server;
the new ethereal web site contains a link to its own samples directory.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1450
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 10 Jan 2000 23:22:30 +0000 (23:22 +0000)]
Updates to the L2TP parser, from Laurent Cazalet and Thomas Parvais.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1449
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Mon, 10 Jan 2000 17:33:17 +0000 (17:33 +0000)]
Some initial changes for win32 support, but not all.
Added lots of #ifdef HAVE_*_H wrappers.
Added some #defines in config.h.win32
Check for more headers in configure.in
Added prototype for inet_aton() in inet_v6defs.h.
Changed "BYTE" token (i.e., #define) in ascend-gramamr.y because it
conflicts with a windows definition. Use HEXBYTE instead.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1448
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 10 Jan 2000 01:44:00 +0000 (01:44 +0000)]
Move the code in "column.c" that implements the column preferences tab
into "gtk/column_prefs.c".
Get rid of "get_column_width()" - instead, export
"get_column_longest_string()", and have "get_column_width()"'s callers
make the GDK call to get the width of that string, so that "column.c"
contains no GTK+/GDK code.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1447
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 9 Jan 2000 20:28:26 +0000 (20:28 +0000)]
Add a man page for "editcap".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1446
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 9 Jan 2000 20:05:37 +0000 (20:05 +0000)]
Make "editcap" one of the standard targets, so it's built and installed
by default.
Use the automake mechanisms for it, and, having done so, arrange that it
not be linked with GTK+ (which it doesn't need) - it currently links
with libpcap, but that should be fixed as well. (It also needs a man
page.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1445
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sun, 9 Jan 2000 18:15:33 +0000 (18:15 +0000)]
Add finaly news item.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1443
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 9 Jan 2000 07:55:48 +0000 (07:55 +0000)]
Add to some comments notes on the meaning of DLT types 15 and 16 on
Linux systems with the isdn4linux patches; they help make DLT types even
less useful than they were after the various flavors of BSD proceeded to
add their own types past 14, with no coordination whatosever, so that
they overlapped, rendering it impossible to read a libpcap capture file
without knowing what particular OS generated it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1442
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 8 Jan 2000 23:49:33 +0000 (23:49 +0000)]
Don't recompute "cf->count" when filtering packets - the recomputation
will just give it the value it's always had, as packets are counted
regardless of whether they pass the filter or not (which is what we
want).
Given that, so there's no need for a separate "cf->unfiltered_count"
value, so get rid of it and use "cf->count" instead.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1441
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 8 Jan 2000 23:34:50 +0000 (23:34 +0000)]
Allow people to print packets if there are packets to print, even if
we're in the middle of an "Update list of packets in real time" capture.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1440
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 8 Jan 2000 21:56:29 +0000 (21:56 +0000)]
Fix my typo in a variable name.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1439
f5534014-38df-0310-8fa8-
9805f1628bb7
gram [Sat, 8 Jan 2000 19:37:11 +0000 (19:37 +0000)]
I finally got autoconf, automake, and the plugins to behave together.
The distro is buildable finally. I had to change "plugins/gryphon" from
a separately configured (i.e., "./configure") package to a member of
the main ethereal autoconf package so that PLUGIN_DIR could be passed
to plugins/gryphon/Makefile.am. In doing so, I had to get rid of
plugins/gryphon/config.h which had PACKAGE and VERSION #defined, the latter
of which was actually used in packet-gryphon.c. So I moved those two
#defines into a new file, plugins/gryphon/moduleinfo.h.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1438
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 7 Jan 2000 22:05:43 +0000 (22:05 +0000)]
Fix Gerald's e-mail address.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1437
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 7 Jan 2000 21:53:24 +0000 (21:53 +0000)]
Indicate the RFC that specifies L2TP.
Update Gerald's e-mail address.
Make some variables static.
Make some *other* variables auto, as they don't need to have static
storage duration.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1436
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 7 Jan 2000 09:24:59 +0000 (09:24 +0000)]
Include L2TP support in the list of new features in 0.8.1.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1435
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 7 Jan 2000 09:13:21 +0000 (09:13 +0000)]
The L2TP dissector is by John Thomes, not John Thomas.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1434
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 7 Jan 2000 09:10:22 +0000 (09:10 +0000)]
Add John Thomas' L2TP dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1433
f5534014-38df-0310-8fa8-
9805f1628bb7