git.samba.org - obnox/wireshark/wip.git/log

Include the "-D" flag in the usage message.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1533 f5534014-38df-0310-8fa8-9805f1628bb7

Heikki Vatiainen's patch to add a flag to control whether to interpret
the IPv4 TOS field as a TOS field or as a DiffServ field, and allow that
field to be controlled by a command-line option or an option in the
"Display:Options" dialog box.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1532 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a bunch of dissectors to use "pi.captured_len" rather than
"fd->cap_len" for the frame length - or to use macros such as
"BYTES_ARE_IN_FRAME()", "IS_DATA_IN_FRAME()", and "END_OF_FRAME", which
use "pi.captured_len" - so that they correctly handle frames where the
actual data length of the packet is less than the size of the raw frame,
e.g. with encapsulations such as ISL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1531 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a bunch of dissectors to use "pi.captured_len" rather than
"fd->cap_len" for the frame length - or to use macros such as
"BYTES_ARE_IN_FRAME()", "IS_DATA_IN_FRAME()", and "END_OF_FRAME", which
use "pi.captured_len" - so that they correctly handle frames where the
actual data length of the packet is less than the size of the raw frame,
e.g. with encapsulations such as ISL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1530 f5534014-38df-0310-8fa8-9805f1628bb7

Add some new SAP values from

http://www.optimized.com/COMPENDI/REF-SAP.htm

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1529 f5534014-38df-0310-8fa8-9805f1628bb7

xDLC frames other than I and UI frames may have a payload, e.g. TEST
frames; rename "XDLC_HAS_PAYLOAD()" to "XDLC_IS_INFORMATION()", and if
the frame isn't an "information" frame, dissect its payload (if any) as
data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1528 f5534014-38df-0310-8fa8-9805f1628bb7

Put the PID of SNAP frames into the protocol tree regardless of whether
the frame has a payload or not.

Note in a comment that in one capture there's a U frame with a function
of TEST, rather than UI, that appears to have a payload.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1527 f5534014-38df-0310-8fa8-9805f1628bb7

When computing the total frame length of an 802.3 frame, add to the
value in the length field not only the Ethernet MAC header size, but
also the offset in the frame of the Ethernet MAC header, so that, if the
802.3 frame is encapsulated in some other type of frame, the total frame
length includes the header for that frame as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1526 f5534014-38df-0310-8fa8-9805f1628bb7

In "dissect_eth()", update "pi.len" and "pi.captured_len" regardless of
whether we're building a protocol tree or not.

Make "dissect_eth()" use "BYTES_ARE_IN_FRAME()" to see if we have a full
Ethernet header - it can be called with a non-zero offset, if Ethernet
frames are encapsulated inside other frames (e.g., ATM LANE).

Make capture routines take an "offset" argument if the corresponding
dissect routine takes one (for symmetry, and for Cisco ISL or any other
protocol that encapsulates Ethernet or Token-Ring frames inside other
frames).

Pass the frame lengths to capture routines via the "pi" structure,
rather than as an in-line argument, so that they can macros such as
"BYTES_ARE_IN_FRAME()" the way the corresponding dissect routines do.

Make capture routines update "pi.len" and "pi.captured_len" the same way
the corresponding diseect routines do, if the capture routines then call
other capture routines.

Make "capture_vlan()" count as "other" frames that are too short, the
way other capture routines do.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1525 f5534014-38df-0310-8fa8-9805f1628bb7

Merge Paul Ionescu's CDP fixes with Guy's. Add #defines to oui.h for Cisco
IOS 9.0 and bridged frame relay and update packet-llc.c accordingly. Add
CDP handler to capture_llc() in packet-llc.c.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1524 f5534014-38df-0310-8fa8-9805f1628bb7

Allow "-w" and/or "-R" to be specified either when doing a live capture
or when reading a saved capture file; if "-w" is specified, the packets
captured or read from the file are written to the specified file rather
than being dissected and printed, and if "-R" is specified, only packets
that pass the specified read filter are dissected and printed or
written.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1523 f5534014-38df-0310-8fa8-9805f1628bb7

Fix files that had Gilbert's old e-mail address or that didn't have my
forwarding e-mail address.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1522 f5534014-38df-0310-8fa8-9805f1628bb7

Give "dissect_rpc_string()" an extra "char **" argument; if it's
non-null, it returns through that argument a pointer to the displayed
version of the string, otherwise it just frees that string.

Use that to put, in the tree item for READDIR and READDIRPLUS reply
directory entry items, the file name from the directory entry.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1521 f5534014-38df-0310-8fa8-9805f1628bb7

Add "proto_item_set_text()", which sets the "representation" field of an
existing protocol tree item.

Add "proto_tree_add_notext()"; it's just like "proto_tree_add_text()",
but without the text, and it sets the "representation" field to NULL;
that field would be set later with "proto_item_set_text()".

Those routines let you construct, for example, an interior node of the
protocol tree whose text can't be determined until all the nodes under
it have been dissected - it's similar to "proto_item_set_len()" in that
fashion.

Use that when dissecting address TLVs in the CDP dissector - create the
item for an address in an "Addresses" TLV with no text, and then fill in
the items under it one at a time; if we get cut off before we get to the
actual address, set the text to "Truncated address", otherwise set it to
a description of the address.

Also, set the length of the item for the entire address TLV correctly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1520 f5534014-38df-0310-8fa8-9805f1628bb7

"tm_mon" in a "struct tm" is 0-based, not 1-based; when printing the
month number, add 1 to "tm_mon".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1519 f5534014-38df-0310-8fa8-9805f1628bb7

Add URL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1518 f5534014-38df-0310-8fa8-9805f1628bb7

Add stuff to add platform-specific compiler flags; currently, we have
only flags for HP's ANSI C compiler, as suggested by Jost Martin.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1517 f5534014-38df-0310-8fa8-9805f1628bb7

Add "-L" flags to LDFLAGS, not LIBS, and get rid of all the exotic
searching that tries to figure out in what directory libpcap lives - we
should treat "-L" just like "-I", rather than adding a ton of
complication to do it the way the autoconf maintainers think, for some
reason, it should be done (by adding "-L" flags to LIBS - "-L" flags
don't specify libraries, so I have no clue why they think they belong in
LIBS; they specify a search path for libraries, just as "-I" flags
specify a search path for header files, so they strike me as "flags to
the linker" rather than "libraries", and LDFLAGS, unlike LIBS, appears
before *all* "-l" flags, including those specified by PCAP_LIBS and so
on).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1516 f5534014-38df-0310-8fa8-9805f1628bb7

Applied the vines part of Joerg's vines patch.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1515 f5534014-38df-0310-8fa8-9805f1628bb7

Joerg Mayer's updates to the VINES dissector and to protocol layers
above VINES.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1514 f5534014-38df-0310-8fa8-9805f1628bb7

Gerrit Gehnen's patch to add support for the "Inactive Subset" of the
ISO 8473 CLNP protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1513 f5534014-38df-0310-8fa8-9805f1628bb7

The headers of HP-UX 9.04 and HP-UX 10.20 nettl files seem to be different.
Check for both "magic numbers".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1512 f5534014-38df-0310-8fa8-9805f1628bb7

Put the RFC number for PPTP into the introductory comment.

Fix a bunch of byte-order problems, as noted by Thomas Quinot in Debian
bug 55347, although his fix addressed only the byte-order problems, not
the blithely-fetching-through-a-possibly-unaligned-pointer problems that
said code also had; we fix both of them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1511 f5534014-38df-0310-8fa8-9805f1628bb7

Include CFLAGS in the command to build "rdps".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1510 f5534014-38df-0310-8fa8-9805f1628bb7

Use "strrchr()" instead of "rindex()" - "strrchr()" is the routine the
ANSI C standard specifies.

Fix up some menu stuff that should've been fixed when I put "Find Frame"
and "Go To Frame" under "Edit".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1509 f5534014-38df-0310-8fa8-9805f1628bb7

Last dissectors for NFS v3 are finally done.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1508 f5534014-38df-0310-8fa8-9805f1628bb7

New constants for ftype3 decoding.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1507 f5534014-38df-0310-8fa8-9805f1628bb7

Put into the "Capture Preferences" dialog box a check box to control
whether, in a live capture that updates the display as packets arrive,
the packet list pane should scroll to show the most recently captured
packets or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1506 f5534014-38df-0310-8fa8-9805f1628bb7

Put the "Find Frame" and "Go To Frame" menu items under "Edit"; leave
them under "Display" as well for now.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1505 f5534014-38df-0310-8fa8-9805f1628bb7

Jerry Talkington's changes to support, in the packet list and protocol
tree panes, menus popped up by the right mouse button.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1504 f5534014-38df-0310-8fa8-9805f1628bb7

Squelch some complaints from GCC (and protect against the admittedly
unlikely possibility that, on some platform, converting a "gpointer" to
pointers of the types in question involves more than just reinterpreting
the bits of the "gpointer" value).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1503 f5534014-38df-0310-8fa8-9805f1628bb7

Use "strchr()" rather than "index()" - the ANSI C standard specifies
"strchr()", and it, unlike "index()", is declared in <string.h>.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1502 f5534014-38df-0310-8fa8-9805f1628bb7

Add Makefile.nmake to list of deliverables. I had sent Thomas Parvais
a tarball from the current CVS image using "make dist". That's why
he sent an e-mail today saying that the gtk/Makefile.namek was not
in CVS. It's in CVS, but it wasn't in the tarball I sent him.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1501 f5534014-38df-0310-8fa8-9805f1628bb7

We have to #include "plugins.h" before using the HAVE_PLUGINS define.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1500 f5534014-38df-0310-8fa8-9805f1628bb7

Add a "-F" flag, to allow the format of a file being written to be
specified. This will be of more use when I allow "-w" to be used when
reading an existing capture file rather than doing a live capture (which
will also allow you to specify a read filter, and thus to write a
capture file containing those packets from an existing capture file that
match a given display filter).

Fix up some messages to say "tethereal" rather than "ethereal".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1499 f5534014-38df-0310-8fa8-9805f1628bb7

Small patch to editcap to allow ranges of packets to be specified
as well as individual packets.

I needed to grab quite a few from the middle of a large capture file.

Will eventually need to sort the extract list.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1498 f5534014-38df-0310-8fa8-9805f1628bb7

Add a "-x" flag to Tethereal, to make it print a hex and ASCII dump of
the packet data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1497 f5534014-38df-0310-8fa8-9805f1628bb7

Get rid of the include of "util.h" that some dissectors do - it's not
necessary.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1496 f5534014-38df-0310-8fa8-9805f1628bb7

Move the routine to get a list of the network interfaces on the system
to "util.c", and provide a routine to free that list as well.

When picking an interface on which to do a capture (if no "-i" flag was
specified), use that routine, and pick the first interface on the list.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1495 f5534014-38df-0310-8fa8-9805f1628bb7

The NetBSD zlib problem is probably the same as the FreeBSD and OpenBSD
zlib problems, and my workaround appears to handle that problem, so
let's reenable zlib support in NetBSD and look into it in more detail if
there's still a problem.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1494 f5534014-38df-0310-8fa8-9805f1628bb7

Rename "save_LIBS" to "ethereal_save_LIBS", to reduce the risk of a name
collision with another variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1493 f5534014-38df-0310-8fa8-9805f1628bb7

Don't exclude register.c from the distribution tarball because we
no longer optionally compile the snmp dissector. But I left the dist-hook
line in the Makefile.am in case we're ever in that situation again.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1492 f5534014-38df-0310-8fa8-9805f1628bb7

Add in a couple of the artifacts produced from autoconf/automake

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1491 f5534014-38df-0310-8fa8-9805f1628bb7

Remove libltdl from the build. The directory is still in CVS, but it is
not used in the build. I'll wait a few days to remove the libltdl
directory, just in case.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1490 f5534014-38df-0310-8fa8-9805f1628bb7

Move top-level window creation to separate function outside of
main().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1489 f5534014-38df-0310-8fa8-9805f1628bb7

Add missing #ifdef HAVE_PLUGINS before calling init_plugins()

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1488 f5534014-38df-0310-8fa8-9805f1628bb7

Add a call to init_plugins() in order to read the plugins.status file and
enable plugins if their saved status is "active".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1487 f5534014-38df-0310-8fa8-9805f1628bb7

As we're not using the default action for AC_CHECK_LIB in
AC_ETHEREAL_PCAP_CHECK, we have to explicitly define HAVE_LIBPCAP if we
find it, otherwise it doesn't get defined.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1486 f5534014-38df-0310-8fa8-9805f1628bb7

Pass the number of packets to be captured to "capture()" as an argument,
rather than making it static.

Don't print the "Capturing on <interface>" message until you actually
start capturing, and print it regardless of whether the interface was
explicitly specified or not (that's what snoop and tcpdump do).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1485 f5534014-38df-0310-8fa8-9805f1628bb7

Arrange that, on Solaris, we link with "-lkstat" if necessary when
linking with "-lsnmp".

Link only Ethereal and Tethereal with "-lpcap"; don't link editcap, or
any of the test programs that the configure script builds, with it
(because that means you also have to arrange that those test programs be
linked with @SOCKET_LIBS@ and @NSL_LIBS@) - i.e., don't add it to LIBS,
add it to PCAP_LIBS, and use that only for programs that need it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1484 f5534014-38df-0310-8fa8-9805f1628bb7

Tethereal needs the same set of additional objects that Ethereal does;
make it link with them.

Provide dependencies for Tethereal as well.

Tethereal may need to be linked with "-lsocket" and/or "-lnsl"; check
for that, and arrange that it be linked with them if necessary.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1483 f5534014-38df-0310-8fa8-9805f1628bb7

If no "-i" flag is specified to Tethereal when no file is to be read,,
or to Ethereal when the "-k" flag is specified, i.e. when a capture is
to be started immediately, use "pcap_lookupdev()" to pick an interface,
just as tcpdump does.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1482 f5534014-38df-0310-8fa8-9805f1628bb7

When configuring for GLib, we have to include gmodule support; the GTK+
options include it automatically, but the GLib options don't, and
Tethereal links with GLib but not with GTK+.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1481 f5534014-38df-0310-8fa8-9805f1628bb7

Fix up a bunch of places where a pointer into the packet buffer was cast
to a type requiring 2-byte or better alignment and was then
dereferenced; doing that requires that the code generated by your
compiler not trap if it makes an unaligned reference, and on most RISC
processors the code generated by the compiler *will* trap on an
unaligned reference by default.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1480 f5534014-38df-0310-8fa8-9805f1628bb7

Merge in the final code to make Ethereal run on Win32, compiled
with MSVC 6.0 and 'nmake', the make tool that comes with MSVC.

It compiles, links, and runs. It doesn't run correctly. There's a problem
when reading files. I'm getting short reads. I'm not linking in zlib or
libsnmp because it first needs to be debugged.

I changed the plugin code to use gmodule instead of libltdl, but the
Unix build still links ethereal against libltdl. I'll fix that tonight; sorry
about leaving it in such a sad state, but I wanted to check in this code
before I left work on a Friday night. Ethereal still works, but the
building is less than optimal.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1479 f5534014-38df-0310-8fa8-9805f1628bb7

better command line syntax description

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1478 f5534014-38df-0310-8fa8-9805f1628bb7

Don't assume that the RX header is neatly aligned on a 4-byte boundary
in our address space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1477 f5534014-38df-0310-8fa8-9805f1628bb7

Set an initial (blank) filter to get around the peculiarities in RH
6.1's libpcap.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1476 f5534014-38df-0310-8fa8-9805f1628bb7

Fixed small typo in hex printing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1475 f5534014-38df-0310-8fa8-9805f1628bb7

Check for existence of cf.iface before calling capture(). Change
usage statement accordingly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1474 f5534014-38df-0310-8fa8-9805f1628bb7

Supply a patch that, at least on HP-UX 11.00, lets you specify to
"pcap_open_live()" a network interface name rather than a "dlpiN" name
(where "N" is the PPA for the device, as reported by lanscan).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1473 f5534014-38df-0310-8fa8-9805f1628bb7

Note that the Ethereal workaround for the libpcap timeout problem should
prevent Ethereal's GUI from hanging during a capture, even if libpcap on
your Linux system hasn't been patched.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1472 f5534014-38df-0310-8fa8-9805f1628bb7

Note that we can read "i4btrace" capture files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1471 f5534014-38df-0310-8fa8-9805f1628bb7

Note that the Ethereal distribution also comes with Tethereal and
editcap.

Expand the list of OSes on which Ethereal has (at least at one time)
been built and used.

Note that systems other than Solaris that use DLPI (e.g., HP-UX) may
also have "/dev" entries that can be made more widely readable and
writable to allow non-root users to capture packets.

Note that we can read "i4btrace" capture files.

Note that we now always do SNMP dissection, and that an external library
just allows us to do more sophisticated dissection.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1470 f5534014-38df-0310-8fa8-9805f1628bb7

Add "doc/editcap.pod" and "doc/tethereal.pod.template" to the
distribution.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1469 f5534014-38df-0310-8fa8-9805f1628bb7

Add "tethereal", a tty-oriented derivative of Ethereal that works like
Sun's snoop or like tcpdump.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1468 f5534014-38df-0310-8fa8-9805f1628bb7

Add "file_wrappers.c" to the list of things to compile with Microsoft
Visual C{++}.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1467 f5534014-38df-0310-8fa8-9805f1628bb7

Call the CDP entry listing addresses "Addresses", not "Address" - it can
have more than one address.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1466 f5534014-38df-0310-8fa8-9805f1628bb7

0x2000, for CDP, doesn't appear to be an Ethernet type - it's not
registered as a type for CDP, and CDP packets appear to be LLC packets
with an OUI of 00-00-0C, not the encapsulated Ethernet OUI of 00-00-00.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1465 f5534014-38df-0310-8fa8-9805f1628bb7

Fix "ascend-scanner.l" to include "file_wrappers.h" rather than the
defunct "file.h".

Make "file_wrappers.c" include "wtap.h", so that the WTAP_ERR_ZLIB_
values are defined.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1464 f5534014-38df-0310-8fa8-9805f1628bb7

We are obliged to define HAVE_UNISTD_H in "config.h"; to avoid the
hideous problem on FreeBSD 3.[23] (and perhaps other BSDs) if
HAVE_UNISTD_H is defined before "zlib.h" is included, turn "file_seek()"
into a subroutine defined in a file that *undefines* HAVE_UNISTD_H
before including "zlib.h", so that the *only* call to "gzseek()" is made
from a file that does not have HAVE_UNISTD_H defined when it includes
"zlib.h".

Move "file_error()" to that file while you're at it, so it holds all the
wrappers that hide the presence or absence of zlib from routines to read
capture files.

Turn "file.h", which declared those wrapper functions as well as wrapper
macros, into "file_wrapper.h" - it belongs with the "file_wrapper.c"
file that defines the wrapper functions, not with "file.c" which handles
higher-layer file access functions.

Remove the comment in "configure.in" that explained why defining
HAVE_UNISTD_H was a bad idea, as we're not obliged to define it and work
around the problem. (The comment in "file_wrapper.c" explains the
workaround.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1463 f5534014-38df-0310-8fa8-9805f1628bb7

Get the NLPID value for ISIS from "nlpid.h", and report the NLPID value
in ISIS packets with "nlpid_vals".

Report the NLPID value in CLNP packets with "nlpid_vals" as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1462 f5534014-38df-0310-8fa8-9805f1628bb7

Add the NLPID value for PPP.

In Q.931 and Q.2931, the TR 9577 values are NLPIDs, so use "nlpid_vals"
to dissect them, and values from "nlpid.h" to refer to them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1461 f5534014-38df-0310-8fa8-9805f1628bb7

X.25-over-Ethernet, as I'm inferring it works (i.e., the payload of the
packet is just an X.25 packet).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1460 f5534014-38df-0310-8fa8-9805f1628bb7

Indicate that the RFC for SDP is 2327.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1459 f5534014-38df-0310-8fa8-9805f1628bb7

Indicate that the RFC for RTSP is 2326.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1458 f5534014-38df-0310-8fa8-9805f1628bb7

Changes from Jason to make some RTSP fields filterable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1457 f5534014-38df-0310-8fa8-9805f1628bb7

Assign a frame number to a frame only when reading frame data from a
file, not when filtering or colorizing packets - filtering shouldn't
change the frame number of a frame (yes, this means that a filtered
display won't necessarily have packets numbered contiguously 1 through N
- that's a feature).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1456 f5534014-38df-0310-8fa8-9805f1628bb7

Export the list of OSI NLPIDs in "nlpid.h", for use by the CDP
dissector.

Add a "value_string" table for NLPIDs to the OSI dissector, and export
it for use by the CDP dissector.

Fix the CDP dissector as per the documentation in

http://www.cisco.com/univercd/cc/td/doc/product/lan/trsrb/frames.htm

and as per some traces we have with CDP data in them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1455 f5534014-38df-0310-8fa8-9805f1628bb7

Add an "Hex. Dump" radio button to the "Contents of TCP stream" window. It
displays the contents of the TCP connexion in hexadecimal.
The two opposite directions of the conversation are displayed side by side.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1454 f5534014-38df-0310-8fa8-9805f1628bb7

For the Cisco OUI, always add the protocol ID to the tree if we're
constructing a protocol tree.

Don't add the protocol ID for unknown OUIs unless we're constructing a
protocol tree.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1453 f5534014-38df-0310-8fa8-9805f1628bb7

Cisco CDP packets appears to be sent as LLC packets with an OUI of
0x00000c and a protocol ID of 0x2000 - we used to recognize those as CDP
because we ignored the OUI and treated all LLC packets as
SNAP-encapsulated packets, and treated 0x2000 as an Ethertype, but we
now treat only encapsulated-Ethernet and Apple packets as
SNAP-encapsulated (and arguably we should handle Apple separately).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1452 f5534014-38df-0310-8fa8-9805f1628bb7

Enough is enough. Requiring anybody who uses Ethereal on Linux to
update their libpcap probably isn't going to scale - the increasing
frequency with which "Ethereal hangs when I try to capture packets"
shows up on "ethereal-dev" suggests that, unless and until a libpcap
with the "select()" in it becomes ubiquitous on Linux, that'll be the
source of a constant support burden - so we'll just put the "select()"
in Ethereal if it's being built for Linux.

(Putting it in for platforms where the read timeout argument to
"pcap_open_live()" works adds an extra useless system call at best and,
at worst, could make Ethereal not work - "select()" doesn't work on
"/dev/bpf" devices on FreeBSD 3.3, at least, unless you're in "immediate
mode", and, whilst "immediate mode" would make Ethereal respond more
quickly when packets arrive, it might cause Ethereal to respond too
quickly, doing reads for every new packet rather than waiting for
multiple packets to arrive and reading them all with one "read()", which
appears to be at least part of the intent of the read timeout on
"/dev/bpf" devices in BSD.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1451 f5534014-38df-0310-8fa8-9805f1628bb7

Remove the reference to my old samples directory on the web server;
the new ethereal web site contains a link to its own samples directory.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1450 f5534014-38df-0310-8fa8-9805f1628bb7

Updates to the L2TP parser, from Laurent Cazalet and Thomas Parvais.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1449 f5534014-38df-0310-8fa8-9805f1628bb7

Some initial changes for win32 support, but not all.

Added lots of #ifdef HAVE_*_H wrappers.
Added some #defines in config.h.win32
Check for more headers in configure.in
Added prototype for inet_aton() in inet_v6defs.h.
Changed "BYTE" token (i.e., #define) in ascend-gramamr.y because it
conflicts with a windows definition. Use HEXBYTE instead.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1448 f5534014-38df-0310-8fa8-9805f1628bb7

Move the code in "column.c" that implements the column preferences tab
into "gtk/column_prefs.c".

Get rid of "get_column_width()" - instead, export
"get_column_longest_string()", and have "get_column_width()"'s callers
make the GDK call to get the width of that string, so that "column.c"
contains no GTK+/GDK code.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1447 f5534014-38df-0310-8fa8-9805f1628bb7

Add a man page for "editcap".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1446 f5534014-38df-0310-8fa8-9805f1628bb7

Make "editcap" one of the standard targets, so it's built and installed
by default.

Use the automake mechanisms for it, and, having done so, arrange that it
not be linked with GTK+ (which it doesn't need) - it currently links
with libpcap, but that should be fixed as well. (It also needs a man
page.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1445 f5534014-38df-0310-8fa8-9805f1628bb7

Add finaly news item.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1443 f5534014-38df-0310-8fa8-9805f1628bb7

Add to some comments notes on the meaning of DLT types 15 and 16 on
Linux systems with the isdn4linux patches; they help make DLT types even
less useful than they were after the various flavors of BSD proceeded to
add their own types past 14, with no coordination whatosever, so that
they overlapped, rendering it impossible to read a libpcap capture file
without knowing what particular OS generated it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1442 f5534014-38df-0310-8fa8-9805f1628bb7

Don't recompute "cf->count" when filtering packets - the recomputation
will just give it the value it's always had, as packets are counted
regardless of whether they pass the filter or not (which is what we
want).

Given that, so there's no need for a separate "cf->unfiltered_count"
value, so get rid of it and use "cf->count" instead.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1441 f5534014-38df-0310-8fa8-9805f1628bb7

Allow people to print packets if there are packets to print, even if
we're in the middle of an "Update list of packets in real time" capture.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1440 f5534014-38df-0310-8fa8-9805f1628bb7

Fix my typo in a variable name.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1439 f5534014-38df-0310-8fa8-9805f1628bb7

I finally got autoconf, automake, and the plugins to behave together.
The distro is buildable finally. I had to change "plugins/gryphon" from
a separately configured (i.e., "./configure") package to a member of
the main ethereal autoconf package so that PLUGIN_DIR could be passed
to plugins/gryphon/Makefile.am. In doing so, I had to get rid of
plugins/gryphon/config.h which had PACKAGE and VERSION #defined, the latter
of which was actually used in packet-gryphon.c. So I moved those two
#defines into a new file, plugins/gryphon/moduleinfo.h.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1438 f5534014-38df-0310-8fa8-9805f1628bb7

Fix Gerald's e-mail address.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1437 f5534014-38df-0310-8fa8-9805f1628bb7

Indicate the RFC that specifies L2TP.

Update Gerald's e-mail address.

Make some variables static.

Make some *other* variables auto, as they don't need to have static
storage duration.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1436 f5534014-38df-0310-8fa8-9805f1628bb7

Include L2TP support in the list of new features in 0.8.1.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1435 f5534014-38df-0310-8fa8-9805f1628bb7

The L2TP dissector is by John Thomes, not John Thomas.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1434 f5534014-38df-0310-8fa8-9805f1628bb7

Add John Thomas' L2TP dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1433 f5534014-38df-0310-8fa8-9805f1628bb7