20 years agoAdd an item to the "File/Print" dialog box to ask that the full hex data
guy [Wed, 29 Sep 1999 22:19:24 +0000 (22:19 +0000)]
Add an item to the "File/Print" dialog box to ask that the full hex data
of the packet be printed (this is only done if "Print detail" is
selected; it should be grayed out of "Print summary" is selected).

If that item is selected, suppress the hex printing of uninterpreted
data items in the protocol tree.

Move some GTK+ keys not used outside of "gtk/print_dlg.c" from
"gtk/keys.h" into "gtk/print_dlg.c".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@736 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFixed assert error reported by Dewi Morgan <dewim@sco.com>.
gram [Wed, 29 Sep 1999 22:11:51 +0000 (22:11 +0000)]
Fixed assert error reported by Dewi Morgan <dewim@sco.com>.
After some bad dfilter parses, the top-level dfilter tree (global_df->dftree)
would erroneously be set to the last good dfilter_node that was parsed.
Later, the non-NULLness of the dftree made us clear it.. really confusing
GTK internals. After _that_, new GNodes created via g_node_new() would
all have the same address!

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@735 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded and extended Santeri Paavolainen's <santtu@ssh.fi> patch
gram [Wed, 29 Sep 1999 14:41:34 +0000 (14:41 +0000)]
Added and extended Santeri Paavolainen's <santtu@ssh.fi> patch
to avoid applying NULL dfilters while setting colorization dfilters
during an ongoing, screen-updating, capture.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@734 f5534014-38df-0310-8fa8-9805f1628bb7

20 years ago"snoop" seems to treat "IEEE 802.3" and "Ethernet" datalink types the
guy [Tue, 28 Sep 1999 01:19:01 +0000 (01:19 +0000)]
"snoop" seems to treat "IEEE 802.3" and "Ethernet" datalink types the
same (which raises the question "so why the heck are there two types?" -
note that the way you're supposed to tell Ethernet from 802.3 packets is
by looking at the value of the type/length field; both of them can be
transmitted on the same wire), so we'll treat them the same.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@733 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoReplace the parens around 'control' in the two macros that I modified. I
gram [Mon, 27 Sep 1999 13:51:54 +0000 (13:51 +0000)]
Replace the parens around 'control' in the two macros that I modified. I
accidentally removed them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@732 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDon't bother setting the length of the LLC header when we create the LLC
guy [Mon, 27 Sep 1999 08:39:10 +0000 (08:39 +0000)]
Don't bother setting the length of the LLC header when we create the LLC
tree to anything other than 0, as we're going to change it to the right
value once the control field has been parsed and we know the right value.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@731 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoWhen checking whether a control field is for a UI frame, you have to
guy [Mon, 27 Sep 1999 08:33:26 +0000 (08:33 +0000)]
When checking whether a control field is for a UI frame, you have to
check all the bits of the control field (otherwise, you're just checking
whether it's a U frame).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@730 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMask out unnecessary bits in control guint16 in order to properly
gram [Mon, 27 Sep 1999 03:12:55 +0000 (03:12 +0000)]
Mask out unnecessary bits in control guint16 in order to properly
compare against XDLC_I, XDLC_UI, and XDLC_U in XDLC_HAS_PAYLOAD() and

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@729 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoHandle the length of the LLC(+SNAP) header correctly for SNAP frames.
guy [Sun, 26 Sep 1999 20:40:00 +0000 (20:40 +0000)]
Handle the length of the LLC(+SNAP) header correctly for SNAP frames.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@728 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoHave "get_xdlc_control()" and "dissect_xdlc_control()" return the
guy [Sun, 26 Sep 1999 20:31:51 +0000 (20:31 +0000)]
Have "get_xdlc_control()" and "dissect_xdlc_control()" return the
xDLC control field, so that its caller can not only determine from it
whether the frame has a payload, but can also determine how long the
control field is.  Put macros in "xdlc.h" to determine both of those.

Have "capture_llc()" and "dissect_llc()" use that information

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@727 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded name resolution in GUI part:
deniel [Sun, 26 Sep 1999 14:40:01 +0000 (14:40 +0000)]
Added name resolution in GUI part:

- Capture->Start->"Active name resolution"

Allows the user to turn on/off name resolution
during a live capture.

- Display->Options->"Name resolution"

Turn on/off name resolution for the displayed
data (or during the -S mode).
E.g. clicking on a packet captured with
resolution disabled will resolve names in
the detailed list if this option is set.
And applying or resetting a display filter
allows the update of the packet list as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@726 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMake Information Frame honor is_extended variable when reading Control.
gram [Sun, 26 Sep 1999 13:34:10 +0000 (13:34 +0000)]
Make Information Frame honor is_extended variable when reading Control.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@725 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoSquelch a (justified, although the child process *shouldn't* ever send
guy [Sat, 25 Sep 1999 02:02:11 +0000 (02:02 +0000)]
Squelch a (justified, although the child process *shouldn't* ever send
us, at that point, a character with the 8th bit set) complaint about a
"char" array subscript in an "isdigit()" call by making the character

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@724 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoChanged version to 0.7.5
gram [Fri, 24 Sep 1999 14:59:32 +0000 (14:59 +0000)]
Changed version to 0.7.5

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@722 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDO NOT check for "unistd.h"; due to an unfortunate botch in the way
guy [Fri, 24 Sep 1999 06:38:22 +0000 (06:38 +0000)]
DO NOT check for "unistd.h"; due to an unfortunate botch in the way
"zlib" was built in FreeBSD 3.2 (and possibly other 4.4-Lite-derived
BSDs), if HAVE_UNISTD_H is defined before "zlib.h" is included, the
declaration of "gzseek()" in "zlib.h" expands to something that doesn't
match what's in the OS's "zlib".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@721 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix it so that it builds with "--disable-zlib".
guy [Fri, 24 Sep 1999 05:49:53 +0000 (05:49 +0000)]
Fix it so that it builds with "--disable-zlib".

The "fh" member of a "wtap" structure points to something constructed
from the "fd" member of that structure, so that closing the stream
referred to by "fh" also closes the underlying file descriptor; get rid
of an unnecessary close of "wth->fd".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@720 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoRe-enable progress bar movement during display filter processing.
gram [Fri, 24 Sep 1999 05:22:28 +0000 (05:22 +0000)]
Re-enable progress bar movement during display filter processing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@718 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMany more packaging changes. Lets compilation with new gtk subdirectory
gram [Fri, 24 Sep 1999 04:59:52 +0000 (04:59 +0000)]
Many more packaging changes. Lets compilation with new gtk subdirectory
work if build tree is different than source tree. Some wiretap files
had to be added to the list of deliverables.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@717 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIn "try_tempfile()", if the buffer is too short for the temporary file
guy [Fri, 24 Sep 1999 04:14:43 +0000 (04:14 +0000)]
In "try_tempfile()", if the buffer is too short for the temporary file
name, stuff as much of the name as will fit into the buffer before
returning an error, so the error message that gets displayed isn't
completely mangled.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@716 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPackaging changes
gram [Fri, 24 Sep 1999 03:43:09 +0000 (03:43 +0000)]
Packaging changes

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@715 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMoved version to 0.7.4; updated documentation.
gram [Fri, 24 Sep 1999 03:28:59 +0000 (03:28 +0000)]
Moved version to 0.7.4; updated documentation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@714 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDirk Bonne's fix to ICMP timestamp dissection.
guy [Thu, 23 Sep 1999 19:05:28 +0000 (19:05 +0000)]
Dirk Bonne's fix to ICMP timestamp dissection.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@713 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoClose the capture file in "do_capture()", right before unlinking the
guy [Thu, 23 Sep 1999 07:57:23 +0000 (07:57 +0000)]
Close the capture file in "do_capture()", right before unlinking the
current capture file if it's a temporary file, out of paranoia (so that
we don't get into a state where we have a capture file open but unlinked
- it's probably harmless to be in that state, as the file will remain
around until close, modulo NFS fun, and we may never be in that state
for very long, but I'd rather have it obviously stated in the code).

Remove the close in "capture()", and put one before the other call to
"capture()", in "main_realize_cb()" (is that call necessary, e.g. if you
pass "-r <filename>" *and* "-k", for some perverse reason, as
command-line arguments?).

If "cf.save_file" is non-null, free it before setting it, regardless of
whether it refers to a temporary file name or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@712 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIf we forcibly turn off "fork_mode" if the user doesn't enable "Update
guy [Thu, 23 Sep 1999 07:20:20 +0000 (07:20 +0000)]
If we forcibly turn off "fork_mode" if the user doesn't enable "Update
list of packets in real time" in the "Capture/Start" dialog box,
"ethereal -F" won't work - you get your choice of non-forked capture or

Don't have "fork_mode" track "sync_mode"; instead, in those places where
we check for "fork_mode", check for "sync_mode" as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@711 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoIn fork mode, close the capture file in "do_capture()", because the
guy [Thu, 23 Sep 1999 07:04:23 +0000 (07:04 +0000)]
In fork mode, close the capture file in "do_capture()", because the
child will nuke that file before we get to open the capture in
"tail_cap_file()" - assuming we do, because the capture may not start.

If we fail while writing to, or closing, a capture file we've opened for
writing, don't treat that as a capture error, as we may have saved at
least some packets to the capture file (that's the way it worked before
my recent checkins).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@710 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUpdate to reflect changes to the "Capture/Start" and "Display/Options"
guy [Thu, 23 Sep 1999 06:34:18 +0000 (06:34 +0000)]
Update to reflect changes to the "Capture/Start" and "Display/Options"
dialog boxes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@709 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMove the toolkit-independent code to create a temporary capture file,
guy [Thu, 23 Sep 1999 06:27:27 +0000 (06:27 +0000)]
Move the toolkit-independent code to create a temporary capture file,
and to fork off and run a separate copy of "ethereal" for "-S" and "-F"
captures or just call "capture()" otherwise, out of "gtk/capture_dlg.c"
and into a routine in "capture.c".

If the attempt to create said temporary capture file fails, pop up a
dialog box and don't do the capture.

Have the child capture process send a message upstream after it either
successfully starts the capture and syncs out the header of the capture
file, or fails to start the capture; the message indicates whether it
succeeded or failed, and, if it failed, includes a failure message.

avoids the use of a signal, and thus means we don't have to
worry about whether to capture the signal, or whether to start
or stop capturing depending on whether this particular capture
is in sync mode or not;

lets us pop up the message box for the error in the parent
process if we're in sync mode, rather than doing it in the
child, which didn't work well.

Add a check button to the Capture/Start dialog box, so that we can
control, for each capture, whether it's to be done in sync mode or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@708 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMake the buffer into which we read from the sync pipe one byte bigger
guy [Thu, 23 Sep 1999 05:55:56 +0000 (05:55 +0000)]
Make the buffer into which we read from the sync pipe one byte bigger
than the size of the reads we do, so that we have an extra byte at the
end into which we can stick a '\0' to guarantee null-termination of the

When reading the capture file in "tail_cap_file()", use "file_open()"
rather than "fopen()", so that we work correctly if we're using "zlib"
to read capture files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@707 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoGive it an RCS ID.
guy [Thu, 23 Sep 1999 05:26:18 +0000 (05:26 +0000)]
Give it an RCS ID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@706 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix the calculation of the temporary file name length in
guy [Thu, 23 Sep 1999 05:20:18 +0000 (05:20 +0000)]
Fix the calculation of the temporary file name length in
"try_tempfile()" - the first component of the name comes from the "dir"
argument, so use its length, not the length of the string in the buffer
it should fill in (said buffer may contain garbage, which may not *be* a
C string).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@705 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoGive it an RCS ID.
guy [Thu, 23 Sep 1999 05:03:32 +0000 (05:03 +0000)]
Give it an RCS ID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@704 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoWhen reading a capture file, we can detect whether it's compressed or
guy [Thu, 23 Sep 1999 05:00:59 +0000 (05:00 +0000)]
When reading a capture file, we can detect whether it's compressed or
not, so it's OK to use "zlib" to read capture files, as it handles
uncompressed files correctly.

When *writing* capture files, however, we can't detect automatically
whether the user wanted to write the file out as a compressed file or
not, so we should *NOT* use "zlib" until we add a flag to the API
specifying whether to write the file out as a compressed file or not.

Furthermore, the code in Ethereal that implements the "-S" flag depends
on being able to get the "FILE *" for a capture file being written, so
that it can "fflush()" it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@703 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoGet rid of unused variable.
guy [Thu, 23 Sep 1999 04:56:52 +0000 (04:56 +0000)]
Get rid of unused variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@702 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdds progress bar functionality back for loading files (it was changed to
ashokn [Thu, 23 Sep 1999 04:39:01 +0000 (04:39 +0000)]
Adds progress bar functionality back for loading files (it was changed to
bounce bar for compressed file support). Note that the progress bar may
not grow smoothly for compressed files, but it should be reasonably accurate
for files which are large enough to matter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@701 f5534014-38df-0310-8fa8-9805f1628bb7

20 years ago"sync_mode" isn't used in "file.c", so there's no need to declare it
guy [Thu, 23 Sep 1999 03:24:01 +0000 (03:24 +0000)]
"sync_mode" isn't used in "file.c", so there's no need to declare it
there (it's declared in "globals.h" in any case).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@700 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix to allow compressed file handling of Ascend captures
ashokn [Wed, 22 Sep 1999 07:37:46 +0000 (07:37 +0000)]
Fix to allow compressed file handling of Ascend captures

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@699 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAnother change to make packet-tr more intelligent with regard to
gram [Wed, 22 Sep 1999 05:40:12 +0000 (05:40 +0000)]
Another change to make packet-tr more intelligent with regard to
short packets. Also increased RIF processing from 18 to 30 bytes of RIF, as
I learned that the token-ring spec changed. Don't call next dissector
if there are no more bytes in packet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@698 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDocumentation for compressed file support
ashokn [Wed, 22 Sep 1999 01:38:00 +0000 (01:38 +0000)]
Documentation for compressed file support

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@697 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoOops - new file for zLib commit which I missed out.
ashokn [Wed, 22 Sep 1999 01:28:04 +0000 (01:28 +0000)]
Oops - new file for zLib commit which I missed out.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@696 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoThis commit contains support for reading capture files compressed using
ashokn [Wed, 22 Sep 1999 01:26:50 +0000 (01:26 +0000)]
This commit contains support for reading capture files compressed using
gzip. The zLib library is used for this purpose. If zLib is not available
(or it's use is disabled by the --disable-zlib option to configure), you
can still compile Ethereal but it will be unable to read compressed capture


Now all file accesses to capture files should be done through special macros.
Specifically, for any use of the following functions on capture files, replace them.
The arguments for the right-side functions are exactly the same as for the
original stdio functions.

fopen file_open
fdopen filed_open
fread file_read
fwrite file_write
fseek file_seek
fclose file_close
ferror file_error

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@695 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd code to dissect MX and LOC records ("sparc.com" has both).
guy [Tue, 21 Sep 1999 07:15:38 +0000 (07:15 +0000)]
Add code to dissect MX and LOC records ("sparc.com" has both).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@694 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoLine up the "configure --help" message for "--with-ucdsnmp", and explain
guy [Mon, 20 Sep 1999 21:11:06 +0000 (21:11 +0000)]
Line up the "configure --help" message for "--with-ucdsnmp", and explain
what the argument to that flag does.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@693 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded "Automatic scrolling in live capture".
deniel [Sun, 19 Sep 1999 16:03:46 +0000 (16:03 +0000)]
Added "Automatic scrolling in live capture".
This display option is disabled by default.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@692 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded "Automatic scrolling in live capture".
deniel [Sun, 19 Sep 1999 15:54:54 +0000 (15:54 +0000)]
Added "Automatic scrolling in live capture".
This display option is disabled by default.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@691 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFixed a bug found by Derek W Poon <dpoon@uclink.berkeley.edu>, where deleted
gerald [Sun, 19 Sep 1999 14:27:44 +0000 (14:27 +0000)]
Fixed a bug found by Derek W Poon <dpoon@uclink.berkeley.edu>, where deleted
filter list items were improperly removed from the filter list.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@690 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDecrease DNS resolving timeout.
deniel [Sat, 18 Sep 1999 16:01:52 +0000 (16:01 +0000)]
Decrease DNS resolving timeout.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@689 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoConvert OSI CLNP into new protocol tree dissectors.
deniel [Sat, 18 Sep 1999 15:51:31 +0000 (15:51 +0000)]
Convert OSI CLNP into new protocol tree dissectors.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@688 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoHandle the missing FT_BYTES field type.
deniel [Sat, 18 Sep 1999 15:44:41 +0000 (15:44 +0000)]
Handle the missing FT_BYTES field type.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@687 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoWhen we see a delimiter tag, if we've seen one before, we know how much
guy [Fri, 17 Sep 1999 06:25:41 +0000 (06:25 +0000)]
When we see a delimiter tag, if we've seen one before, we know how much
data corresponds to the attribute sequence belonging to the previous
delimiter tag, so set the length of the item for the previous delimiter

The "end of attributes" tag means "no more attributes after this, just
data"; dissect any stuff following it as data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@686 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd a "BYTES_ARE_IN_FRAME()" macro, to test whether there are a
guy [Fri, 17 Sep 1999 05:56:58 +0000 (05:56 +0000)]
Add a "BYTES_ARE_IN_FRAME()" macro, to test whether there are a
specified number of bytes of captured data in the frame at the specified
offset, and a "IS_DATA_IN_FRAME()" macro, to test whether there are any
bytes of captured data in the frame at the specified offset, and convert
some bounds checks to use them.

Add a dissector for the Internet Printing Protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@685 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFixed randpkt so it isn't linked to X11 libs. Removed randpkt from default
gram [Fri, 17 Sep 1999 04:38:23 +0000 (04:38 +0000)]
Fixed randpkt so it isn't linked to X11 libs. Removed randpkt from default
target list, so a 'make randpkt' is required if you want to build it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@684 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoChanged short packet handling in TR code to understand minimum-length
gram [Fri, 17 Sep 1999 04:20:23 +0000 (04:20 +0000)]
Changed short packet handling in TR code to understand minimum-length
TR packets (it's a variable-length header, remember). Added lots of
proto_tree-style fields to TRMAC code.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@683 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDerek W Poon <dpoon@uclink.berkeley.edu> pointed out that two examples listed
gerald [Thu, 16 Sep 1999 01:24:01 +0000 (01:24 +0000)]
Derek W Poon <dpoon@uclink.berkeley.edu> pointed out that two examples listed
"ether.src" instead of "eth.src".  Fixed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@682 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded Mark H. Wood's <mwood@IUPUI.edu> fix for unknown SAP types. It was
gram [Wed, 15 Sep 1999 22:33:17 +0000 (22:33 +0000)]
Added Mark H. Wood's <mwood@IUPUI.edu> fix for unknown SAP types. It was
an off-by-one error. I replicated his fix to another part of the code
that looks up the SAP types (when adding the information to the proto_tree).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@681 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoHandle short packets in the capture and dissect stages more intelligently.
gram [Wed, 15 Sep 1999 06:26:42 +0000 (06:26 +0000)]
Handle short packets in the capture and dissect stages more intelligently.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@680 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoChanged (again) the way that the FT_BOOLEAN field type works internally.
gram [Wed, 15 Sep 1999 06:13:21 +0000 (06:13 +0000)]
Changed (again) the way that the FT_BOOLEAN field type works internally.
Dissector code can add FT_BOOLEAN fields to the proto_tree and pass TRUE
or FALSE values (non-zero and zero values). The display filter language,
however, treats the checking for the existence of a FT_BOOLEAN field as
the checking for its truth. Before this change, packet-tr.c was the only
dissector using FT_BOOLEAN fields, and it only added the field to the
proto_tree if the TRUE; the dissector was determining the difference between
the check for existence and the check for truth.

I made this change because packet-ppp.c added some FT_BOOLEAN fields and
added them to the tree regardless of truth value, It's more natural just to
do it this way and let the display filter code worry about whether to
check for existence or truth. So that's how it works now.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@679 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoDaniel Ryde's patch to show the IP flags as 4 bits, rather than showing
guy [Tue, 14 Sep 1999 08:18:24 +0000 (08:18 +0000)]
Daniel Ryde's patch to show the IP flags as 4 bits, rather than showing
the full octet containing the flags and the upper 4 bits of the fragment

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@678 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPeter Torvals' Internet Cache Protocol dissector.
guy [Tue, 14 Sep 1999 08:06:47 +0000 (08:06 +0000)]
Peter Torvals' Internet Cache Protocol dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@677 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoHave a progress bar for "File/Print".
guy [Mon, 13 Sep 1999 23:45:22 +0000 (23:45 +0000)]
Have a progress bar for "File/Print".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@676 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded support for Lucent/Ascend "wdd" output.
gerald [Mon, 13 Sep 1999 03:52:53 +0000 (03:52 +0000)]
Added support for Lucent/Ascend "wdd" output.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@675 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUpdated documentation with Lucent/Ascend information.
gerald [Mon, 13 Sep 1999 03:51:09 +0000 (03:51 +0000)]
Updated documentation with Lucent/Ascend information.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@674 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd support for "wdd" trace output.
gerald [Mon, 13 Sep 1999 03:49:04 +0000 (03:49 +0000)]
Add support for "wdd" trace output.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@673 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMake "Expand all levels" and "Print as displayed" radio
guy [Sun, 12 Sep 1999 23:54:09 +0000 (23:54 +0000)]
Make "Expand all levels" and "Print as displayed" radio
buttons insensitive if "Print summary" is selected, and make them
sensitive if "Print detail" is selected, as they apply only to the
"print detail" output.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@672 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd a "Expand all levels"/"Print as displayed" pair of radio buttons to
guy [Sun, 12 Sep 1999 20:23:43 +0000 (20:23 +0000)]
Add a "Expand all levels"/"Print as displayed" pair of radio buttons to
the "File/Print" dialog box; "Expand all levels" means that all levels
of the protocol tree should be printed, while "Print as displayed" means
that only those levels shown in the display should be printed.

Free the table of column widths once printing is done.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@671 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoUse "dissect_data()" to put in the raw HTTP data, rather than doing it
guy [Sun, 12 Sep 1999 18:46:57 +0000 (18:46 +0000)]
Use "dissect_data()" to put in the raw HTTP data, rather than doing it
ourselves; that means we don't have to duplicate the stuff
"dissect_data()" does (including saying "1 byte" rather than "1 bytes" -
"dissect_data()" does that, but we weren't doing that), and also means
that when you print a packet, the data gets dumped.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@670 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPatch from Olivier Abad:
guy [Sun, 12 Sep 1999 18:37:01 +0000 (18:37 +0000)]
Patch from Olivier Abad:

packet-lapb.c :
check the validity of the first byte in the frame.

packet-x25.c :
- in get_x25_pkt_len() : check that we are not reading after the end of
the captured data
- in dissect_x25() : various checks to avoid reading after the end of
the captured data

- in dissect_x25() : use offset (and not 2) as the length of the
underlying protocol header.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@669 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoSome old CPP or tools that take C code in input do
deniel [Sun, 12 Sep 1999 14:34:36 +0000 (14:34 +0000)]
Some old CPP or tools that take C code in input do
not like #preprocessor_macros that do not start at
the first column.

So write:

#ifdef FOO
#  include <dummy1.h>
#  define DUMMY 1
#  include <dummy2.h>
#  define DUMMY 2

instead of

#ifdef FOO
  #include <dummy1.h>
  #define DUMMY 1
  #include <dummy2.h>
  #define DUMMY 2

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@668 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoReplace wrong '}' with ')' in #ifdef code
deniel [Sun, 12 Sep 1999 14:10:00 +0000 (14:10 +0000)]
Replace wrong '}' with ')' in #ifdef code

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@667 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd summary-vs-detail radio buttons to the print dialog box; detail
guy [Sun, 12 Sep 1999 06:11:51 +0000 (06:11 +0000)]
Add summary-vs-detail radio buttons to the print dialog box; detail
prints the protocol tree, and summary prints the fields in the summary
clist, with a header line at the beginning of the printout.

Print only packets selected by the current packet filter.

Just have "ARP" and "RARP" in the "Protocol" field for ARP packets;
whether it's a request or a reply can be seen in the "Info" field.

Add to the "Frame" section of the protocol tree the time between the
current packet and the previous displayed packet, and the packet number.
Have FT_RELATIVE_TIME fields be a "struct timeval", and display them as
seconds and fractional seconds (we didn't have any fields of that type,
and that type of time fits the delta time above).

Add an FT_DOUBLE field type (although we don't yet have anything using

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@666 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded filter items for PPP Multilink's fragemnt flags and session number.
gerald [Sat, 11 Sep 1999 22:40:30 +0000 (22:40 +0000)]
Added filter items for PPP Multilink's fragemnt flags and session number.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@665 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded Guy's patch to use the pseudo header facility to pass up the Ascend
gerald [Sat, 11 Sep 1999 22:36:38 +0000 (22:36 +0000)]
Added Guy's patch to use the pseudo header facility to pass up the Ascend

Also added filter items for the session and task number.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@664 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoGet rid of an unused variable.
guy [Sat, 11 Sep 1999 20:30:34 +0000 (20:30 +0000)]
Get rid of an unused variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@663 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoRegister cotp and clnp instead of simply osi to allow
deniel [Sat, 11 Sep 1999 16:41:19 +0000 (16:41 +0000)]
Register cotp and clnp instead of simply osi to allow
display filtering on those protocols and future
enhancements (other OSI protocols decoding).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@662 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoCollapse/Expand All protocol tree added in Display menu.
deniel [Sat, 11 Sep 1999 15:47:38 +0000 (15:47 +0000)]
Collapse/Expand All protocol tree added in Display menu.

Remove "experimental feature" warning in -S option description.

Should we remove -F option ?

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@661 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoCollapse/Expand All protocol tree added in Display menu.
deniel [Sat, 11 Sep 1999 12:38:18 +0000 (12:38 +0000)]
Collapse/Expand All protocol tree added in Display menu.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@660 f5534014-38df-0310-8fa8-9805f1628bb7

20 years ago"ascend_seek()" isn't used outside "ascend.c", so make it static to
guy [Sat, 11 Sep 1999 07:07:41 +0000 (07:07 +0000)]
"ascend_seek()" isn't used outside "ascend.c", so make it static to

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@659 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoInclude <string.h> to declare "memmove()".
guy [Sat, 11 Sep 1999 06:51:28 +0000 (06:51 +0000)]
Include <string.h> to declare "memmove()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@658 f5534014-38df-0310-8fa8-9805f1628bb7

20 years ago"ascend_read()" is local to "ascend.c" - declare it there, not in
guy [Sat, 11 Sep 1999 06:49:42 +0000 (06:49 +0000)]
"ascend_read()" is local to "ascend.c" - declare it there, not in

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@657 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoInclude "ascend.h" to declare "ascend_seek_read()".
guy [Sat, 11 Sep 1999 06:48:33 +0000 (06:48 +0000)]
Include "ascend.h" to declare "ascend_seek_read()".

"wtap_seek_read()" should return the value of "ascend_seek_read()" or

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@656 f5534014-38df-0310-8fa8-9805f1628bb7

20 years ago"capture.c" doesn't do socket "ioctl"s any more - the code to do that is
guy [Sat, 11 Sep 1999 06:23:28 +0000 (06:23 +0000)]
"capture.c" doesn't do socket "ioctl"s any more - the code to do that is
now in "gtk/capture_dlg.c" - so it doesn't need to include
<sys/sockio.h> on, for example, Solaris...

...but "gtk/capture_dlg.c" does need to include it.

"gtk/capture_dlg.c" also may need to include "snprintf.h", as it uses

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@655 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoOops - forgot to commit the Ascend header decoder..
gerald [Sat, 11 Sep 1999 05:32:33 +0000 (05:32 +0000)]
Oops - forgot to commit the Ascend header decoder..

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@654 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdd in ascend.c, ascend.h, ascend-grammar.y and ascend-scanner.l. These
gerald [Sat, 11 Sep 1999 04:53:26 +0000 (04:53 +0000)]
Add in ascend.c, ascend.h, ascend-grammar.y and ascend-scanner.l.  These
read and parse the Lucent/Ascend trace output.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@653 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded support for Lucent/Ascend packet traces. The MAX and Pipeline router
gerald [Sat, 11 Sep 1999 04:50:44 +0000 (04:50 +0000)]
Added support for Lucent/Ascend packet traces.  The MAX and Pipeline router
family has a set of debug commands that allow you to log the traffic on a
WAN or dialup connection as text, e.g.

RECV-iguana:241:(task: B04E12C0, time: 1975358.50) 15 octets @ 8003D634
  [0000]: FF 03 00 3D C0 06 C9 96 2D 04 C1 72 00 05 B8

Created wtap_seek_read() which parses the textual data for and Ascend
trace, and does a normal fseek() and fread() for any other file type.
The fseek()/fread() pairs in file.c were replaced with the new function.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@652 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded support for PPP Multilink Protocol (MP). Modified dissect_ppp_stuff
gerald [Sat, 11 Sep 1999 04:19:26 +0000 (04:19 +0000)]
Added support for PPP Multilink Protocol (MP).  Modified dissect_ppp_stuff
to recognize and handle protocol field compression.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@651 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded ip, tcp, and udp to randpkt.
gram [Fri, 10 Sep 1999 15:38:58 +0000 (15:38 +0000)]
Added ip, tcp, and udp to randpkt.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@650 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoGive "globals.h" an RCS ID and copyright/GPL notice.
guy [Fri, 10 Sep 1999 07:19:51 +0000 (07:19 +0000)]
Give "globals.h" an RCS ID and copyright/GPL notice.

Move some defines that would be used even by a non-GTK+-based Ethereal
from "gtk/main.h" to "globals.h".

Remove the byte-order #defines from "packet.h", as they're now in
"globals.h" (having been moved there from "gtk/main.h").

Fix up some files that use those #defines to include "globals.h".

"resolv.c" doesn't use any GTK stuff, so it needn't include <gtk/gtk.h>
nor "gtk/main.h" - it only did so to get the byte-order #defines for the
benefit of "packet-ipv6.h", and "packet-ipv6.h" now includes them

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@649 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoFix a comment, to reflect the demise of "ethereal.h".
guy [Fri, 10 Sep 1999 07:09:35 +0000 (07:09 +0000)]
Fix a comment, to reflect the demise of "ethereal.h".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@648 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoWe need to catch a "window delete" event for the preferences dialog box
guy [Fri, 10 Sep 1999 06:53:32 +0000 (06:53 +0000)]
We need to catch a "window delete" event for the preferences dialog box
- that event happens if, say, you nuke the dialog box from a window
manager - and call "delete" routines for each of the preferences tabs,
so that, for preferences tabs that include list widgets, we can set a
flag on the preferences tab widget telling the selection callback for
the list widget that the buttons it would normally set the sensitivity
of, based on whether any row in the list is selected or not, have Joined
the Choir Invisible, and therefore that we shouldn't change their
sensitivity because GTK+ will whine at us if we do, just as is the case
if we press the "OK" or "Cancel" button (which also cause the window to
go away).

Can we just do this in the "window delete" handler?  I.e., does that get
called if we explicitly destroy the widget?  Or should we catch a
"destroy" event instead?

(There must be a better way to do this....)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@647 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMake stuff used only in "filter_prefs.c" static to it.
guy [Fri, 10 Sep 1999 06:01:02 +0000 (06:01 +0000)]
Make stuff used only in "filter_prefs.c" static to it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@646 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoAdded random packet generator.
gram [Fri, 10 Sep 1999 05:15:17 +0000 (05:15 +0000)]
Added random packet generator.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@645 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoHave "fddifc_to_str()" return "Unknown frame type" for a frame type it
guy [Fri, 10 Sep 1999 04:53:14 +0000 (04:53 +0000)]
Have "fddifc_to_str()" return "Unknown frame type" for a frame type it
doesn't know about, and eliminate the check in "dissect_fddi()" where we
check if its return value was NULL and, if so, print "Unknown frame

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@644 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoChanged default return value of fddifc_to_str from NULL to "". The value
gram [Fri, 10 Sep 1999 03:16:08 +0000 (03:16 +0000)]
Changed default return value of fddifc_to_str from NULL to "". The value
is passed to col_add_str, which is then passed to strncpy, which, at least
in glibc 2.1, doesn't like NULL pointers passed to it in lieu of empty

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@643 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoExpand the message printed if "configure" can't find "net/bpf.h" to
guy [Thu, 9 Sep 1999 21:29:58 +0000 (21:29 +0000)]
Expand the message printed if "configure" can't find "net/bpf.h" to
remind you that if you've installed "libpcap" from source, you have to
do "make install-incl" as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@642 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoRemoved two cases where protocol decoding assumed that the data in the
gram [Thu, 9 Sep 1999 04:47:17 +0000 (04:47 +0000)]
Removed two cases where protocol decoding assumed that the data in the
packets were correct. Bad packets could cause segfaults.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@641 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut RCS IDs (and a copyright notice and GPL notice) in several files,
guy [Thu, 9 Sep 1999 04:25:49 +0000 (04:25 +0000)]
Put RCS IDs (and a copyright notice and GPL notice) in several files,
and fix up the introductory comment on some other files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@640 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut in an RCS ID (and a copyright notice and GPL notice; unfortunately,
guy [Thu, 9 Sep 1999 03:55:49 +0000 (03:55 +0000)]
Put in an RCS ID (and a copyright notice and GPL notice; unfortunately,
this causes "Makefile.in" to have two GPL notices - "Makefile.in" and
the "Makefile" generated from it are generated files, so maybe that's

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@639 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoPut in an RCS ID (and a copyright notice and GPL notice; unfortunately,
guy [Thu, 9 Sep 1999 03:45:57 +0000 (03:45 +0000)]
Put in an RCS ID (and a copyright notice and GPL notice; unfortunately,
this causes "Makefile.in" to have two GPL notices - "Makefile.in" and
the "Makefile" generated from it are generated files, so maybe that's

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@638 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoI forgot to include this file move in my last commit.
gram [Thu, 9 Sep 1999 03:35:32 +0000 (03:35 +0000)]
I forgot to include this file move in my last commit.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@637 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMore shuffling of GTK-related routines to gtk subdirectory.
gram [Thu, 9 Sep 1999 03:32:03 +0000 (03:32 +0000)]
More shuffling of GTK-related routines to gtk subdirectory.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@636 f5534014-38df-0310-8fa8-9805f1628bb7

20 years agoMore shuffling of GTK-related files to gtk subdirectory.
gram [Thu, 9 Sep 1999 02:42:40 +0000 (02:42 +0000)]
More shuffling of GTK-related files to gtk subdirectory.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@635 f5534014-38df-0310-8fa8-9805f1628bb7