obnox/wireshark/wip.git
17 years agoget-entry-by-name-u updates
nneul [Fri, 18 Jan 2002 21:46:51 +0000 (21:46 +0000)]
get-entry-by-name-u updates

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4570 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoslight improvements to afs parsing, bulkstatus still needs work
nneul [Fri, 18 Jan 2002 21:30:05 +0000 (21:30 +0000)]
slight improvements to afs parsing, bulkstatus still needs work

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4569 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMake the default for NDMP desegmentation TRUE, as is the case for most
guy [Fri, 18 Jan 2002 21:16:39 +0000 (21:16 +0000)]
Make the default for NDMP desegmentation TRUE, as is the case for most
other protocols running atop TCP (and which should be the case for *all*
of them, if it isn't so already; there's already a flag to control
desegmentation in TCP, and it should, by default, be possible to turn
that on and get desegmentation of all protocols).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4568 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoSquelch a valid compiler warning (passing a "char" to the "is..." macros
guy [Fri, 18 Jan 2002 19:46:19 +0000 (19:46 +0000)]
Squelch a valid compiler warning (passing a "char" to the "is..." macros
can give the wrong answer if the 8th bit of the "char" is set).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4567 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoPut back the check for gzseek() when building with the GTK+ build flags
guy [Fri, 18 Jan 2002 08:28:22 +0000 (08:28 +0000)]
Put back the check for gzseek() when building with the GTK+ build flags
(well, the check used to be a check for gzgets(), but we now have our
own version of that), so that, on a system with multiple versions of
zlib where the GTK+ -L flags get you an old version without gzgets(),
the configure fails, rather than the build failing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4566 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMemory freeing fix, from Jirka Novak.
guy [Fri, 18 Jan 2002 07:29:40 +0000 (07:29 +0000)]
Memory freeing fix, from Jirka Novak.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4565 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoSupport for hex dump mode in "Follow TCP Stream" window showing hex and
guy [Fri, 18 Jan 2002 07:25:22 +0000 (07:25 +0000)]
Support for hex dump mode in "Follow TCP Stream" window showing hex and
ASCII data, from Jirka Novak.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4564 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoThe time base in an EtherPeek capture isn't necessarily the start time
guy [Fri, 18 Jan 2002 01:08:36 +0000 (01:08 +0000)]
The time base in an EtherPeek capture isn't necessarily the start time
of the capture, so change some names and comments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4563 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoIt's EtherPeek, not Etherpeek, as WildPackets' Web site indicates.
guy [Fri, 18 Jan 2002 00:48:37 +0000 (00:48 +0000)]
It's EtherPeek, not Etherpeek, as WildPackets' Web site indicates.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4562 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoIn the EtherPeek file reader, keep the capture start time in a private
guy [Fri, 18 Jan 2002 00:25:50 +0000 (00:25 +0000)]
In the EtherPeek file reader, keep the capture start time in a private
data structure attached to the "wtap" structure, rather than in a
pseudo-header structure; get rid of the EtherPeek pseudo-header
structure, as it's not actually used as a pseudo-header, it's just used
as private data for the EtherPeek reader.

Get rid of an extra level of indentation in switch statements.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4561 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoThe packet length field in a TNS packet is 16 bits; make it an
guy [Fri, 18 Jan 2002 00:03:50 +0000 (00:03 +0000)]
The packet length field in a TNS packet is 16 bits; make it an
FT_UINT16.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4560 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUse "proto_tree_add_item()" whenever possible; this fixes some bugs
guy [Thu, 17 Jan 2002 20:47:33 +0000 (20:47 +0000)]
Use "proto_tree_add_item()" whenever possible; this fixes some bugs
where the wrong "proto_tree_add_XXX" routine was being called.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4559 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMark un-reassembled TCP segments as (possibly) being un-reassembled, by
guy [Thu, 17 Jan 2002 09:28:22 +0000 (09:28 +0000)]
Mark un-reassembled TCP segments as (possibly) being un-reassembled, by
setting the "pinfo->fragmented" flag.

If a ReportedBoundsError occurs, flag the frame as being an
unreassembled packet, not an unreassembled fragmented packet, as it may
have been segmented across TCP segment boundaries rather than being part
of an IPv4/IPv6/CLNP/etc. fragmented/segmented packet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4558 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDo desegmentation.
guy [Thu, 17 Jan 2002 09:25:55 +0000 (09:25 +0000)]
Do desegmentation.

Collapse the two loops through the TCP segment into one.

Use "tvb_reported_length()", not "tvb_length()", to find out how big the
TCP segment is ("tvb_length()" says how much of it was captured, not how
much of it there is).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4557 f5534014-38df-0310-8fa8-9805f1628bb7

17 years ago"pinfo->desegment_len" is initialized by TCP only if desegmentation is
guy [Thu, 17 Jan 2002 09:24:05 +0000 (09:24 +0000)]
"pinfo->desegment_len" is initialized by TCP only if desegmentation is
being done; otherwise, it contains random data.  As such, don't use it
as a way for the SSL2 and SSL3 record dissectors to indicate to the
top-level SSL dissector that the last record is continued in a
subsequent TCP segment - pass a pointer to a flag and have the record
dissectors set that flag if they record that we need to do
desegmentation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4556 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUse the "fragmented" field of the "packet_info" structure in
guy [Thu, 17 Jan 2002 06:29:20 +0000 (06:29 +0000)]
Use the "fragmented" field of the "packet_info" structure in
"dissect_frame()" to indicate whether a ReportedBoundsError was due to
the packet being malformed (i.e., the packet was shorter than it's
supposed to be, so the dissector went past the end trying to extract
fields that were supposed to be there) or due to it not being
reassembled (i.e., the packet was fragmented, and we didn't reassemble
it, but just treated the first fragment as the entire packet, so the
dissector went past the end trying to extract fields that were partially
or completely in fragments after that).  Mark the latter as being
unreasembled rather than malformed.

Properly initialize, save, and restore that field, and properly set it,
so that works.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4555 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoPut the "-s" option in the SYNOPSIS section.
guy [Wed, 16 Jan 2002 21:06:22 +0000 (21:06 +0000)]
Put the "-s" option in the SYNOPSIS section.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4554 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoSCTP support in text2pcap, and fix to usage message for "-u", from
guy [Wed, 16 Jan 2002 21:05:10 +0000 (21:05 +0000)]
SCTP support in text2pcap, and fix to usage message for "-u", from
Michael Tuexen.

Documentation of SCTP support in text2pcap, from me.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4553 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Mark Burton: reinstate data segment digest handling, and stop the
guy [Wed, 16 Jan 2002 20:25:07 +0000 (20:25 +0000)]
From Mark Burton: reinstate data segment digest handling, and stop the
SCSI dissector from treating data digests as payload.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4552 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoTethereal needs to allocate space for col_expr[] and col_expr_val[] too.
gram [Tue, 15 Jan 2002 23:11:02 +0000 (23:11 +0000)]
Tethereal needs to allocate space for col_expr[] and col_expr_val[] too.
Capturing with non-verbose output being printed segfaulted w/o this.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4551 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoCollapse the two entries for Mark Burton into one.
guy [Tue, 15 Jan 2002 23:07:20 +0000 (23:07 +0000)]
Collapse the two entries for Mark Burton into one.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4550 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMake the label for the SCTP checksum type preference item indicate that
guy [Tue, 15 Jan 2002 23:05:36 +0000 (23:05 +0000)]
Make the label for the SCTP checksum type preference item indicate that
it's a checksum type (and remove "SCTP", as that's redundant), and make
the blurb explain it in a bit more detail.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4549 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Michael Tuexen:
guy [Tue, 15 Jan 2002 22:58:06 +0000 (22:58 +0000)]
From Michael Tuexen:

- Support of the crc32c algorithm.
- Selection of the checksum algorithm (none, adler-32, crc32c,
  automatic) in the preferences/protocols menu.
- Display of the IP address in asconf chunks.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4548 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Marc Milgram: fix to allow VMS TCPIPtrace files that don't have
guy [Tue, 15 Jan 2002 20:18:02 +0000 (20:18 +0000)]
From Marc Milgram: fix to allow VMS TCPIPtrace files that don't have
exactly 3 spaces before the word "TCPIPtrace" to be recognized.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4547 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Martti Kuparinen: update the HMIPv6 support to match the latest
guy [Tue, 15 Jan 2002 20:11:10 +0000 (20:11 +0000)]
From Martti Kuparinen: update the HMIPv6 support to match the latest
draft (draft-ietf-mobileip-hmipv6-05.txt).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4546 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoInclude <resolv.h> after "globals.h", as, at least on some platforms,
guy [Tue, 15 Jan 2002 20:09:55 +0000 (20:09 +0000)]
Include <resolv.h> after "globals.h", as, at least on some platforms,
headers included by "globals.h" define MAXNAMELEN, and <resolv.h>
defines it if it's not already defined.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4545 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoCorrectly handle BGP attributes with lists of entries when the attribute
guy [Tue, 15 Jan 2002 10:12:17 +0000 (10:12 +0000)]
Correctly handle BGP attributes with lists of entries when the attribute
has the "extended length" flag set - the starting offset of the list
depends on whether the "extended length" bit was set or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4544 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix some preferences to eliminate the extra copy of the protocol name at
guy [Tue, 15 Jan 2002 10:01:21 +0000 (10:01 +0000)]
Fix some preferences to eliminate the extra copy of the protocol name at
the beginning, and to use underscores rather than periods where the
preference's name really isn't part of a hierarchical namespace.

Use "%u" rather than "%d" to print unsigned quantities.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4543 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoWhen checking whether to do DCERPC-over-SMB reassembly on a Read and X
guy [Tue, 15 Jan 2002 09:42:26 +0000 (09:42 +0000)]
When checking whether to do DCERPC-over-SMB reassembly on a Read and X
response, don't assume that we saw the request and therefore that
"si->sip" is non-null - we might well not have seen the request and thus
might not have set "si->sip".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4542 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Ronnie Sahlberg:
girlich [Mon, 14 Jan 2002 13:16:31 +0000 (13:16 +0000)]
From Ronnie Sahlberg:
this fixes the bug that nfs name snooping did not work for nfs v2.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4541 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoNFSv3 fsstat reply label texts explanded. "afiles" and similar names were not
girlich [Mon, 14 Jan 2002 12:22:58 +0000 (12:22 +0000)]
NFSv3 fsstat reply label texts explanded. "afiles" and similar names were not
really that useful.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4540 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoGive each LDAP packet its own top-level protocol tree item. (This also
guy [Mon, 14 Jan 2002 03:01:13 +0000 (03:01 +0000)]
Give each LDAP packet its own top-level protocol tree item.  (This also
means if there are no complete LDAP packets in a TCP segment, there is
no LDAP top-level protocol tree item, which is as it should be.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4539 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAdd support for TCP desegmentation.
guy [Mon, 14 Jan 2002 02:50:28 +0000 (02:50 +0000)]
Add support for TCP desegmentation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4538 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoGet the current value of Boolean preferences before adding widgets for
guy [Mon, 14 Jan 2002 01:14:52 +0000 (01:14 +0000)]
Get the current value of Boolean preferences before adding widgets for
them (by putting back a line that got accidentally deleted in a previous
checkin).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4537 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAdd a preferences page for the name resolution flags.
guy [Sun, 13 Jan 2002 20:35:12 +0000 (20:35 +0000)]
Add a preferences page for the name resolution flags.

Separate the preferences value for those flags and the name resolution
code's value into separate variables; this means that the resolution
code no longer depends on the preferences code, and may let us
eventually have the current setting and the preference setting differ
(so that a user can temporarily override the preference setting without
causing subsequent saves of the preferences to save the temporary
value).

Add routines to create various types of widgets for preferences, and to
fetch the values for "enumerated" preferences, and use them both in the
code to handle hardwired preference pages and table-driven preference
pages.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4536 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoPut the labels of check boxes to the left of the checkboxes,
guy [Sat, 12 Jan 2002 11:09:09 +0000 (11:09 +0000)]
Put the labels of check boxes to the left of the checkboxes,
right-aligned, and give all of them a colon at the end, to match the
style of other preferences.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4535 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoGet rid of unused variables.
guy [Sat, 12 Jan 2002 11:02:47 +0000 (11:02 +0000)]
Get rid of unused variables.

Put the labels of check boxes to the left of the checkboxes,
right-aligned, and give all of them a colon at the end, to match the
style of module preferences.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4534 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Ronnie Sahlberg: file handle to file name resolution in NFS and
guy [Sat, 12 Jan 2002 10:24:47 +0000 (10:24 +0000)]
From Ronnie Sahlberg: file handle to file name resolution in NFS and
related protocols.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4533 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoWhile you're at it, use the key for the auto scroll option checkbox for
guy [Sat, 12 Jan 2002 09:19:59 +0000 (09:19 +0000)]
While you're at it, use the key for the auto scroll option checkbox for
the pointer to the auto scroll options checkbox....

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4532 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMake the key for the capture preference window's pointer to the auto
guy [Sat, 12 Jan 2002 09:13:50 +0000 (09:13 +0000)]
Make the key for the capture preference window's pointer to the auto
scroll option checkbox distinct from the key for the pointer to the
real-time capture option checkbox, so thee auto scroll option checkbox
can be fetched.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4531 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoSupport for BSD Compress, MVRCA, and Deflate compression options in
guy [Fri, 11 Jan 2002 21:37:10 +0000 (21:37 +0000)]
Support for BSD Compress, MVRCA, and Deflate compression options in
CCP, from Motonori Shindo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4530 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Guy Harris, after checking his Python code.
gram [Fri, 11 Jan 2002 14:33:04 +0000 (14:33 +0000)]
From Guy Harris, after checking his Python code.

Some compilers don't mind zero-length arrays, but MSVC++ 6.0 does.

"ncp2222.py" was generating a zero-length "ett[]" array.  Make it generate
the "ett[]" array and the call to "proto_register_subtree_array()"
only if the list of items for "ett[]" is non-empty CVS:

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4529 f5534014-38df-0310-8fa8-9805f1628bb7

17 years ago"void" values cannot be returned, even by a "void" function.
guy [Fri, 11 Jan 2002 11:07:21 +0000 (11:07 +0000)]
"void" values cannot be returned, even by a "void" function.

The "downstream" flag is a Boolean; treat it as such.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4528 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDeclare "capture()" appropriately.
guy [Fri, 11 Jan 2002 11:04:03 +0000 (11:04 +0000)]
Declare "capture()" appropriately.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4527 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoPut in a comment giving various Internet Draft names for ICMPv6 stuff we
guy [Fri, 11 Jan 2002 09:19:54 +0000 (09:19 +0000)]
Put in a comment giving various Internet Draft names for ICMPv6 stuff we
handle.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4526 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix some more signed vs. unsigned issues.
guy [Fri, 11 Jan 2002 09:12:26 +0000 (09:12 +0000)]
Fix some more signed vs. unsigned issues.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4525 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUpdate the man page to reflect user interface changes.
guy [Fri, 11 Jan 2002 09:02:15 +0000 (09:02 +0000)]
Update the man page to reflect user interface changes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4524 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoLabel the window popped up by "Capture->Start" "Capture Options", not
guy [Fri, 11 Jan 2002 08:55:02 +0000 (08:55 +0000)]
Label the window popped up by "Capture->Start" "Capture Options", not
"Capture Preferences", to avoid confusion with the "Capture" item in the
"Preferences" dialog (which sets the initial default values for the
"Capture Options" dialog).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4523 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Jirka Novak:
guy [Fri, 11 Jan 2002 08:21:02 +0000 (08:21 +0000)]
From Jirka Novak:

Support for generating filter expressions based on packet list
    column values
Support for adding filter expressions generated from column or
    protocol tree field values to the current expression rather
    than replacing the current expression

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4522 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoHave a routine to create a scrolled window, set its vertical scrollbar
guy [Fri, 11 Jan 2002 07:40:32 +0000 (07:40 +0000)]
Have a routine to create a scrolled window, set its vertical scrollbar
preference, and add it to the list of scrolled windows; call that
routine to create scrolled windows, rather than creating it and calling
other routines to do the other two operations.

As "set_scrollbar_placement_all()" and "set_ctree_styles_all()" always
set the styles to match the user's preference, don't have them take an
argument, have them just use the user's preference settings.

Get rid of unnecessary includes of "prefs_dlg.h", replacing them with
includes of "prefs.h" if necessary.  Don't have "prefs_dlg.h" include
"prefs.h" - its sole purpose is to declare routines defined in
"prefs_dlg.c" - and add any additional includes of "prefs.h" this
requires.

Get rid of unnecessary includes of "prefs.h" and "gtkglobals.h".

Fix up white space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4521 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoHave routines to create GtkCTrees, set their line and expander style
guy [Fri, 11 Jan 2002 06:43:18 +0000 (06:43 +0000)]
Have routines to create GtkCTrees, set their line and expander style
based on the user's UI preferences, and add them to a list of GtkCTrees.
Use those routines to create all GtkCTrees.

Have a routine to update the preferences for all of those GtkCTrees.
Call that routine whenever the preferences change.

Label the line and expander style preferences as "Tree line style" and
"Tree expander style", as they no longer apply only to protocol trees.

Move the routines to maintain a list of scrolled windows, and to update
scrollbar placement for scrolled windows, to "ui_util.c".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4520 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoOh, what the heck, write out FDDI and bit-swapped FDDI as the same type
guy [Fri, 11 Jan 2002 02:51:31 +0000 (02:51 +0000)]
Oh, what the heck, write out FDDI and bit-swapped FDDI as the same type
in Sniffer Classic files; there's nothing we can do about those
platforms that bit-swap FDDI addresses before handing them to DLPI or
whatever, so we'll just let people live with wrong FDDI addresses (or
maybe someday put in code to bit-swap them before writing them out to
the capture file).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4519 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Nagarjuna Venna: only display the reason in BYE RTCP packets if
guy [Thu, 10 Jan 2002 22:21:14 +0000 (22:21 +0000)]
From Nagarjuna Venna: only display the reason in BYE RTCP packets if
it's present.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4518 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Irfan Khan: don't use bitfields.
guy [Thu, 10 Jan 2002 22:07:49 +0000 (22:07 +0000)]
From Irfan Khan: don't use bitfields.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4517 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAs per a comment from Ronnie Sahlberg, display TCP sequence numbers in
guy [Thu, 10 Jan 2002 11:27:57 +0000 (11:27 +0000)]
As per a comment from Ronnie Sahlberg, display TCP sequence numbers in
the list of segments in a desegmented PDU as unsigned, rather than
signed.

Fix some other displays of unsigned quantities with "%d" while we're at
it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4516 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix more unsigned items to be displayed with "%u" rather than "%d", as
guy [Thu, 10 Jan 2002 11:21:21 +0000 (11:21 +0000)]
Fix more unsigned items to be displayed with "%u" rather than "%d", as
per Martti Kuparinen's comments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4515 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoSeparate the promiscuous mode, "Update list of packets in real time",
guy [Thu, 10 Jan 2002 11:05:50 +0000 (11:05 +0000)]
Separate the promiscuous mode, "Update list of packets in real time",
and "Automatic scrolling in live capture" options from the preference
settings for them, so that the preference settings affect the initial
values of those options, but changing those values in a capture don't
affect the preferences, and don't automatically get saved when you save
the preferences.

If we're building without libpcap, don't have an "Automatic scrolling in
live capture" option anywhere.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4514 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix some problems with building Ethereal/Tethereal without libpcap.
guy [Thu, 10 Jan 2002 09:51:23 +0000 (09:51 +0000)]
Fix some problems with building Ethereal/Tethereal without libpcap.

Get rid of a #include I'd #if 0'ed out.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4513 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoThe filetime is an unsigned quantity, so display it with %u, as per
guy [Thu, 10 Jan 2002 09:49:35 +0000 (09:49 +0000)]
The filetime is an unsigned quantity, so display it with %u, as per
Martti Kuparinen's comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4512 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDon't break out of a loop from inside TRY clause; set a flag and break
guy [Thu, 10 Jan 2002 08:06:25 +0000 (08:06 +0000)]
Don't break out of a loop from inside TRY clause; set a flag and break
after the ENDTRY.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4511 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAdd a preferences page for capture preferences, so that the user can
guy [Thu, 10 Jan 2002 07:43:39 +0000 (07:43 +0000)]
Add a preferences page for capture preferences, so that the user can
directly edit the capture preferences, rather than only being able to
set them implicitly from the values for the most recent capture.

Add a preferences item for the interface on which to capture.

Get rid of some unused variables.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4510 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAllow NCP types to define bitfields. In order to implement
gram [Thu, 10 Jan 2002 04:44:34 +0000 (04:44 +0000)]
Allow NCP types to define bitfields. In order to implement
sub-trees, I added new functions to ptvcursor:

ptvcursor_add_no_advance()
ptvcursor_tvbuff()
ptvcursor_current_offset()

Note that no NCP type that actually uses bitfields has been
checked in yet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4509 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoSCSI dissector, and changes to make the iSCSI dissector use it, from
guy [Thu, 10 Jan 2002 01:28:45 +0000 (01:28 +0000)]
SCSI dissector, and changes to make the iSCSI dissector use it, from
Dinesh Dutt.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4508 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoProvide a --disable-usr-local flag to configure so that
gram [Wed, 9 Jan 2002 23:21:55 +0000 (23:21 +0000)]
Provide a --disable-usr-local flag to configure so that
-I/usr/local/include and -L/usr/local/lib aren't automatically added
to the build flags.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4507 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoHMIPv6 fix, from Martti Kuparinen.
guy [Wed, 9 Jan 2002 19:13:03 +0000 (19:13 +0000)]
HMIPv6 fix, from Martti Kuparinen.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4506 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAdd DHCPv6 dissector to Windows build.
guy [Wed, 9 Jan 2002 02:55:38 +0000 (02:55 +0000)]
Add DHCPv6 dissector to Windows build.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4505 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDHCPv6 dissector, based on draft-ietf-dhc-dhcpv6-22.txt.
itojun [Wed, 9 Jan 2002 02:51:46 +0000 (02:51 +0000)]
DHCPv6 dissector, based on draft-ietf-dhc-dhcpv6-22.txt.
note that protocol constants are subject to change.
(packet format is also subject to change.  but 22 draft should go
to wg last call very soon, and I really hope it to be the final one...)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4504 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Marc Milgram: all packets in DBS Etherwatch and VMS TCPIPTRACE
guy [Tue, 8 Jan 2002 22:30:29 +0000 (22:30 +0000)]
From Marc Milgram: all packets in DBS Etherwatch and VMS TCPIPTRACE
captures are IP packets, so make the file encapsulation
WTAP_ENCAP_RAW_IP rather than WTAP_ENCAP_PER_PACKET, so you can save
those captures in other formats.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4503 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDon't process a color filter if there's no filter associated with it.
guy [Tue, 8 Jan 2002 21:35:17 +0000 (21:35 +0000)]
Don't process a color filter if there's no filter associated with it.

Don't put a color filter into the list of color filters if we can't
allocate the colors for the filter.

Clean up white space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4502 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom M.C. van den Bovenkamp: 00:B0:D0 now belongs to Dell. (The IEEE
guy [Tue, 8 Jan 2002 20:58:14 +0000 (20:58 +0000)]
From M.C. van den Bovenkamp: 00:B0:D0 now belongs to Dell.  (The IEEE
OUI listing from

http://standards.ieee.org/regauth/oui/oui.txt

agrees with that.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4501 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Tom Uijldert: fix to supply a non-null string argument to
guy [Tue, 8 Jan 2002 20:51:16 +0000 (20:51 +0000)]
From Tom Uijldert: fix to supply a non-null string argument to
"proto_tree_add_string_format()", so the item has a value, and so that
Ethereal doesn't just crash.

Get rid of some uses of "tvb_length()" - use "tvb_reported_length()", or
-1, instead (so that we don't quit when we run out of captured data).

Use "g_warning()", as other dissectors do, for reporting problems with
packets.  (They should really put it into the protocol tree, instead,
but that's another matter....)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4500 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUse "proto_tree_add_item()", not "proto_tree_add_bytes()", to add an
guy [Tue, 8 Jan 2002 20:11:57 +0000 (20:11 +0000)]
Use "proto_tree_add_item()", not "proto_tree_add_bytes()", to add an
item for extra data at the end of the Transaction2 request parameters.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4499 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAdd a routine to kill a capture child if it exists, so that if we exit
guy [Tue, 8 Jan 2002 09:32:15 +0000 (09:32 +0000)]
Add a routine to kill a capture child if it exists, so that if we exit
(by deleting the main window or selecting File->Quit or typing ^Q) while
an "Update list of packets in real time" capture is in progress, we can
abort the capture.

Arrange that "fork_child" is -1 when there is no capture child, so said
routine knows when it can kill the child.

When we exit, kill off any capture child, using that routine, and, if
we're exiting due to a request to delete the main window and, if a read
is in progress (from an "Update list of packets in real time" capture),
don't delete the main window - just set the "Read aborted" flag, so that
the code doing the read will see that flag (it will be called because
the pipe to the capture child is closed due to the child exiting) will
see that and clean up and exit itself.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4498 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoIf a ReportedBoundsError exception occurs, report it as a "malformed
guy [Tue, 8 Jan 2002 07:17:55 +0000 (07:17 +0000)]
If a ReportedBoundsError exception occurs, report it as a "malformed
packet" rather than a "malformed frame" - the packet in question might
be part of a link-layer frame or might span more than one link-layer
frame.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4497 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUse "%u", not "%d", to print unsigned quantities.
guy [Tue, 8 Jan 2002 07:14:08 +0000 (07:14 +0000)]
Use "%u", not "%d", to print unsigned quantities.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4496 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMatch requests and responses using both the MID and the PID; the SNIA
guy [Tue, 8 Jan 2002 05:52:05 +0000 (05:52 +0000)]
Match requests and responses using both the MID and the PID; the SNIA
CIFS draft spec speaks of both being used:

The multiplex ID (Mid) is used along with the Pid to allow
multiplexing the single client and server connection among the
client's multiple processes, threads, and requests per thread.
Clients may have many outstanding requests (up to the negotiated
number, MaxMpxCount) at one time.  Servers MAY respond to
requests in any order, but a response message MUST always
contain the same Mid and Pid values as the corresponding request
message.  The client MUST NOT have multiple outstanding requests
to a server with the same Mid and Pid.

and I have seen a capture where more than one PID is used on a given
connection and where the same MID is used with two different PIDs.

Get rid of the "mid" field in the "smb_info_t" structure - the MID is
not used outside "dissect_smb()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4495 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoVendor ID lookup fix, from David Frascone.
guy [Mon, 7 Jan 2002 20:05:20 +0000 (20:05 +0000)]
Vendor ID lookup fix, from David Frascone.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4494 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUpdates from Tim Potter.
guy [Mon, 7 Jan 2002 19:55:48 +0000 (19:55 +0000)]
Updates from Tim Potter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4493 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoClean up white space.
guy [Mon, 7 Jan 2002 01:05:33 +0000 (01:05 +0000)]
Clean up white space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4492 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoCatch ReportedBoundsError exceptions when dissecting an RPC-over-TCP
guy [Mon, 7 Jan 2002 00:59:26 +0000 (00:59 +0000)]
Catch ReportedBoundsError exceptions when dissecting an RPC-over-TCP
call/reply, and report the error but don't re-throw the exception; that
way, we can continue to dissect additional RPC messages in the frame or
reassembled chunk of data, even if one of them happens to be too short
for what's in it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4491 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoShuffle a comment, and clean up white space.
guy [Mon, 7 Jan 2002 00:57:46 +0000 (00:57 +0000)]
Shuffle a comment, and clean up white space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4490 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoCatch ReportedBoundsError exceptions when dissecting the payload of an
guy [Mon, 7 Jan 2002 00:16:32 +0000 (00:16 +0000)]
Catch ReportedBoundsError exceptions when dissecting the payload of an
NBSS session message, and report the error but don't re-throw the
exception; that way, we can continue to dissect additional NBSS messages
in the frame or reassembled chunk of data, even if one of them happens
to be too short for what's in it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4489 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoThere's no need for two separate "Extension Length" fields - you can
guy [Sat, 5 Jan 2002 22:09:17 +0000 (22:09 +0000)]
There's no need for two separate "Extension Length" fields - you can
add a 1-byte item for a FT_UINT16 field.

Don't create a separate tvbuff for the extensions, just use the tvbuff
handed to us and start dissecting at the beginning of the extensions.

Use the reported length, not the captured length, to indicate how much
to dissect, so that if the frame was cut short by the snapshot length,
we throw a "Short Frame" exception.

Use "proto_tree_add_item()", not "proto_tree_add_bytes()", to add an
item for the data in an unknown extension.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4488 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix a typo.
guy [Sat, 5 Jan 2002 21:49:36 +0000 (21:49 +0000)]
Fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4487 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Ronnie Sahlberg: use size from encapsulation instead of how many
guy [Sat, 5 Jan 2002 20:08:47 +0000 (20:08 +0000)]
From Ronnie Sahlberg: use size from encapsulation instead of how many
bytes were dissected since there can be padding bytes after the ndmp pdu
and to the end of what size said it would be, and some other cleanups.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4486 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAdditional sanity checks, from Ronnie Sahlberg.
guy [Sat, 5 Jan 2002 20:05:53 +0000 (20:05 +0000)]
Additional sanity checks, from Ronnie Sahlberg.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4485 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoLong NCP traces can easily have many packets whose "uniqueness"
gram [Sat, 5 Jan 2002 04:12:17 +0000 (04:12 +0000)]
Long NCP traces can easily have many packets whose "uniqueness"
variables wrap-around. Since the request/reply packets are related via
a hash based on these uniqueness variables, long NCP traces can
have mis-matches reqeust/reply records.

Thus, only do the hash-lookup for the reply packet during the first
sequential scan of the trace file. Once the pertinent info is found,
store it in the packet's private data area.

Since the memory allocated for the hash and for the structures that make
up the keys are no longer needed after the first sequential run through
the trace file, arrange to free that memory after the first sequential
run. Similar to the register_init_routine() that allows dissectors
to register callbacks for calling *before* a capture file is loaded,
set up a register_postseq_cleanup_routine() function that allows
dissectors to register callbacks for calling *after* the first
sequential run-through of the trace file is made. This is not
a *final* cleanup callback, since Ethereal will still have that trace file
open for random-access reading.

I didn't have tethereal call postseq_cleanup_all_protocols() since
tethereal doesn't keep the trace file open for random-access reading.
I could easily be swayed to make tethereal call that function, however.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4484 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFurther updates from Ronnie Sahlberg.
guy [Fri, 4 Jan 2002 23:53:40 +0000 (23:53 +0000)]
Further updates from Ronnie Sahlberg.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4483 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoIf the "parent directory" of what would be the personal configuration
guy [Fri, 4 Jan 2002 21:50:26 +0000 (21:50 +0000)]
If the "parent directory" of what would be the personal configuration
file directory is just a drive letter (e.g., if the directory is
"c:\Ethereal"), don't "stat()" it to see if it exists (as that'll fail,
falsely leading us to believe it needs to be created; the attempt to do
so will fail), just assume it exists.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4482 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Hamish Moffatt:
guy [Fri, 4 Jan 2002 21:20:20 +0000 (21:20 +0000)]
From Hamish Moffatt:

Additional Windows Makefile dependencies, so more stuff gets
built as needed.

Additional stuff cleaned up by "make clean" (well, "nmake -f
makefile.nmake clean", anyway)

Make PDB_FILE be "vc*.pdb", so it referes to the PDB files
either for VC++ 5.0 or VC++ 6.0.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4481 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoWTP reassembly, from Tom Uijldert.
guy [Fri, 4 Jan 2002 20:20:08 +0000 (20:20 +0000)]
WTP reassembly, from Tom Uijldert.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4480 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMost of NDMP, from Ronnie Sahlberg.
guy [Fri, 4 Jan 2002 19:55:03 +0000 (19:55 +0000)]
Most of NDMP, from Ronnie Sahlberg.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4479 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix up white space.
guy [Fri, 4 Jan 2002 08:57:09 +0000 (08:57 +0000)]
Fix up white space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4478 f5534014-38df-0310-8fa8-9805f1628bb7

17 years ago"proto_tree_is_visible" no longer exists as a global variable, so remove
guy [Fri, 4 Jan 2002 08:56:11 +0000 (08:56 +0000)]
"proto_tree_is_visible" no longer exists as a global variable, so remove
its declaration.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4477 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoTCP desegmentation support in SSL, from Scott Renfro.
guy [Fri, 4 Jan 2002 07:01:54 +0000 (07:01 +0000)]
TCP desegmentation support in SSL, from Scott Renfro.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4476 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Hamish Moffatt:
guy [Fri, 4 Jan 2002 06:57:10 +0000 (06:57 +0000)]
From Hamish Moffatt:

Add some missing files in the "clean" targets.

Use pod2html rather than man2html to build HTML man pages.

Fix ethereal.nsi.in for recent versions of NSIS, and fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4475 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoThrow a BoundsError if a length parameter in a tvbuff-accessor is < -1.
gram [Fri, 4 Jan 2002 06:45:14 +0000 (06:45 +0000)]
Throw a BoundsError if a length parameter in a tvbuff-accessor is < -1.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4474 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAs per Michael Tuexen's suggestion, set the libpcap open timeout to 1
guy [Fri, 4 Jan 2002 06:27:42 +0000 (06:27 +0000)]
As per Michael Tuexen's suggestion, set the libpcap open timeout to 1
second rather than 1/4 second on MacOS X, to workaround what appears to
be a MacOS BPF bug.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4473 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoIn "change_time_formats()" we can now check at the beginning whether
guy [Thu, 3 Jan 2002 22:27:44 +0000 (22:27 +0000)]
In "change_time_formats()" we can now check at the beginning whether
there are any columns whose time formats will change, and just return if
there aren't.

We also, however, need to set the "writable" flag on the columns before
doing that check, as "check_col()" checks whether the column in question
is writable; in this context, all columns are writable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4472 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMake the "go" member of the "loop_data" structure in Ethereal a
guy [Thu, 3 Jan 2002 22:03:24 +0000 (22:03 +0000)]
Make the "go" member of the "loop_data" structure in Ethereal a
"gboolean", as it's a Boolean value, and move it to the beginning of the
structure in Tethereal, as it is in Ethereal.

From Graeme Hewson:

Check for "pcap_dispatch()" returning -1, meaning an error
occurred; if it does, stop capturing, and report the error.

If we get a signal in tethereal, stop the capture with a
"longjmp()", rather than by clearning the "go" flag;
"pcap_dispatch()", on many platforms, keeps reading rather than
returning a captured packet count of 0 if the system call to
read packets returns -1 with an errno of EINTR, so the
"pcap_dispatch()" won't be broken out of if the signal handler
returns.

Fix a typo in an error message.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4471 f5534014-38df-0310-8fa8-9805f1628bb7