obnox/wireshark/wip.git
14 years agoAdd makefiles
etxrab [Wed, 14 Dec 2005 21:04:42 +0000 (21:04 +0000)]
Add makefiles

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16800 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Grame Lunt:
etxrab [Wed, 14 Dec 2005 21:02:56 +0000 (21:02 +0000)]
From Grame Lunt:
Attached is a patch that updates -

* DOP - This has now been successfully tested and so is now enabled by default and workaround code removed.
Also now uses the correct EXPORTs from the other modules/dissectors.

* X509SAT - Most of the selected attributes are now supported in addition to the DirectoryString syntax attributes. This includes restoring the correct DirectoryString syntax and also providing the basic syntaxes (e.g. OBJECT IDENTIFIER, PrintableString). The latter requires a sed line in the Makefile which I assume should be OK? Not all the SAT can be defined in x509sat - so some have been included in x509if and x509af - though x509sat.cnf contains the master list and references the other dissectors where appropriate.

(I still prefer a syntax registration approach but I don't think that is going to be agreed in the short term.)

* X509IF - a mechanism to register some formating, based upon the hf_index, that is used in the cnf file.

* A couple of fixes identified by Stig.

Note the patc for dop did not apply don't regenerate dissectors yet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16799 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Graeme Lunt:
etxrab [Wed, 14 Dec 2005 20:45:15 +0000 (20:45 +0000)]
From Graeme Lunt:
Here is a patch for packet-ber.c that only includes the upgraded dissect_unknown_ber()

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16798 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Marc Petit-Huguenin
etxrab [Wed, 14 Dec 2005 20:43:39 +0000 (20:43 +0000)]
From Marc Petit-Huguenin

This is a patch that add support for the latest drafts[1] in the STUN dissectors. I choose to add TURN directly in the STUN dissector instead of creating a new dissector because of the decision at the latest IETF meeting[2] to redefine TURN as an use case of STUN.

[1] ftp://ftp.rfc-editor.org/in-notes/internet-drafts/draft-ietf-behave-rfc3489bis-02.txt
ftp://ftp.rfc-editor.org/in-notes/internet-drafts/draft-rosenberg-midcom-turn-08.txt
ftp://ftp.rfc-editor.org/in-notes/internet-drafts/draft-camarillo-midcom-turn-ipv6-00.txt
[2] http://www3.ietf.org/proceedings/05nov/minutes/behave.txt

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16797 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoUse src and dst instead of net_src.
etxrab [Wed, 14 Dec 2005 20:01:21 +0000 (20:01 +0000)]
Use src and dst instead of net_src.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16796 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoClose the dictionary files after reading from them.
lego [Wed, 14 Dec 2005 09:50:11 +0000 (09:50 +0000)]
Close the dictionary files after reading from them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16795 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoupdate Ethereal command line options -D and -i
ulfl [Wed, 14 Dec 2005 09:43:16 +0000 (09:43 +0000)]
update Ethereal command line options -D and -i

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16794 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agodocument latest command line changes:
ulfl [Wed, 14 Dec 2005 09:16:30 +0000 (09:16 +0000)]
document latest command line changes:

new: -D to list interfaces
changed: -i will also accept indices (rather than complete names only)

text copied from the tethereal.pod file

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16793 f5534014-38df-0310-8fa8-9805f1628bb7

14 years ago"a & b == c" is, in C, parsed as "a & (b == c)" - and if b and c are the
guy [Wed, 14 Dec 2005 07:33:07 +0000 (07:33 +0000)]
"a & b == c" is, in C, parsed as "a & (b == c)" - and if b and c are the
same, and have only one bit set, "(a & b) == c", which is what is
intended, is the same as "a & b".

In addition, we don't want to do desegmentation if "isup_apm_desegment"
isn't set, so that test should be ANDed with the other two tests.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16792 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoConstify a bunch of arguments and variables, to squelch compiler
guy [Wed, 14 Dec 2005 07:29:38 +0000 (07:29 +0000)]
Constify a bunch of arguments and variables, to squelch compiler
warnings.

Include "wiretap/libpcap.h" in "capture_loop.h", to get its declarations
of data structures for headers in libpcap files.  This lets us remove
the includes of "wiretap/libpcap.h from files including
"capture_loop.h".

Make "log_func_ignore()" in "tethereal.c" static, and declare some of
its arguments unused.  Also get rid of an unused variable.

Include <pcap.h> before including "wiretap/wtap-capture.h", to declare
"struct pcap_pkthdr".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16791 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agohmmm, the include sequence might be important too ...
ulfl [Wed, 14 Dec 2005 01:45:09 +0000 (01:45 +0000)]
hmmm, the include sequence might be important too ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16790 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoadd missing include
ulfl [Wed, 14 Dec 2005 00:10:23 +0000 (00:10 +0000)]
add missing include

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16789 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoadd a new directory 'test', currently containing an alpha test (using some simple...
ulfl [Tue, 13 Dec 2005 23:15:20 +0000 (23:15 +0000)]
add a new directory 'test', currently containing an alpha test (using some simple bash scripts) of the ethereal/tethereal command line parameters. See the file README.test for details.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16788 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoHUGE STEP (hopefully toward the right direction):
ulfl [Tue, 13 Dec 2005 22:48:58 +0000 (22:48 +0000)]
HUGE STEP (hopefully toward the right direction):
remove a lot of redundant code from tethereal and use (move) stuff from capture_loop.c instead.

concentrate common capture related code in capture_opts.c, e.g. trying to find the right interface to capture from (command line option, preference, first usable) instead of duplicating this code over several files.

remove redundant code from dumpcap.c

this also implements command line option -D (and indexed interfaces at -i) for Ethereal and Dumpcap (as we have it in Tethereal already for a while)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16787 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agowe don't use the command line option -W any longer, remove it from a comment
ulfl [Tue, 13 Dec 2005 22:35:28 +0000 (22:35 +0000)]
we don't use the command line option -W any longer, remove it from a comment

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16786 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agomake get_if_name() parameter if_text const, it's not changed inside
ulfl [Tue, 13 Dec 2005 22:33:55 +0000 (22:33 +0000)]
make get_if_name() parameter if_text const, it's not changed inside

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16785 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agowe are opening the file for writing....
lego [Tue, 13 Dec 2005 22:08:37 +0000 (22:08 +0000)]
we are opening the file for writing....

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16784 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agohandle sccp connections.
lego [Tue, 13 Dec 2005 22:07:09 +0000 (22:07 +0000)]
handle sccp connections.
(first step towards RANAP analysis).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16783 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAvoid the default sccp.ssn range to overwrite sccp.ssns of other dissectors.
lego [Tue, 13 Dec 2005 22:04:02 +0000 (22:04 +0000)]
Avoid the default sccp.ssn range to overwrite sccp.ssns of other dissectors.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16782 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoChange reassembly to include first empty segment, check if SLR exists.
etxrab [Tue, 13 Dec 2005 21:14:54 +0000 (21:14 +0000)]
Change reassembly to include first empty segment, check if SLR exists.
Change pinfo->src/dst to use SS7 address for reassembly to use the correct key.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16781 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoThrow an exception if we have an invalid offset. Fixes bug 585.
gerald [Tue, 13 Dec 2005 17:00:03 +0000 (17:00 +0000)]
Throw an exception if we have an invalid offset.  Fixes bug 585.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16780 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFix some bit mask tests - & has lower priority than !=, so "a & b != c"
guy [Tue, 13 Dec 2005 10:59:33 +0000 (10:59 +0000)]
Fix some bit mask tests - & has lower priority than !=, so "a & b != c"
means "a & (b != c)", not "(a & b) != c".

Put in a comment noting a potential problem with defragmentation,
pointed out by a compiler warning that apm_Segmentation_local_ref might
not be set before it's used.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16779 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoEscape question marks when they could be interpreted as part of a
guy [Tue, 13 Dec 2005 10:54:11 +0000 (10:54 +0000)]
Escape question marks when they could be interpreted as part of a
trigraph.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16778 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd tvb_fake_unicode().
guy [Tue, 13 Dec 2005 10:09:52 +0000 (10:09 +0000)]
Add tvb_fake_unicode().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16777 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoUpdate from samba tree revision 12185 to 12205
jmayer [Tue, 13 Dec 2005 09:30:09 +0000 (09:30 +0000)]
Update from samba tree revision 12185 to 12205
============================ Samba log start ============
------------------------------------------------------------------------
r12205 | jelmer | 2005-12-13 02:56:04 +0100 (Tue, 13 Dec 2005) | 2 lines

Support 'TFS' command in conformance files

------------------------------------------------------------------------
============================ Samba log end ==============

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16776 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoupdate the work-in-progress pidl generated wkssvc dissector and add a conformance...
sahlberg [Tue, 13 Dec 2005 07:53:52 +0000 (07:53 +0000)]
update the work-in-progress pidl generated wkssvc dissector and add a conformance file using the new nice TFS conformance file directive

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16775 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoswap Trip/Close as per bug 579
sahlberg [Tue, 13 Dec 2005 06:36:30 +0000 (06:36 +0000)]
swap Trip/Close as per bug 579

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16774 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoasn2eth.py:
gerald [Tue, 13 Dec 2005 03:48:26 +0000 (03:48 +0000)]
asn2eth.py:

Catch a TypeError that gets thrown if we don't use any conversion
specifiers during string formatting.

H.248:

Don't dereference a null pointer.  Fixes bug 626.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16773 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoWe should really do quit Ethereal if user asked us to do so with the -Q option!
ulfl [Tue, 13 Dec 2005 02:09:14 +0000 (02:09 +0000)]
We should really do quit Ethereal if user asked us to do so with the -Q option!

Update the window title, right after the fixed capture finished. This might be required if the loading of the capture file afterwards just fails, leaving the title unchanged.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16772 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agodon't try to close wtap, if we couldn't load the wiretap file
ulfl [Tue, 13 Dec 2005 01:17:36 +0000 (01:17 +0000)]
don't try to close wtap, if we couldn't load the wiretap file

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16771 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoConvert to new style dissector (hopefully done right)
jmayer [Mon, 12 Dec 2005 23:38:04 +0000 (23:38 +0000)]
Convert to new style dissector (hopefully done right)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16770 f5534014-38df-0310-8fa8-9805f1628bb7

14 years ago- add Debug and Default declarations.
lego [Mon, 12 Dec 2005 23:23:32 +0000 (23:23 +0000)]
- add Debug and Default declarations.
- supress unwanted console printouts.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16769 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDissect type 0x0c as 'remove tag' flag
jmayer [Mon, 12 Dec 2005 23:14:41 +0000 (23:14 +0000)]
Dissect type 0x0c as 'remove tag' flag

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16768 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd a note that the Win32 tool recommendations should be strictly followed.
ulfl [Mon, 12 Dec 2005 22:29:00 +0000 (22:29 +0000)]
Add a note that the Win32 tool recommendations should be strictly followed.

Change tool headers: "UNIX:" -> "UNIX or Win32 Cygwin:"

Update output of verify_tools target

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16767 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoUse "guint" instead of "u_int".
gerald [Mon, 12 Dec 2005 16:49:49 +0000 (16:49 +0000)]
Use "guint" instead of "u_int".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16766 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoReassmble apm messages.
etxrab [Mon, 12 Dec 2005 15:17:53 +0000 (15:17 +0000)]
Reassmble apm messages.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16765 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Hannes Gredler
etxrab [Mon, 12 Dec 2005 10:28:57 +0000 (10:28 +0000)]
From Hannes Gredler

-add codepoint to name resolution for Juniper IFMT, IFLE extension TLVs
-bugfix: DLT_JUNIPER_PPP, correct the calculate offset for PPP payload
-bugfix: DLT_JUNIPER_CHDLC, add CHDLC handler
-bugfix: add a more flexible TLV value extraction function which
   does not bail if the assumed TLV length does not match

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16764 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoOK, if we're not going to have our "idl_types.h" different from Samba's,
guy [Mon, 12 Dec 2005 10:15:56 +0000 (10:15 +0000)]
OK, if we're not going to have our "idl_types.h" different from Samba's,
we have to put the definition of "unistr" as "[string] wchar_t *" into
the IDL files that use "unistr".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16763 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAvoid to crash if we are given an unexistent field.
lego [Mon, 12 Dec 2005 01:32:31 +0000 (01:32 +0000)]
Avoid to crash if we are given an unexistent field.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16762 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDone is not needed anymore;
lego [Mon, 12 Dec 2005 01:27:51 +0000 (01:27 +0000)]
Done is not needed anymore;
in Pdus transforms go before Criteria (because they are evaluated before)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16761 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDissect the management protocol between 3com Netjack200 devices and the
jmayer [Mon, 12 Dec 2005 00:07:54 +0000 (00:07 +0000)]
Dissect the management protocol between 3com Netjack200 devices and the
Windows managment application.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16760 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoCleanup the grammar.
lego [Sun, 11 Dec 2005 23:22:14 +0000 (23:22 +0000)]
Cleanup the grammar.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16759 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoUpdates from samba svn
jmayer [Sun, 11 Dec 2005 22:54:43 +0000 (22:54 +0000)]
Updates from samba svn

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16758 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoStart the function name on a new line to make it easier to search
jmayer [Sun, 11 Dec 2005 22:53:25 +0000 (22:53 +0000)]
Start the function name on a new line to make it easier to search

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16757 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoPort some information from yersinia
jmayer [Sun, 11 Dec 2005 22:52:20 +0000 (22:52 +0000)]
Port some information from yersinia
(http://yersinia.sourceforge.net/index.html)
by Alfredo Andres and David Barroso. There's more information to be put
into Ethereal but it's a start.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16756 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoimplement SMB_FILE_ALL_INFO properly once and for all
sahlberg [Sun, 11 Dec 2005 22:29:39 +0000 (22:29 +0000)]
implement SMB_FILE_ALL_INFO properly once and for all

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16755 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoThe Bitmap routine in lib/Parse/Pidl/Ethereal/NDR.pm in Pidl generates
guy [Sat, 10 Dec 2005 22:42:19 +0000 (22:42 +0000)]
The Bitmap routine in lib/Parse/Pidl/Ethereal/NDR.pm in Pidl generates
fields as BASE_DEC; bitmaps are typically displayed in hex in Ethereal,
so it should generate BASE_HEX instead.  (Submitted to
bugzilla.samba.org as bug 3313.)

A couple of the IDL files use "unistr"; define it as "[string] uint16",
so that the resulting dissectors work correctly.

Regenerate dissectors.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16754 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agothe verify_tool target should check for /usr/bin/find (I errorneously did changed...
ulfl [Sat, 10 Dec 2005 11:14:36 +0000 (11:14 +0000)]
the verify_tool target should check for /usr/bin/find (I errorneously did changed it a while ago)

add a comment why we should check for exactly that version

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16753 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoif passed a NULL string, make se_strdup() return the static string
sahlberg [Fri, 9 Dec 2005 22:06:38 +0000 (22:06 +0000)]
if passed a NULL string, make se_strdup() return the static string
"<NULL>" instead of dumping.

This allows callers to not have to check if the string is NULL or not.

This fixes bugs 614 615 617 620 621 and 623

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16752 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd packet-nhrp.h
etxrab [Fri, 9 Dec 2005 18:02:18 +0000 (18:02 +0000)]
Add packet-nhrp.h

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16751 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFix ...$ to : $
jmayer [Fri, 9 Dec 2005 16:51:56 +0000 (16:51 +0000)]
Fix ...$ to : $

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16750 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd missing propset ...
jmayer [Fri, 9 Dec 2005 16:46:24 +0000 (16:46 +0000)]
Add missing propset ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16749 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoMaybe Id will work now
jmayer [Fri, 9 Dec 2005 16:40:06 +0000 (16:40 +0000)]
Maybe Id will work now

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16748 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoUpdate enterprise-numbers
jmayer [Fri, 9 Dec 2005 16:24:05 +0000 (16:24 +0000)]
Update enterprise-numbers

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16747 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd Deepak Jain as author of Next Hop Resolution Protocol
etxrab [Fri, 9 Dec 2005 16:19:49 +0000 (16:19 +0000)]
Add  Deepak Jain as author of Next Hop Resolution Protocol

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16746 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoMinor bug fixes.
etxrab [Fri, 9 Dec 2005 16:15:25 +0000 (16:15 +0000)]
Minor bug fixes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16745 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom: Deepak Jain
etxrab [Fri, 9 Dec 2005 16:14:42 +0000 (16:14 +0000)]
From: Deepak Jain

changes/addition to support decode for Next Hop Resolution Protocol

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16744 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agopropset svn:executable *
jmayer [Fri, 9 Dec 2005 15:56:07 +0000 (15:56 +0000)]
propset svn:executable *

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16743 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoRegenerate manuf and FAQ
jmayer [Fri, 9 Dec 2005 15:53:40 +0000 (15:53 +0000)]
Regenerate manuf and FAQ

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16742 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd Cisco-ISL MAC-addresses
jmayer [Fri, 9 Dec 2005 15:49:57 +0000 (15:49 +0000)]
Add Cisco-ISL MAC-addresses

Remove IETF-VRRP: This is a generic multicast address, and there are 31
other IP-multicast addresses mapping to the same mac address.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16741 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoWhitespace change
jmayer [Fri, 9 Dec 2005 15:47:50 +0000 (15:47 +0000)]
Whitespace change

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16740 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAdd comment how to regenerate the file
jmayer [Fri, 9 Dec 2005 15:46:09 +0000 (15:46 +0000)]
Add comment how to regenerate the file

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16739 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoRe-generate one more BER dissector.
guy [Fri, 9 Dec 2005 03:24:52 +0000 (03:24 +0000)]
Re-generate one more BER dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16738 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoRepeatedly indicate that "-w" is for writing binary packet data, and
guy [Fri, 9 Dec 2005 02:59:36 +0000 (02:59 +0000)]
Repeatedly indicate that "-w" is for writing binary packet data, and
that if you want to send text to a file, just redirect the standard
output.  I've seen at least one message on the Ethereal lists from
somebody who didn't realize that, and I think I've seen more.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16737 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoRegenerate with the latest asn2eth, to get FT_OID used, and to add #line.
guy [Thu, 8 Dec 2005 23:29:21 +0000 (23:29 +0000)]
Regenerate with the latest asn2eth, to get FT_OID used, and to add #line.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16736 f5534014-38df-0310-8fa8-9805f1628bb7

14 years ago"get_oid_name()" can return a null pointer; don't try to add the name if
guy [Thu, 8 Dec 2005 23:21:26 +0000 (23:21 +0000)]
"get_oid_name()" can return a null pointer; don't try to add the name if
it does.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16735 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoClean up indentation.
guy [Thu, 8 Dec 2005 11:27:14 +0000 (11:27 +0000)]
Clean up indentation.

For OID fields of type FT_STRING, put back the code to append the OID
name.  (Ultimately, we should probably convert them all to type FT_OID.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16734 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoWhen checking whether a packet is for a protocol or not, make sure the
guy [Thu, 8 Dec 2005 10:56:51 +0000 (10:56 +0000)]
When checking whether a packet is for a protocol or not, make sure the
bytes you'll be checking are available in the tvbuff first.

Don't require *all* of the packet data to be available, however.

Heuristic dissectors should return TRUE or FALSE.  Non-heuristic
"new-style" dissectors should return the amount of data dissected or 0.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16733 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoRegenerate, so that it handles OIDs as FT_OID.
guy [Thu, 8 Dec 2005 09:56:19 +0000 (09:56 +0000)]
Regenerate, so that it handles OIDs as FT_OID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16732 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoSquelch a const vs. non-const pointer warning.
guy [Thu, 8 Dec 2005 09:05:23 +0000 (09:05 +0000)]
Squelch a const vs. non-const pointer warning.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16731 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Kyle J. Harms:
guy [Thu, 8 Dec 2005 08:55:15 +0000 (08:55 +0000)]
From Kyle J. Harms:

Fix a few problems.

CIGI 1 and 2 are only big-endian; CIGI 3 can be little-endian or
big-endian.

Remove the port preferences.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16730 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoadd decoding of the share type that metze found in the tree connect response
sahlberg [Thu, 8 Dec 2005 07:54:13 +0000 (07:54 +0000)]
add decoding of the share type   that metze found in the tree connect response

prettify tid and uid

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16729 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAlso add the new dissectors
etxrab [Thu, 8 Dec 2005 07:29:15 +0000 (07:29 +0000)]
Also add the new dissectors

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16728 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoCommit the actual diissectors:
etxrab [Thu, 8 Dec 2005 06:43:01 +0000 (06:43 +0000)]
Commit the actual diissectors:
Log:
 From Grame Lunt:
  updated X.500 dissectors to include DOP support.

 The "dop" dissector is the renamed "x501" dissector consequently the asn/x501 directory should be removed. The patch includes the changes to epan/dissectors/Makefile.common to reflect this.

 As the DOP dissection is not fully tested, I have disabled it by default for now (like DSP) but it can be enabled by the user.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16727 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Grame Lunt:
etxrab [Wed, 7 Dec 2005 23:20:11 +0000 (23:20 +0000)]
From Grame Lunt:
 updated X.500 dissectors to include DOP support.

The "dop" dissector is the renamed "x501" dissector consequently the asn/x501 directory should be removed. The patch includes the changes to epan/dissectors/Makefile.common to reflect this.

As the DOP dissection is not fully tested, I have disabled it by default for now (like DSP) but it can be enabled by the user.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16726 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoAvoid dereferencing pointers to the message, context and transaction object if they...
lego [Wed, 7 Dec 2005 21:08:51 +0000 (21:08 +0000)]
Avoid dereferencing pointers to the message, context and transaction object if they have not been created.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16725 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agolibethereal: add capture_enc
etxrab [Wed, 7 Dec 2005 20:07:14 +0000 (20:07 +0000)]
libethereal: add capture_enc

tipc: First stab at reassembly, as tipc reasembly is based on reading the message length from the first segmented packet and then just add the bytes received I didn't find a better way of doing it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16724 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agotap the ntlmssp protocol and extract the account/domain names when users authenticate.
sahlberg [Wed, 7 Dec 2005 13:14:09 +0000 (13:14 +0000)]
tap the ntlmssp protocol and extract the account/domain names when users authenticate.

If known   put the account name, domain name, host name and which frame the suer authenticated in in an expansion below UID in the SMB2 header

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16723 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agonew function fetch_tapped_data()
sahlberg [Wed, 7 Dec 2005 13:12:39 +0000 (13:12 +0000)]
new function fetch_tapped_data()

This function can be called from a dissector to fetch (if any) tapped data from a tap.
This can offer an alternative method of passing data between different dissectors much cleaner than the pinfo pollition and private_data design mistake.

The SMB2 dissector uses this method to extract vital data such as Account_Name from the ntlmssp dissector (that is 3 leveld down from smb2)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16722 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agomake ntlmssp tappable
sahlberg [Wed, 7 Dec 2005 13:09:42 +0000 (13:09 +0000)]
make ntlmssp tappable

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16721 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFix some more scaled-fixed-point values, and have a 2-byte spare field
guy [Wed, 7 Dec 2005 10:44:55 +0000 (10:44 +0000)]
Fix some more scaled-fixed-point values, and have a 2-byte spare field
followed by a 2-byte event count.  Fixes bug 609.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16720 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFix oroperties, get rid of CRs.
guy [Wed, 7 Dec 2005 09:51:31 +0000 (09:51 +0000)]
Fix oroperties, get rid of CRs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16719 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoSquelch a narrowing-conversion warning.
guy [Wed, 7 Dec 2005 09:48:08 +0000 (09:48 +0000)]
Squelch a narrowing-conversion warning.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16718 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoClear up const vs. non-const warnings.
guy [Wed, 7 Dec 2005 09:38:57 +0000 (09:38 +0000)]
Clear up const vs. non-const warnings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16717 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoWhy duplicate the code of "tvb_get_string()" when you could just use
guy [Wed, 7 Dec 2005 03:03:37 +0000 (03:03 +0000)]
Why duplicate the code of "tvb_get_string()" when you could just use
"tvb_get_string()"?

Why even bother with "tvb_get_string()" when you can just use
"proto_tree_add_item()" with a string item?

Make sure that the prefix in a PRIV item isn't bigger than the item
itself.  That fixes bug 603.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16716 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDon't export stuff if no other dissector uses it. "Static unless
guy [Wed, 7 Dec 2005 01:45:44 +0000 (01:45 +0000)]
Don't export stuff if no other dissector uses it.  "Static unless
otherwise required."

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16715 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFix indentation.
guy [Wed, 7 Dec 2005 01:31:43 +0000 (01:31 +0000)]
Fix indentation.

Gate X and Y Offset are 16-bit integral numbers of degrees, not 32-bit
IEEE floating-point numbers, and the numbers in collision detection
segment definitions and collision detection volume definitions are
16-bit fixed-point numbers, not 32-bit IEEE floating-point numbers;
handle them as such - this fixes bug 605.

When displaying the packet length in the Info column, display the *real*
length, not the sliced length.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16714 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoUnicode considered unnecessary and non-portable. Avoid using non-ASCII
guy [Wed, 7 Dec 2005 00:43:17 +0000 (00:43 +0000)]
Unicode considered unnecessary and non-portable.  Avoid using non-ASCII
characters in field names.

Fix indentation, and fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16713 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Martin M various updates and fixes
sahlberg [Wed, 7 Dec 2005 00:35:16 +0000 (00:35 +0000)]
From Martin M   various updates and fixes

Hi, Some tiddly changes: pppoe- don't create an empty discovery tags tree when the payload length is 0 chap- make chap.value work as a filterable field rtcp- append the packet type to the protocol tree name 

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16712 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFrom Jelmer V AIM bugfix
sahlberg [Wed, 7 Dec 2005 00:27:17 +0000 (00:27 +0000)]
From Jelmer V   AIM bugfix

Hi,

The attached patch fixes the name of the version field, which I
previously mistook for an authorization cookie (which is in fact in a
TLV that follows this field).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16711 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoSquelch some compiler const vs. non-const warnings.
guy [Tue, 6 Dec 2005 22:59:30 +0000 (22:59 +0000)]
Squelch some compiler const vs. non-const warnings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16710 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoClean up capture_enc(), export it, and use it in the capture window.
guy [Tue, 6 Dec 2005 22:56:37 +0000 (22:56 +0000)]
Clean up capture_enc(), export it, and use it in the capture window.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16709 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoThe keys for entries in the OID-to-name hash table are g_mallocated, so
guy [Tue, 6 Dec 2005 22:26:10 +0000 (22:26 +0000)]
The keys for entries in the OID-to-name hash table are g_mallocated, so
we have to g_free them when destroying the hash table.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16708 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoSet svn:keywords to Id to get RCS IDs expanded.
guy [Tue, 6 Dec 2005 21:07:50 +0000 (21:07 +0000)]
Set svn:keywords to Id to get RCS IDs expanded.

Set svn:eol-style to native to handle line endings appropriately, and
trim off CRs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16707 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agog_hash_table_new_full() does not exist for glib1
sahlberg [Tue, 6 Dec 2005 20:29:46 +0000 (20:29 +0000)]
g_hash_table_new_full() does not exist for glib1

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16706 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoIt crashed when keep_persistent_data == FALSE
lego [Tue, 6 Dec 2005 19:47:22 +0000 (19:47 +0000)]
It crashed when keep_persistent_data == FALSE

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16705 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agowe can even get error messages while we are capturing (e.g. when a network cable...
ulfl [Tue, 6 Dec 2005 19:41:45 +0000 (19:41 +0000)]
we can even get error messages while we are capturing (e.g. when a network cable is unplugged)

problem found by Joerg Mayer

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16704 f5534014-38df-0310-8fa8-9805f1628bb7

14 years ago- Fix few issues with context analysis
lego [Tue, 6 Dec 2005 18:52:17 +0000 (18:52 +0000)]
- Fix few issues with context analysis
- Add used terminations tree to the context analysis tree

Regenerate Dissector

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16703 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoFill in Column info, Dissect some more user info.
etxrab [Tue, 6 Dec 2005 17:54:40 +0000 (17:54 +0000)]
Fill in Column info, Dissect some more user info.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16702 f5534014-38df-0310-8fa8-9805f1628bb7

14 years agoDissect Cause and use %(DEFAULT_BODY)s use import for IMSI.
etxrab [Tue, 6 Dec 2005 17:53:28 +0000 (17:53 +0000)]
Dissect Cause  and use %(DEFAULT_BODY)s use import for IMSI.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16701 f5534014-38df-0310-8fa8-9805f1628bb7