| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
at the correct notebook page when a particular protocol (which has registered
some preferences) is selected in the tree view.
- add set_menus_for_selected_tree_row() in menu.[ch]
- add prefs_is_registered_protocol() and
prefs_get_title_by_name() in prefs.[ch]
svn path=/trunk/; revision=2275
|
|
svn path=/trunk/; revision=2274
|
|
instead of != ==.
svn path=/trunk/; revision=2273
|
|
svn path=/trunk/; revision=2272
|
|
The RPC layer itself handles all this stuff.
svn path=/trunk/; revision=2271
|
|
on NT/2000.
Refer to Tethereal, not to Ethereal, in the long explanations of capture
problems in Tethereal.
svn path=/trunk/; revision=2270
|
|
svn path=/trunk/; revision=2269
|
|
the following:
It is now possible to enable/disable a particular protocol decoding
(i.e. the protocol dissector is void or not). When a protocol
is disabled, it is displayed as Data and of course, all linked
sub-protocols are disabled as well.
Disabling a protocol could be interesting:
- in case of buggy dissectors
- in case of wrong heuristics
- for performance reasons
- to decode the data as another protocol (TODO)
Currently (if I am not wrong), all dissectors but NFS can be disabled
(and dissectors that do not register protocols :-)
I do not like the way the RPC sub-dissectors are disabled (in the
sub-dissectors) since this could be done in the RPC dissector itself,
knowing the sub-protocol hfinfo entry (this is why, I've not modified
the NFS one yet).
Two functions are added in proto.c :
gboolean proto_is_protocol_enabled(int n);
void proto_set_decoding(int n, gboolean enabled);
and two MACROs which can be used in dissectors:
OLD_CHECK_DISPLAY_AS_DATA(index, pd, offset, fd, tree)
CHECK_DISPLAY_AS_DATA(index, tvb, pinfo, tree)
See also the XXX in proto_dlg.c and proto.c around the new functions.
svn path=/trunk/; revision=2268
|
|
the following:
It is now possible to enable/disable a particular protocol decoding
(i.e. the protocol dissector is void or not). When a protocol
is disabled, it is displayed as Data and of course, all linked
sub-protocols are disabled as well.
Disabling a protocol could be interesting:
- in case of buggy dissectors
- in case of wrong heuristics
- for performance reasons
- to decode the data as another protocol (TODO)
Currently (if I am not wrong), all dissectors but NFS can be disabled
(and dissectors that do not register protocols :-)
I do not like the way the RPC sub-dissectors are disabled (in the
sub-dissectors) since this could be done in the RPC dissector itself,
knowing the sub-protocol hfinfo entry (this is why, I've not modified
the NFS one yet).
Two functions are added in proto.c :
gboolean proto_is_protocol_enabled(int n);
void proto_set_decoding(int n, gboolean enabled);
and two MACROs which can be used in dissectors:
OLD_CHECK_DISPLAY_AS_DATA(index, pd, offset, fd, tree)
CHECK_DISPLAY_AS_DATA(index, tvb, pinfo, tree)
See also the XXX in proto_dlg.c and proto.c around the new functions.
svn path=/trunk/; revision=2267
|
|
at the beginning of packets.
svn path=/trunk/; revision=2266
|
|
about checking permissions, as the capture devices are probably
available to all users, and talking about permissions will only confuse
the user. Do, however, warn that Ethereal can't capture on Token Ring
or PPP/WAN interfaces.
On UNIX, if the attempt to open the capture device fails, and the error
message starts with "can't find PPA for ", they are probably running on
HP-UX with a version of libpcap not patched to properly look up PPAs for
network interfaces given the interface name; give them a detailed
warning about this, telling them that they'll have to fix libpcap and
build Ethereal from source, and pointing them at the "README.hpux" file.
svn path=/trunk/; revision=2265
|
|
Porting and Archive Centre site.
Warn in the very beginning of that file that libpcap may not work very
well without patches. Give patches to libpcap for:
vanilla LBL libpcap 0.4
vanilla tcpdump.org libpcap 0.5
libpcap 0.4 from the HP-UX Porting and Archive Centre (which is
the only version that includes configure-script changes to work
with HP's C compiler as well as GCC)
and put them in files separate from "README.hpux" (to make it easier for
users to apply the patches).
Make those versions of the patch give a slightly different error message
if libpcap fails to find the PPA for the device, to make it easier to
figure out if the user reporting a problem with HP-UX capture has a
patched version of libpcap or not (so that we know whether the problem
may just be that they're using an unmodified libpcap, or if they're
running a patched version and that patch needs more work, e.g. to look
at devices other than just "/dev/dlpi").
Give information on how to find "patch", warn that probably only the
HP-UX Porting and Archive Centre version will work with the HP C
compiler, warn that applying a version of the patch other than the one
for the particular version of libpcap you've downloaded will probably
not work, and warn that you need to download source to libpcap in order
to do any of this in the first place.
(The current libpcap CVS tree at tcpdump.org has this patch in it, so
the next release of libpcap from tcpdump.org should have it; hopefully
the HP-UX Porting and Archive Centre will switch to that version when it
comes out, and people will just be able to push a few buttons to get an
Ethereal that works on HP-UX.)
svn path=/trunk/; revision=2264
|
|
- add display filters
svn path=/trunk/; revision=2263
|
|
Set "current_blob" when the first read is done from the random file, as
"current_blob" is the current blob in the random file.
svn path=/trunk/; revision=2262
|
|
svn path=/trunk/; revision=2261
|
|
supplied in the "p_add_proto_data()" call that created the entry, not
the pointer to the data structure that holds the protocol and data
arguments to "p_add_proto_data()" (the protocol is uninteresting, as
its value is the value supplied as the "proto" argument to
"p_get_proto_data()".
The "frame_proto_data" structure isn't needed outside the code that
handles it; remove its definition from "packet.h" and put it in
"packet.c".
svn path=/trunk/; revision=2260
|
|
in order to know who to complain :-)
svn path=/trunk/; revision=2259
|
|
- implement the TCP follow feature for TCP over IPv6
svn path=/trunk/; revision=2258
|
|
Fix a typo in the LGPL in the initial comment.
Move the includes of <stdlib.h> and <ctype.h> out of "snprintf-imp.h"
into "snprintf.c", and put them *before* the include of "snprintf.h", so
that "size_t" is defined before "snprintf.h" is included ("snprintf.h"
uses "size_t").
svn path=/trunk/; revision=2257
|
|
svn path=/trunk/; revision=2256
|
|
- add <stdarg.h> or <varargs.h> in snprintf.h
and remove those inclusions in the other #ifdef NEED_SNPRINTF_H codes
- remove the check of multiple inclusions in source (.c) code
(there is a bit loss of _cpp_ performance, but I prefer the gain of
code reading and maintenance; and nowadays, disk caches and VM are
correctly optimized ;-).
- protect all (well almost) header files against multiple inclusions
- add header (i.e. GPL license) in some include files
- reorganize a bit the way header files are included:
First:
#include <system_include_files>
#include <external_package_include_files (e.g. gtk, glib etc.)>
Then
#include "ethereal_include_files"
with the correct HAVE_XXX or NEED_XXX protections.
- add some HAVE_XXX checks before including some system header files
- add the same HAVE_XXX in wiretap as in ethereal
Please forgive me, if I break something (I've only compiled and regression
tested on Linux).
svn path=/trunk/; revision=2255
|
|
- add <stdarg.h> or <varargs.h> in snprintf.h
and remove those inclusions in the other #ifdef NEED_SNPRINTF_H codes
- remove the check of multiple inclusions in source (.c) code
(there is a bit loss of _cpp_ performance, but I prefer the gain of
code reading and maintenance; and nowadays, disk caches and VM are
correctly optimized ;-).
- protect all (well almost) header files against multiple inclusions
- add header (i.e. GPL license) in some include files
- reorganize a bit the way header files are included:
First:
#include <system_include_files>
#include <external_package_include_files (e.g. gtk, glib etc.)>
Then
#include "ethereal_include_files"
with the correct HAVE_XXX or NEED_XXX protections.
- add some HAVE_XXX checks before including some system header files
- add the same HAVE_XXX in wiretap as in ethereal
Please forgive me, if I break something (I've only compiled and regression
tested on Linux).
svn path=/trunk/; revision=2254
|
|
"hf[]", and the reference to it, for now.
svn path=/trunk/; revision=2253
|
|
don't use it there.
svn path=/trunk/; revision=2252
|
|
sequential pass through the file build a list of information about the
compressed blobs, with the starting offset in the compressed file and in
the uncompressed byte stream for each blob.
When seeking on the random stream, check whether the target location is
within the uncompressed buffer we currently have; if not, use that list
to figure out which blob contains the target location, and read that
blob into the buffer. Then, as we now know that the target location is
within the uncompressed buffer we currently have, just move the current
pointer into that buffer to the target location.
This means we don't have to read forwards through any uninteresting
blobs in order to seek forwards, and don't have to go all the way back
to the beginning and seek forwards in order to seek backwards.
svn path=/trunk/; revision=2251
|
|
svn path=/trunk/; revision=2250
|
|
- protect expensive calls (getXXXbyYYY) with g_resolving_actif check,
that solves a problem with add_ether_byip which was too expensive
due to IP address resolution even when g_resolving_actif was disabled.
I need to clean further.
Do you think that having inexpensive name resolution (i.e. from
hash table only which can be filled by dissectors or file reading)
even if name resolution is disabled (g_resolving_actif = FALSE) is
preferable than having no name resolution at all (which is currently
the case). I may change to the first solution in the future if there
is no objection.
svn path=/trunk/; revision=2249
|
|
name can be added from file reading but also from the dissectors.
- add is_dummy_entry in the hosts hashtable.
- check in add_xxx that the entry is not already there, if so
do nothing except if this is a dummy entry (in this case, it is
simply replaced).
- add found boolean parameter to host_name_lookup[6]
- add the add_ether_byip procedure which adds a new ether entry
knowing the IP address (if the IP address can be resolved).
- and finally call this new procedure from ARP dissector.
(ipxnets (among other things) to be updated).
svn path=/trunk/; revision=2248
|
|
work, and it's not even documented in the Solaris 2.5.1 man page; don't
use "-e" to test for the existence of a file, use "-f", which is
documented in the 2.5.1 man page and works.
svn path=/trunk/; revision=2247
|
|
<stdarg.h> is now included by "proto.h", so we must include "snprintf.h"
after including "proto.h".
svn path=/trunk/; revision=2246
|
|
- remove stdarg.h include in proto.c and add a more correct one in proto.h
- fix esis_dissect_unknown and isis_dissect_unknown
svn path=/trunk/; revision=2245
|
|
But there is still a problem with the isis_dissect_unknown
procedure which calls proto_tree_add_text: the va_list
arguments are incorrectly decoded in proto.c. I suspect
a problem with inclusion of stdarg.h vs. varargs.h but
for now, I can't figure out where ...
(problem on Linux intel with gcc 2.91.66).
svn path=/trunk/; revision=2244
|
|
to refer to 64-bit integral quantities, add "pntohll()" and "phtonll()"
macros, and "tvb_get_ntohll()" and "tvb_get_letohll()" routines, for
fetching 64-bit integral quantities.
(They're still a pain to *print*, as there's no standard "printf" format
code for them - some systems use "%ll[dox]", some use "%q[dox]", and I
think some use formats different from all of them.)
svn path=/trunk/; revision=2243
|
|
svn path=/trunk/; revision=2242
|
|
Do not assume that all dissectors are in the source directory.
This is the case for instance for packet-ncp2222.c which is
generated in the production directory (current).
This is particularly important when the generation is not
made in the source directory.
- ncp2222.py
Remove tabs in generated source to make the generated code
nicer and to make work the make-reg-dotc. Without that fix,
all NCP packet dissections dump core ...
svn path=/trunk/; revision=2241
|
|
numeric values. (Also, just for laughs and for completeness, turn the
CS class into "csnet", even though it's obsolete and supposedly used
only in some examples in obsolete RFCs.)
svn path=/trunk/; revision=2240
|
|
Motif/KDE/GNOME(?) and Windows applications, with "Help" above "About",
and separated from "About" by a separator line.
(This also makes "Help->Help" the default, which is probably what most
users would want, especially if, as, and when we fill out the help.)
svn path=/trunk/; revision=2239
|
|
the addition of support for Cisco Secure Intrusion Detection
System IPlog output;
support for selecting only one side of a conversation, for
showing a conversation in hex, and for saving the displayed data
to a file, in the "Filter TCP Stream" window.
svn path=/trunk/; revision=2238
|
|
svn path=/trunk/; revision=2237
|
|
Give Phil credit for the other stuff he added as well.
svn path=/trunk/; revision=2236
|
|
specify it in the argument to "getopt()").
svn path=/trunk/; revision=2235
|
|
svn path=/trunk/; revision=2234
|
|
svn path=/trunk/; revision=2233
|
|
Entire Conversation
Client -> Server packets
Server -> Client packets
Have "Save As" button work as a "Print to File" button; it asks for
a filename and uses the same routine that "Print" uses to save the file.
What you see in the window is what you get in the file. So, you can get
any of the above conversations/soliloquies combined with:
ASCII
EBCDIC
Hex Dump
svn path=/trunk/; revision=2232
|
|
IPLog format.
svn path=/trunk/; revision=2231
|
|
Santeri Paavolainen.
svn path=/trunk/; revision=2230
|
|
svn path=/trunk/; revision=2229
|
|
- add hostname/IP in host hashtable from DNS answers
(currently only type A RR).
svn path=/trunk/; revision=2228
|
|
- short overview
- list of known protocols
- list of display filters
- short capture filter help
The display filter help can be extended in the future
when we will have a GUI for filter construction. But
this is better than nothing ;-)
And cut & paste from the text help window and the filter
input field works...
svn path=/trunk/; revision=2227
|
|
svn path=/trunk/; revision=2226
|
