| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
RPC and NDMP.
Show the RPC-over-TCP fragment header as a tree with bitfields below it.
Add a routine to show a reported bounds error as an "Unreassembled
Packet" or a "Malformed Packet" depending on whether "pinfo->fragmented"
is set, and have NBNS and RPC use that.
Add "ett_ndmp_file_stats" to the list of ett_ values to be initialized
(it wasn't in that list, and wasn't getting initialized).
When freeing up various hash tables and memory chunks in the RPC
dissector, zero out the pointers to them, just to make sure we don't try
to free them again.
Always destroy the TCP segment key and address memory chunks in
"tcp_desegment_init()", regardless of whether TCP desegmentation is
enabled - we don't *allocate* them if TCP desegmentation isn't enabled,
but we should free them even if it's not enabled. Also, when we free
them, set the pointers to them to null, so we don't double-free them.
Supply to subdissectors called from the TCP dissector the sequence
number of the first byte handed to the sub dissector.
svn path=/trunk/; revision=4753
|
|
argument, so if the length was supplied as -1, it can set it to the
length of data remaining in the tvbuff, so that its callers can use that
length when getting the value for the field, rather than leaving the
length in the "field_info" structure as -1.
svn path=/trunk/; revision=4752
|
|
"data source" has a name and a top-level tvbuff, and frames can have a
list of data sources associated with them.
Use the tvbuff pointer to determine which data source is the data source
for a given field; this means we don't have to worry about multiple data
sources with the same name - the only thing the name does is label the
notebook tab for the display of the data source, and label the hex dump
of the data source in print/Tethereal output.
Clean up a bunch of things discovered in the process of doing the above.
svn path=/trunk/; revision=4749
|
|
longer contains length fields, so there's no need to pass a "packet_info
*" argument to "set_actual_length()".
svn path=/trunk/; revision=4748
|
|
svn path=/trunk/; revision=4747
|
|
print/Tethereal.
svn path=/trunk/; revision=4742
|
|
into captures.
The data rate header is in .5 megabyte/second units, not .5
kilobyte/second units.
svn path=/trunk/; revision=4741
|
|
support revealed that I'd left it out; putting it back made it work.)
svn path=/trunk/; revision=4740
|
|
"UcpHandleString(hf_ucp_parm_NT);" - the field really is one character
long, as per the (correct) change from FT_STRING to FT_UINT8.
svn path=/trunk/; revision=4739
|
|
svn path=/trunk/; revision=4738
|
|
If type passed in with -t option is unknown, die instead of using
Ethernet as a default.
svn path=/trunk/; revision=4737
|
|
and use the vals_parm_NT value string in that registration.
Thanks to Marcin Gryszkalis <mgryszkalis@cerint.pl> for the bug report.
svn path=/trunk/; revision=4736
|
|
the "Protocol Preferences" pop-up menu option to work properly.
svn path=/trunk/; revision=4735
|
|
the Account-Control bits.
svn path=/trunk/; revision=4734
|
|
- For selected read and write SMBs, display the byte count and offset
in the info column. This makes browsing file read/writes easier to
understand.
- In dissect_nt_sids() sometimes the version number is 3 but the rest
of the sid format remains the same. This is purely by observation -
I have no documentation to confirm this.
- Use a GString instead of a fixed buffer in dissect_nt_sids().
svn path=/trunk/; revision=4733
|
|
Communities attribute in a BGP Update message.
Also, get rid of an extra space before a colon in the display for that
attribute, which isn't in other attributes.
svn path=/trunk/; revision=4732
|
|
print it with "%lld".
In any case, not all platforms on which Ethereal can be built support
64-bit integral data types, and, even on those that do, not all of them
support "%ll[doux]" as the format for printing those types, so do the
arithmetic in floating point by multiplying the bytes/s values by 8.0,
and print with "%.0f" instead.
svn path=/trunk/; revision=4731
|
|
svn path=/trunk/; revision=4730
|
|
fix various alignment problems;
change/prettify a few of the structures;
other updates.
svn path=/trunk/; revision=4729
|
|
svn path=/trunk/; revision=4728
|
|
"Infinity (absolute time)", and values of 0x7fffffffffffffff as
"Infinity (relative time)".
svn path=/trunk/; revision=4727
|
|
structure containing a 32-bit conversation ID (which uniquely identifies
conversations between a SCSI initiator and target) and a 32-bit task ID
(which uniquely identifies a task within that conversation).
Have the NDMP dissector create conversations when it sees an "execute
CDB" request, and use the conversation index as the conversation ID and
the sequence number for requests and reply sequence for replies as the
task ID.
Have it use "dissect_scsi_payload()" to dissect the payload of "execute
CDB" requests and replies.
svn path=/trunk/; revision=4726
|
|
Get rid of extra trailing white space in some protocol tree items.
svn path=/trunk/; revision=4725
|
|
"packet-scsi.c" into "packet-scsi.c"; the iSCSI dissector doesn't need
its own versions of a pile of static data structures used only by
"packet-scsi.c", nor does it need a pile of typedefs and #defines used
only by "packet-scsi.c".
The iSCSI dissector *does* use "scsi_status_val", so make that
non-static, and export it from "packet-scsi.h".
svn path=/trunk/; revision=4724
|
|
Have the Q.931 PDU dissector, if it's Q.931-over-TPKT, check for
user-user IEs with a protocol discriminator of "X.208 and X.209 coded
user information" and, if it sees one, call an H.225.0 Call Setup
dissector if it could find the handle for it.
svn path=/trunk/; revision=4723
|
|
svn path=/trunk/; revision=4722
|
|
SAMR updates;
a bugfix in dissect_ndr_pointer() (should not check referent id
for aliases for unique pointers);
enhancement to dissect_ndr_pointer() to make it possible to
hand a generic int value to the dissector for the pointer object
in a similar way as hf_index values are passed through the
pointer layer.
svn path=/trunk/; revision=4721
|
|
dissect_packet().
svn path=/trunk/; revision=4720
|
|
fix to LookupRids to match what the IDL file says;
fix to "dissect_ndr_uint64()" to specify the right length to
"proto_tree_add_item()";
give the protocol tree items for array header counts and offsets
the correct offsets in the packet.
svn path=/trunk/; revision=4719
|
|
dissect dcerpc UDP replies correctly - use the opnum from the
request, ont the reply (the opnum from the request is frequently
wrong in Microsoft's DCE RPC implementation);
don't crash if the packet isn't found in the hash tables;
dissect SamrLookupDomain requests properly.
svn path=/trunk/; revision=4718
|
|
as FT_ETHER fields, not FT_BYTES fields.
Only label Appletalk protocol addresses as "{Source,Target} ID"; label
the others as "{Source,Target} protocol address", and have different
fields for Appletalk and other protocol addresses.
Don't put addresses into the protocol tree if they're zero-length.
svn path=/trunk/; revision=4717
|
|
as FT_ETHER fields, not FT_BYTES fields.
Don't treat Experimental Ethernet addresses as being Ethernet addresses
(they were 8 bytes long, not 48 bytes long).
Put ARP protocol addresses that are IPv4 addresses into the protocol
tree as FT_IPv4 fields, not FT_BYTES fields.
Fix the checks for MAC hardware addresses and IPv4 protocol addresses,
done to see if we should say a given Ethernet address has the same name
as a given IP address, to check both the type and length.
svn path=/trunk/; revision=4716
|
|
a tvbuff with the mailslot header.
Fix indentation.
svn path=/trunk/; revision=4715
|
|
svn path=/trunk/; revision=4714
|
|
Display the VLDB flags in hex, not decimal.
svn path=/trunk/; revision=4713
|
|
svn path=/trunk/; revision=4712
|
|
dissection
svn path=/trunk/; revision=4711
|
|
svn path=/trunk/; revision=4710
|
|
reading the capture file. Have callers of "wtap_snapshot_length()"
treat a value of 0 as "unknown", and default to WTAP_MAX_PACKET_SIZE (so
that, when writing a capture file in a format that *does* store the
snapshot length, we can at least put *something* in the file).
If we don't know the snapshot length of the current capture file, don't
display a value in the summary window.
Don't use "cfile.snap" as the snapshot length option when capturing -
doing so causes Ethereal to default, when capturing, to the snapshot
length of the last capture file that you read in, rather than to the
snapshot length of the last capture you did (or the initial default of
"no snapshot length").
Redo the "Capture Options" dialog box to group options into sections
with frames around them, and add units to the snapshot length, maximum
file size, and capture duration options, as per a suggestion by Ulf
Lamping. Also add units to the capture count option.
Make the snapshot length, capture count, maximum file size, and capture
duration options into a combination of a check box and a spin button.
If the check box is not checked, the limit in question is inactive
(snapshot length of 65535, no max packet count, no max file size, no max
capture duration); if it's checked, the spinbox specifies the limit.
Default all of the check boxes to "not checked" and all of the spin
boxes to small values.
Use "gtk_toggle_button_get_active()" rather than directly fetching the
state of a check box.
svn path=/trunk/; revision=4709
|
|
svn path=/trunk/; revision=4708
|
|
svn path=/trunk/; revision=4707
|
|
Renfro.
svn path=/trunk/; revision=4706
|
|
somehow doesn't like the structure member name "fh_len", for some reason
(probably some #define in some header file); change that (and other
"fh_len" variables) to "fh_length" instead.
svn path=/trunk/; revision=4705
|
|
and fix up the table for EAP types.
svn path=/trunk/; revision=4704
|
|
0.9.0 was released; get rid of the typedef for "old_dissector_t".
svn path=/trunk/; revision=4703
|
|
even if it doesn't have "gzgets()", so one might think we could use it
by using our own replacement for "gzgets()".
One would be wrong to think so, however, as the "gzseek()" it has
doesn't actually work when reading uncompressed files.
zlib 1.0.9 has "gzgets()", and fixes that bug, so we rever to checking
for "gzgets()" rather than "gzseek()", so that we don't accept pre-1.0.9
versions of zlib, and we get rid of our "gzgets()" replacement.
svn path=/trunk/; revision=4702
|
|
the count fields in SAMR replies aren't array max_count values,
so don't display them as such;
Put conformant and conformant varying array length/offset/etc.
values into the protocol tree.
svn path=/trunk/; revision=4701
|
|
function that computes the natural logarithm of a double. Using it as
the name of a pointer to a routine to do logging can cause namespace
collisions; in fact, it *does* cause them on AIX. Rename the function
argument to "logfunc".
svn path=/trunk/; revision=4700
|
|
typedef for "struct _value_string"; as such, the incomplete structure
declaration in "epan/proto.h" should declare "struct _value_string", not
"struct value_string", and casts and declarations in that header should
also use "struct _value_string", not "struct value_string".
svn path=/trunk/; revision=4699
|
|
svn path=/trunk/; revision=4698
|
