| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
a 64-bit application. Workaround a bug in Mac OS X...
svn path=/trunk/; revision=29641
|
|
svn path=/trunk/; revision=29591
|
|
non-Windows systems.
svn path=/trunk/; revision=29590
|
|
us from feeding a NULL pointer to pcap_compile if we can't open our
pipe. Fix up a couple of error messages.
svn path=/trunk/; revision=29587
|
|
svn path=/trunk/; revision=29576
|
|
pipes. Enable this by default on Windows. Remove code that tried to
use WaitForSingleObject on a pipe (which Windows doesn't support). Use
native file handles and system calls on Windows (which fixes a problem
with partial reads I ran into during testing).
This should fix bug 1759.
svn path=/trunk/; revision=29574
|
|
[PATCH] Fix dumpcap believing error on ^C i.e. pcap_breakloop()
When ^C was pressed during a packet capture, dumpcap believed a pcap
error had occurred. We check the return value more closely to avoid
this problem.
svn path=/trunk/; revision=29510
|
|
- Use g_get_tmp_dir, just like get_tempfile_path.
- Don't make the caller worry about the path buffer length.
svn path=/trunk/; revision=28915
|
|
out the change for now.
svn path=/trunk/; revision=28852
|
|
This hopefully fixes bug 1740.
svn path=/trunk/; revision=28549
|
|
I've created a new bug rather than reopening 1181 as the scope is constrained
somewhat more.
Basically, when capturing from a named pipe the wireshark display lags by one
packet. This is especially frustrating when the packets arrive at low rates.
tshark is fine. But the packet count in dumpcap also lags by one.
Looking at the code, the problem appears to be in cap_pipe_select(). It
attempts to use WaitForSingleObject() on the named pipe but AFAICT this never
blocks.
I've attached a diff for some code that fixes the issue for me. The semantics
of overlapped IO in Win32 is quite different from the select/read model - hence
the other changes!
I've tested this fix on WinXP, 2k server and 2003 server. I've also checked
that my changes compile on a Freespire box that I have lying around.
From me:
Adapt the changes for dumpcap, which is where the affected code now lives.
svn path=/trunk/; revision=28452
|
|
pcapng format instead of pcap. The default is to use pcap.
svn path=/trunk/; revision=28170
|
|
Move write routines to dumpcap.c
This is a preparation for pcapng support.
svn path=/trunk/; revision=28155
|
|
svn path=/trunk/; revision=28065
|
|
svn path=/trunk/; revision=27992
|
|
Small cleanup of preprocessor logic.
svn path=/trunk/; revision=27212
|
|
dumpcap should terminate if exactly the maximum number of packets have been captured
(or greater) as specified by the user: "-c <capture packet count>". The current behavior
waits until an additional packet is captured until this threshold check occurs.
svn path=/trunk/; revision=27208
|
|
Set SA_RESTART flag when setting SIGPIPE handler.
svn path=/trunk/; revision=26851
|
|
Do not get link-layer for remote interfaces.
svn path=/trunk/; revision=26683
|
|
This is the last commit to make it compile clean on Ubuntu 8.10.
svn path=/trunk/; revision=26654
|
|
Enable the default action for SIGPIPE
This fixes bug 2888 and 1740
svn path=/trunk/; revision=26621
|
|
Clean up indentation a bit.
svn path=/trunk/; revision=26037
|
|
specific issues (one of which no longer applies), point the user at the
wiki.
svn path=/trunk/; revision=25833
|
|
capinfos and dumpcap don't need to depend on libwireshark nor directly pull
in those modules). Because capinfos and editcap were only being linked with
privileges.c if we had plugins, this allows those programs to be linked when
someone is compiling --without-plugins.
svn path=/trunk/; revision=25640
|
|
changed in the previous checkin.
svn path=/trunk/; revision=25573
|
|
with the "ld" pointer argument (and to point out that it's a global
variable).
svn path=/trunk/; revision=25554
|
|
names, as noted by John Smith.
svn path=/trunk/; revision=25542
|
|
setting, and is used only in dumpcap.c, and needs to get at information
set by dumpcap's signal handlers so it can respond to ^C; move it to
dumpcap.c, rename it print_statistics_loop(), and make it set ld.go to
TRUE before looping and loop only as long as ld.go is TRUE.
That fixes bug 2592 (at least on Mac OS X, and probably on other UN*Xes;
it should fix it on Windows as well).
svn path=/trunk/; revision=25492
|
|
svn path=/trunk/; revision=25368
|
|
libwireshark (and the plugins using those functions) do not depend on
wiretap on Windows.
While doing that, rename the eth_* functions to ws_*.
svn path=/trunk/; revision=25354
|
|
svn path=/trunk/; revision=24724
|
|
INSTALL: Add entries for libcap.
svn path=/trunk/; revision=24722
|
|
Essentially: if using libcap, drop capabilities
after doing pcap_open_live.
See comment in main() for details.
svn path=/trunk/; revision=24716
|
|
privileges. Otherwise, we might print
dumpcap: cap_set_proc() fail return: Operation not permitted
to stderr.
svn path=/trunk/; revision=24704
|
|
svn path=/trunk/; revision=24507
|
|
On glib-1.2 systems g_ascii_strcasecmp() is in libwireshark (which we don't
want to include in dumpcap) and anyway our code should be the only thing
calling dumpcap with "-Z"--so hopefully there's no need for doing a
case-insensitive comparison.
(This is another argument for adding a "utils" library.)
svn path=/trunk/; revision=24462
|
|
1. Clean up dumpcap 'as a child' err msg handling so that:
- all err msgs are properly formatted when being sent
back to the parent.
- any log Critical, Warning, etc messages
are sent back to parent and are properly formatted.
2. Change handling of -w <...> slightly in capture_opts.c
so that wireshark provides a good error message if
there is a 'write permissions' issue on the file.
(Previously the error popup said only
"Child exited with status 2").
This fixes bug #2288.
Add some conditionalized DEBUG_CHILD_DUMPCAP code for
dumpcap debug logging to a file.
svn path=/trunk/; revision=24446
|
|
declared in capture_opts.h.
svn path=/trunk/; revision=24352
|
|
declares are called only on Windows.
svn path=/trunk/; revision=24351
|
|
the callback function part of the loop_data structure - we always call
capture_loop_packet_cb().
svn path=/trunk/; revision=24350
|
|
opening the capture device. That somewhat fixes bug 2273, although the
second and subsequent files don't have the right group ownership,
probably because of the problem described in the comment before
relinquish_special_privs_perm().
We should also relinquish special privileges *before* trying to open the
capture pipe, so that we can't open a pipe to which the real user
doesn't have access.
svn path=/trunk/; revision=24347
|
|
does capturing any more. (We will be inserting a call to give up
privileges after the pcap_open_live(), which should fix 2273; we're
currently only giving up privileges on platforms with libcap.)
svn path=/trunk/; revision=24345
|
|
svn path=/trunk/; revision=24148
|
|
- retrieving the list of remote PCAP interfaces
- password authentication support
- UDP data fransfer
- packet sampling (available in WinPcap 4.x)
etc.
fix problem if non-default rpcap port is used
svn path=/trunk/; revision=23750
|
|
#23537 change
svn path=/trunk/; revision=23540
|
|
example, we're ^C'ed. This should fix bug 2003.
svn path=/trunk/; revision=23538
|
|
retaining CAP_NET_ADMIN and CAP_NET_RAW. Update some Makefile
dependencies for dumpcap.
svn path=/trunk/; revision=23511
|
|
pipe instead of stdin. Add an argument (currently the parent PID) back
to the "-Z" flag and use it to construct the pipe name. This lets us
pass the parent's stdin handle to dumpcap, which lets us capture from
stdin on Windows. Add a comment about checking for the parent process.
In capture_loop.c, remove the wait_forever argument from cap_pipe_select()
since it was always FALSE. Set the timeout under Windows to 250 ms
instead of 250000 ms.
svn path=/trunk/; revision=23279
|
|
dumpcap, when using it as a capture child; leave the standard output
alone, in case tshark was told to write the capture to the standard
error.
Get rid of the argument to the "-Z" option to dumpcap; it might not work
on Windows.
svn path=/trunk/; revision=23124
|
|
"with", so we shouldn't put our own "with" in there.
svn path=/trunk/; revision=23037
|
