Age | Commit message (Collapse) | Author | Files | Lines |
|
don't pick up the in-tree copy.
Change-Id: I7ec473876cdba1a025c52362d7f6adc62d24ce71
Reviewed-on: https://code.wireshark.org/review/3798
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
Change-Id: I3445ae22f10584582d465bf632942e016f5f70ca
Reviewed-on: https://code.wireshark.org/review/3452
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
With autotools, CMake, and nmake, if we have a function, #define
HAVE_{function_name_in_all_caps}, otherwise don't #define it.
If we provide our own version of a function in libwsutil, make sure we
have a header that declares it, and *ONLY* include that header if
HAVE_{function_name_in_all_caps} is *NOT* defined, so that we don't have
the system declaration and our declaration colliding.
Check for inet_aton, strncasecmp, and strptime with CMake, just as we do
with autotools.
Simplify the addition of {function_name_in_all_caps}_LO to libwsutil in
autotools.
Change-Id: Id5be5c73f79f81919a3a865324e400eca7b88889
Reviewed-on: https://code.wireshark.org/review/2903
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Have --version print the version number, the copyright information, the
"compiled with" information, the "running on/with" information, and the
compiler information.
Have --help print the version number, a one-line summary of what the
program does, a reference to http://www.wireshark.org for more
information, a Usage: line, and a list of command-line options.
This means programs doing that don't need to include version.h; that's
left up to get_ws_vcs_version_info() to do.
Change-Id: Idac641bc10e4dfd04c9914d379b3a3e0cc5ca8cb
Reviewed-on: https://code.wireshark.org/review/2794
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I946067b972a70154f02ab561bc0fd029a7a5abc4
Reviewed-on: https://code.wireshark.org/review/2791
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
In some cases "-v" was already used so "-V" is the option.
Note that the version information in these utilities is much shorter than what
is presented by the big programs.
As requested by https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5804
Bug: 5804
Change-Id: I35db35a4eace2797afd895f9be7322ef39928480
Reviewed-on: https://code.wireshark.org/review/2489
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Add a "record type" field to "struct wtap_pkthdr"; currently, it can be
REC_TYPE_PACKET, for a record containing a packet, or
REC_TYPE_FILE_TYPE_SPECIFIC, for records containing file-type-specific
data.
Modify code that reads packets to be able to handle non-packet records,
even if that just means ignoring them.
Rename some routines to indicate that they handle more than just
packets.
We don't yet have any libwiretap code that supplies records other than
REC_TYPE_PACKET or that supporting writing records other than
REC_TYPE_PACKET, or any code to support plugins for handling
REC_TYPE_FILE_TYPE_SPECIFIC records; this is just the first step for bug
8590.
Change-Id: Idb40b78f17c2c3aea72031bcd252abf9bc11c813
Reviewed-on: https://code.wireshark.org/review/1773
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
And make sure we have a pointer to the struct wtap_pkthdr for the packet
before we check it for a time stamp.
Change-Id: I26b205e5467a3a1236e9fd1f7633e86ece5e9040
Reviewed-on: https://code.wireshark.org/review/1762
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Pcap-ng files might have Simple Packet Blocks, which don't have time
stamps, and some other file formats might not have time stamps as well.
Only check the time stamp if we have one, and don't use "the start time
stamp is unset" as an indication that we've just read the first packet,
use "the count of packets we've read is 1" as an indication that we've
just read the first packet.
Change-Id: I097c54867655efb5c343fb880a113b3583736bbd
Reviewed-on: https://code.wireshark.org/review/1757
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This reverts commit c0c480d08c175eed4524ea9e73ec86298f468cf4.
A better way to do this is to have the record type be part of struct wtap_pkthdr; that keeps the metadata for the record together and requires fewer API changes. That is in-progress.
Change-Id: Ic558f163a48e2c6d0df7f55e81a35a5e24b53bc6
Reviewed-on: https://code.wireshark.org/review/1741
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This is the first step towards implementing the mechanisms requestd in
bug 8590; currently, we don't return any records other than packet
records from libwiretap, and just ignore non-packet records in the rest
of Wireshark, but this at least gets the ball rolling.
Change-Id: I34a45b54dd361f69fdad1a758d8ca4f42d67d574
Reviewed-on: https://code.wireshark.org/review/1736
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This reverts commit 1abeb277f5e6bd27fbaebfecc8184e37ba9d008a.
This isn't building, and looks as if it requires significant work to fix.
Change-Id: I622b1bb243e353e874883a302ab419532b7601f2
Reviewed-on: https://code.wireshark.org/review/1568
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Start of refactoring Wiretap and breaking structures down into "generally useful fields for dissection" and "capture specific". Since this in intended as a "base" for Wiretap and Filetap, the "wft" prefix is used for "common" functionality.
The "architectural" changes can be found in cfile.h, wtap.h, wtap-int.h and (new file) wftap-int.h. Most of the other (painstaking) changes were really just the result of compiling those new architecture changes.
bug:9607
Change-Id: Ife858a61760d7a8a03be073546c0e7e582cab2ae
Reviewed-on: https://code.wireshark.org/review/1485
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The best heuristic can fail, so add possibility to manually choose
capture file format type, so not correctly recognize file format can be
loaded in Wireshark.
On the other side now it is possible to open capture file
as file format to be dissected.
Change-Id: I5a9f662b32ff7e042f753a92eaaa86c6e41f400a
Reviewed-on: https://code.wireshark.org/review/16
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
|
|
Rename "SVNPATH" to "GITBRANCH" since that seems more appropriate.
Rename "svnversion.h" to "version.h" as Evan suggested. Update some
URLs. In make-version.pl, make sure we don't set an improper upstream
branch name. Use the number of commits + short hash from `git describe`
for package names by default.
Change-Id: I922bba8d83eabdf49284a119f55b4076bc469b96
Reviewed-on: https://code.wireshark.org/review/139
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
* Remove _MSC_VER < 1500 check
* Cleanup config.nmake
See http://www.wireshark.org/lists/wireshark-dev/201305/msg00159.html
svn path=/trunk/; revision=54965
|
|
text messages (including informational) should go to stderr.
svn path=/trunk/; revision=54930
|
|
svn path=/trunk/; revision=54929
|
|
willing to read or that's bigger than will fit in the file format;
instead, report an error.
For the "I can't write a packet of that type in that file type" error,
report the file type in question.
svn path=/trunk/; revision=54882
|
|
fix format strings for signed integers
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9637
svn path=/trunk/; revision=54835
|
|
No need to build a constant string on the stack at runtime;
Fix a typo;
Do some whitespace changes;
Change tab-width & etc to 8 in editor modelines.
svn path=/trunk/; revision=54581
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9591
svn path=/trunk/; revision=54387
|
|
knowledge of particular types of plugins. Instead, let particular types
of plugins register with the common plugin code, giving a name and a
routine to recognize that type of plugin.
In particular applications, only process the relevant plugin types.
Add a Makefile.common to the codecs directory.
svn path=/trunk/; revision=53710
|
|
packet dissection, they're specific to the entire Wireshark suite of
programs.
svn path=/trunk/; revision=53377
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9422
svn path=/trunk/; revision=53345
|
|
After r50154 nstime_t is inside wsutil/ so wiretap don't need it's own copy.
svn path=/trunk/; revision=53184
|
|
subtypes, e.g. Network Monitor version 1 and Network Monitor version 2
are separate "file types", even though they both come from Network
Monitor.
Rename various functions, #defines, and variables appropriately.
svn path=/trunk/; revision=53166
|
|
write editcap debug infos to stderr
print some of those messages only in verbose mode
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9342
svn path=/trunk/; revision=52942
|
|
svn path=/trunk/; revision=52097
|
|
svn path=/trunk/; revision=51888
|
|
function for both clarity and correctness since we need to compute chop offsets and lengths on a per-packet basis whereas previously this was not being done.
Lastly, try to improve the documentation a bit concerning chopping and provide another example depicting 2 separate chopping regions. *Maybe* this is clearer?
One more example here for posterity: Given the following 75 byte packet, there
are 8 different ways to chop the 2 regions marked as 10 and 20 in a single pass:
<--------------------------- 75 ---------------------------->
+---+-------+-----------+---------------+-------------------+
| 5 | 10 | 15 | 20 | 25 |
+---+-------+-----------+---------------+-------------------+
1) editcap -C 5:10 -C -25:-20 in.pcap out.pcap
2) editcap -C 5:10 -C 50:-20 in.pcap out.pcap
3) editcap -C -70:10 -C -25:-20 in.pcap out.pcap
4) editcap -C -70:10 -C 50:-20 in.pcap out.pcap
5) editcap -C 30:20 -C -60:-10 in.pcap out.pcap
6) editcap -C 30:20 -C 15:-10 in.pcap out.pcap
7) editcap -C -45:20 -C -60:-10 in.pcap out.pcap
8) editcap -C -45:20 -C 15:-10 in.pcap out.pcap
svn path=/trunk/; revision=51886
|
|
indent scheme and add modelines to match. Also, declare a few variables static.
(A fix for crossed chopping regions should be coming in the near future ...)
svn path=/trunk/; revision=51863
|
|
from the beginning or the end.
Given the following example, it's now possible to chop the 10 bytes depicted from the 100 byte packet 4 different ways and achieve the exact same results:
<-------- 100 --------> Methods:
1) editcap -C 20:10 in.pcap out.pcap
+------+----+---------+ 2) editcap -C -80:10 in.pcap out.pcap
| 20 | 10 | 70 | 3) editcap -C -70:-10 in.pcap out.pcap
+------+----+---------+ 4) editcap -C 30:-10 in.pcap out.pcap
svn path=/trunk/; revision=51854
|
|
packet beginning or packet end. I *think* this will be easier syntax to remember.
svn path=/trunk/; revision=51848
|
|
svn path=/trunk/; revision=51845
|
|
This means wsutil now links against libcrypt.
Protect a bunch of the crypt header files from multiple inclusion.
svn path=/trunk/; revision=51100
|
|
there and moving it avoids having to recompile the file for use in editcap
and mergecap (which don't link against libwireshark).
svn path=/trunk/; revision=50650
|
|
there and moving it avoids having to recompile the file for use in editcap and capinfos (which don't link against libwireshark).
svn path=/trunk/; revision=50598
|
|
bytes from both the beginning and end of a packet in a single step.
svn path=/trunk/; revision=50536
|
|
motivated by a question on ask where the user currently has to jump through hoops to accomplish the same thing which can now be done in 1 step via:
editcap -T wpan -C 16 -L -F libpcap test.pcap test_wpan.pcap
I thought it would be useful enough for others as well.
Ref: http://ask.wireshark.org/questions/22689/problems-with-editcap-and-wpan-encapsulation-option
svn path=/trunk/; revision=50491
|
|
make use of it in editcap and mergecap for listing encapsulation types. For example:
Before:
user0 - USER 0
user1 - USER 1
user10 - USER 10
user11 - USER 11
user12 - USER 12
user13 - USER 13
user14 - USER 14
user15 - USER 15
user2 - USER 2
user3 - USER 3
user4 - USER 4
user5 - USER 5
user6 - USER 6
user7 - USER 7
user8 - USER 8
user9 - USER 9
After:
user0 - USER 0
user1 - USER 1
user2 - USER 2
user3 - USER 3
user4 - USER 4
user5 - USER 5
user6 - USER 6
user7 - USER 7
user8 - USER 8
user9 - USER 9
user10 - USER 10
user11 - USER 11
user12 - USER 12
user13 - USER 13
user14 - USER 14
user15 - USER 15
svn path=/trunk/; revision=50482
|
|
A bunch of files didn't really need to include these header files so remove
the include line rather than changing it.
svn path=/trunk/; revision=50154
|
|
remove C++ incompatibilities
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8416 attachment #10397
svn path=/trunk/; revision=48438
|
|
[PATCH 1/2] Revert "Try to fix the "LNK4217: locally defined symbol"
warnings.
This reverts commit r48158.
[PATCH 2/2] Employ small hack in editcap to link with a few objects from
libwireshark properly
From me:
Add the ability to reset symbol exports via ws_symbol_export.h's include
guard and do so in capinfos.c and editcap.c. We include ws_symbol_export.h
in over 200 files so it didn't seem to make sense to remove its include
guard entirely.
svn path=/trunk/; revision=48170
|
|
svn path=/trunk/; revision=48108
|
|
is running" mutex. Have the NSIS installer check for this mutex and ask
the user to close Wireshark if it's found. While not perfect this makes
the WinSparkle update process much less annoying.
svn path=/trunk/; revision=47758
|
|
svn path=/trunk/; revision=47065
|
|
and as per email response from Richard Sharpe, add GPLv2+ boilerplate header
and license.
svn path=/trunk/; revision=47063
|
|
Allow use of huges values for localtime / ctime / gmtime with MSVC 2008 or later
svn path=/trunk/; revision=46930
|