| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
function pointer (to main) to an argument to dladdr() is done in
init_progfile_dir() rather than its callers.
svn path=/trunk/; revision=27814
|
|
const void *.
svn path=/trunk/; revision=27813
|
|
it's available and works.
svn path=/trunk/; revision=27812
|
|
More remove checking for NULL before g_free().
svn path=/trunk/; revision=27728
|
|
Also: Do a bit of cleanup on related code.
svn path=/trunk/; revision=27458
|
|
routines handled by epan/report_err.c.
Move copy_binary_file() in file.c to epan/filesystem.c, and rename it to
copy_file_binary_mode() (to clarify that it *can* copy text files;
arguably, *all* files are "binary" unless you're on, say, an IBM 1401
:-)). Have it use the report_err.c routines, so it works in
console-mode programs.
Clean up some comments while we're at it.
svn path=/trunk/; revision=27456
|
|
svn path=/trunk/; revision=27392
|
|
file to use for decryption of Krb5 and GSS-KRB
svn path=/trunk/; revision=26343
|
|
svn path=/trunk/; revision=26093
|
|
Clean up indentation a bit.
svn path=/trunk/; revision=26037
|
|
capinfos and dumpcap don't need to depend on libwireshark nor directly pull
in those modules). Because capinfos and editcap were only being linked with
privileges.c if we had plugins, this allows those programs to be linked when
someone is compiling --without-plugins.
svn path=/trunk/; revision=25640
|
|
dumpcap, and calling it capture_opts collides with parameter names, as
noted by John Smith.
svn path=/trunk/; revision=25545
|
|
svn path=/trunk/; revision=25399
|
|
libwireshark (and the plugins using those functions) do not depend on
wiretap on Windows.
While doing that, rename the eth_* functions to ws_*.
svn path=/trunk/; revision=25354
|
|
svn path=/trunk/; revision=25247
|
|
svn path=/trunk/; revision=25202
|
|
the right thing in Wireshark and TShark, as both of them call
epan_init() to set the appropriate "report an error" function.
That obviates the need to have TShark have its own private version of
simple_dialog().
Have cmdarg_err() just call failure_message() instead of duplicating the
code in failure_message().
svn path=/trunk/; revision=25201
|
|
proto.[hc]
define new APIs to allow delayed registration of protocol fields,
so that dissectors with "flexible" fields like xml, radius, diameter,
snmp do not have to load their files at startup but can do so as late as possible.
gtk/dfilter_expr_dlg.c :
have the expression dialog registering all prefixes so that all fileds appear in the dialog
tshark.c
register all prefixes when called with -G
epan/radius_dict.l
epan/dissectors/packet-radius.c
epan/dissectors/packet-radius.h
refactor registration to delay dictionary loading as long as possible
svn path=/trunk/; revision=24762
|
|
"frame.time_delta_displayed" is
used within a display filter.
(the usefullness of "frame.time_delta_displayed" in a display filter is very limited
since it bites it's own tail. Still, wireshark and tshark should at least show the
same behaviour)
svn path=/trunk/; revision=24708
|
|
svn path=/trunk/; revision=24678
|
|
- Change apply / prepare / ... as filter to use the field's value, which
is now stored in fdata as well as cinfo. Now we don't have to reprocess
the entire packet list when using these features. This also prevents
the use of these features from overwriting custom column information.
(custom columns can now be used in apply / prepare ... as filter)
- Break col_expr and col_expr_val out into a struct that is included not only
in cinfo, but now also fdata.
- Have col_custom_set_fstr() quote FT_STRING & FT_STRINGZ when storing the
col_expr_val value (for filter creation).
svn path=/trunk/; revision=24511
|
|
svn path=/trunk/; revision=24335
|
|
svn path=/trunk/; revision=24258
|
|
The attached patch makes the Statistics -> RTP -> Show All Streams feature of
wireshark accessible via tshark.
I found it helpful in dealing with tons of RTP captures.
svn path=/trunk/; revision=24252
|
|
configure and use more than one set of preferences and configuration files.
This can be found in the "Configuration Profiles..." menu item from the Edit
menu, or by pressing Shift-Ctrl-A. It's also possible to start wireshark
and tshark with a named profile by using the "-C ProfileName" option.
A new status pane in the main window will show the current profile.
The configuration files currently stored in the Profiles are:
- Preferences
- Capture Filters
- Display Filters
- Coloring Rules
- Disabled Protocols
- User Accessible Tables
The recent data are by design not added to the profile.
Planned future enhancements:
- make a more convenient function to switch between profiles
- add a "clone profile" button to copy an existing profile
- make the profiles list active and accept return as OK
- save users "Decode as" in the profile
- make new, clone and deletion of profiles more secure
- make some of the recent values available in the profile
This patch also fixes:
- setting default status pane sizes
- a bug setting status pane for packets when not having main lower pane.
svn path=/trunk/; revision=24089
|
|
mismatch" warning.
svn path=/trunk/; revision=24085
|
|
svn path=/trunk/; revision=23862
|
|
svn path=/trunk/; revision=23543
|
|
FT_STRING, except that it converts the data from the packet from EBCDIC
to ASCII for display in Wireshark.
svn path=/trunk/; revision=23503
|
|
necessarily an integral data type. Use sigemptyset() to clear it.
svn path=/trunk/; revision=23257
|
|
that we can find out what the signal action for SIGHUP is without
changing it).
That renders report_counts() safe to use at the end of a capture; do so.
Clean up indentation.
svn path=/trunk/; revision=23256
|
|
svn path=/trunk/; revision=23040
|
|
svn path=/trunk/; revision=23030
|
|
Count packets even if we're not dissecting them.
svn path=/trunk/; revision=23026
|
|
1875). The man page already states this
svn path=/trunk/; revision=23014
|
|
fix Buildbot.
svn path=/trunk/; revision=23003
|
|
We can simply block waiting for input from the child process because we are
in a CLI that does not need to worry about updating a GUI while we're waiting
for packets and so forth.
Before I realized that I wrote a working (for me) method using select() that
I've left in for now (#ifdef'd out).
svn path=/trunk/; revision=22999
|
|
whatever reason), try to use g_static_mutex_init() instead
svn path=/trunk/; revision=22977
|
|
svn path=/trunk/; revision=22975
|
|
svn path=/trunk/; revision=22974
|
|
rewrite the tshark capture code almost completely, to use dumpcap instead of it's own pcap functionality.
This works on Win32 and should work on unix/linux (but I'm not sure here). Some stuff needs to be cleaned up, some more may need to be rewritten to specifically work with unix/win32. Futher work needs to be done at:
1. read filters (simply document current behaviour?)
2. event loop polling
3. privileges
4. code cleanup (e.g. in capture_loop.c)
Be prepared that tshark might not work as before / expected at least in the next days!
svn path=/trunk/; revision=22969
|
|
fetch the major OS version. If we're running Windows >= 6 (Vista)
_and_ npf.sys isn't running, warn the user in Wireshark and TShark.
Add a recent prefs item to disable the warning in Wireshark.
svn path=/trunk/; revision=22877
|
|
setuid instead of Wireshark. Remove the "DANGEROUS" notices, but leave it
disabled by default. Whine if the user runs Wireshark or TShark as root.
Add a preference to disable the whining. Add a "setuid-root" script that
can be used to switch dumpcap and TShark's setuid-ness on and off for
development and testing. Update the release notes and README.packaging.
svn path=/trunk/; revision=22733
|
|
Try to call get_interface_descriptive_name() as little as possible (storing
the result in capture_opts) to avoid a performance hit during live capture
(especially if you have lots of interfaces) and to avoid leaking memory.
One issue with this is that capture_opts.c cannot (without adding significant
dependencies) set the iface_descr so readers of that field (only gtk/main.c
and tshark.c) use a macro to (set if not already set and) get the value of
that field.
svn path=/trunk/; revision=22587
|
|
encap type is registered the plugin probably needs it before reg_handoff)
svn path=/trunk/; revision=22461
|
|
that "-D" and "-L" should produce machine-readable output. Use this to
move an indirect get_pcap_linktype() call from the GUI to dumpcap.
svn path=/trunk/; revision=22367
|
|
Add a capture_interface_list(), which works similar to
get_interface_list() except that it forks dumpcap instead of calling
the pcap routines directly. Use it in the GUI.
Add a "-I" flag to dumpcap, which prints out verbose interface
information.
Tested under Windows and Linux.
svn path=/trunk/; revision=22071
|
|
it's a pointer to an arbitrary object, assumed to be correctly aligned,
not a pointer to a not-necessarily-properly-aligned array of bytes.
Cast it, so we won't get alignment warnings.
svn path=/trunk/; revision=21940
|
|
epan/filesystem.c
have get_plugin_dir() calling init_plugin_dir() if necessary
epan/epan.c and epan/report_err.c
move the report_failure family into the new report_err.c file, have epan_init() calling the initializer
epan/plugins.h and epan/proto.c
do not have init_plugins() calling the proto_reg functions instead do it in init_proto()
gtk/main.c and tshark.c
init_plugin_dir() has become suprefluous
capinfos.c and editcap.c
load the wiretap plugins
Makefiles
do what's needed to build withe the above changes.
svn path=/trunk/; revision=21935
|
|
Output preamble and finale on live capture.
svn path=/trunk/; revision=21930
|
