| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
svn path=/trunk/; revision=10038
|
|
current CVS libpcap uses 163 for the AVS radio header (127 was never
used for the AVS radio header). Redo the Wiretap encapsulation values
for that (and shuffle them to put the 802.11 Wiretap values together).
svn path=/trunk/; revision=9904
|
|
reserved private DLT_ values.
svn path=/trunk/; revision=9892
|
|
it, similar to the Ethernet pseudo-header's "fcs_len" field, and use it
in the 802.11 dissector.
svn path=/trunk/; revision=9884
|
|
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
|
|
svn path=/trunk/; revision=9345
|
|
Add a missing entry in "encap_table[]" for Bluetooth H4, and fix some
comments.
svn path=/trunk/; revision=9157
|
|
file format (AiroPeek 2.x).
svn path=/trunk/; revision=9144
|
|
capture files.
svn path=/trunk/; revision=8840
|
|
"hcidump -w" traces.
Note that Jesper Peterson contributed support for reading Endace ERF
files.
svn path=/trunk/; revision=8824
|
|
captures with packet direction information from captures without it.
Use them appropriately.
svn path=/trunk/; revision=8780
|
|
0 means "there is no FCS in the packet data", 4 means "there is an FCS
in the packet data", -1 means "I don't know whether there's an FCS in
the packet data, guess based on the packet size".
Assume that Ethernet encapsulated inside other protocols has no FCS, by
having the "eth" dissector assume that (and not check for an Ethernet
pseudo-header).
Have "ethertype()" take an argument giving the FCS size; pass 0 when
appropriate.
Fix up Wiretap routines to set the pseudo-header. This means we no
longer use the "generic" seek-and-read routine, so get rid of it.
svn path=/trunk/; revision=8574
|
|
svn path=/trunk/; revision=8272
|
|
agents.
svn path=/trunk/; revision=8093
|
|
is pointless, as it's a 16-bit unsigned quantity. Remove those checks -
but note in a comment that WTAP_MAX_PACKET_SIZE must be at least 65535
(as there might well be link-layer types with packets at least that
large).
svn path=/trunk/; revision=7934
|
|
value for DLT_PFLOG, and that goes along with a change to the link-layer
header for DLT_PFLOG - support both the old and new values and format.
svn path=/trunk/; revision=7676
|
|
rename WTAP_ENCAP_ENC0 to WTAP_ENCAP_ENC.
un-#if 0 out the code to handle the value 109 for DLT_ENC, as I've just
checked in support for DLT_ENC in tcpdump.org libpcap and tcpdump, which
maps DLT_ENC to 109 in the file header.
Give packet-enc.c an RCS ID.
svn path=/trunk/; revision=7323
|
|
Add support for the OpenBSD enc(4) encapsulating interface. Add
support for Ethernet over IP (RFC 3378).
Fold Markus' .h files into their respective .c files, add a define to
ipproto.h and use it.
svn path=/trunk/; revision=7310
|
|
that have direction information.
Support writing WTAP_ENCAP_FRELAY_WITH_PHDR and WTAP_ENCAP_PPP_WITH_PHDR
captures out in libpcap format - we throw away the direction
information, but so it goes.
When reading/writing Windows Sniffer format, read and write the
direction flag.
svn path=/trunk/; revision=7052
|
|
addresses and the protocol type, as supplied by BPF; on Linux, they *do*
have an offset field, as supplied by PF_PACKET sockets. Add a new
WTAP_ENCAP_ARCNET_LINUX, with packets that include the offset field, and
don't dissect an offset in WTAP_ENCAP_ARCNET packets.
Map a libpcap link-layer type of 129 to WTAP_ENCAP_ARCNET_LINUX; that
value was recently assigned to Linux-style ARCNET.
Add some more ARCNET protocol IDs.
For most protocol IDs, dissect an ATA 878.2 fragmentation header; don't
do it for RFC 1051 IP and ARP, and Diagnose packets. Set the length of
the ARCNET protocol tree item appropriately.
Dissect both the RFC 1051 and RFC 1201 styles of IP and ARP over ARCNET,
and dissect the RFC 1201 style of RARP as well.
svn path=/trunk/; revision=6981
|
|
that flag in the ATM pseudo-header, and use it to determine whether a
frame is a raw cell or a reassembled frame, rather than using the AAL,
as you can have raw AAL5 cells in a capture.
svn path=/trunk/; revision=6889
|
|
number of 1 means DCE->DTE, in DOS Sniffer ATM captures.
svn path=/trunk/; revision=6881
|
|
from network-based libpcaps that use that protocol.
svn path=/trunk/; revision=6875
|
|
includes adding an SDLC dissector.
svn path=/trunk/; revision=6848
|
|
used for the DOS-based ATM Sniffer. (That's not a great name, but I
couldn't think of a better one.)
Add a new WTAP_ENCAP_ATM_PDUS_UNTRUNCATED encapsulation type for capture
files where reassembled frames don't have trailers, such as the AAL5
trailer, chopped off. That's what at least some versions of the
Windows-based ATM Sniffer appear to have.
Map the ATM capture file type for NetXRay captures to
WTAP_ENCAP_ATM_PDUS_UNTRUNCATED, and put in stuff to fill in what we've
reverse-engineered, so far, for the pseudo-header; there's more that
needs to be done on it, e.g. getting the channel, AAL type, and traffic
type (or inferring them if they're not in the packet header).
svn path=/trunk/; revision=6840
|
|
well as Cisco HDLC support. It compiles OK, but I do not claim that it is
not borken.
I will have to add a small dissector that eats the first two bytes and then
calls the Ethernet dissector as well, to complete the work.
svn path=/trunk/; revision=6809
|
|
Surveyor capture, as there's one link-layer type that UNICOS/mp snoop
treats one way and Shomiti Surveyor treats another way. The only way to
check that is to look at the first record to see how much padding it
has.
svn path=/trunk/; revision=6750
|
|
header.
Add overflow checks to "BYTES_ARE_IN_FRAME()", and cast all arguments to
unsigned values (negative values should never be passed) to squelch
compiler warnings.
svn path=/trunk/; revision=6567
|
|
WTAP_ENCAP_ISDN encapsulation type, which includes a pseudo-header
giving the direction (user-to-network or network-to-user) and the
channel number.
Add a new circuit type, using the ISDN channel number as the circuit ID.
Add an ISDN dissector to put the direction and channel number into the
protocol tree and to call the appropriate dissector for the payload
based on the channel (LAPD for the D channel; V.120, PPP, or data for B
channels, based on some heuristics).
svn path=/trunk/; revision=6521
|
|
map libpcap's DLT_IP_OVER_FC to it.
svn path=/trunk/; revision=6473
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
svn path=/trunk/; revision=6115
|
|
svn path=/trunk/; revision=6000
|
|
will work again without complaints.
svn path=/trunk/; revision=5925
|
|
svn path=/trunk/; revision=5922
|
|
All files:
- Replace types from sys/types.h by those from glib.h
- Replace ntoh family of macros from netinet/in.h and winsock2.h
by g_ntoh family from glib.h
- Remove now unneeded includes of sys/types.h, netinet/in.h and
winsock2.h
wtap.h
Move includes to the top
svn path=/trunk/; revision=5909
|
|
Allow "-" as the output file name in Wiretap, referring to the
standard error.
Optimize the capture loop.
Fix some of the error-message printing code in Ethereal and Tethereal.
Have Wiretap check whether it can seek on a file descriptor, and pass
the results of that test to the file-type-specific "open for output"
routine. Have the "open for output" routines for files where we need to
seek when writing the file return an error if seeks don't work.
svn path=/trunk/; revision=5884
|
|
DOCSIS support, including support for "Ethernet" captures where
the raw frame is a DOCSIS frame rather than an Ethernet
frame (some Cisco cable-modem head-end gear can send out a
trace of all traffic on an Ethernet, but what it sends are
the raw bytes of DOCSIS frames, not Ethernet frames)
Get rid of second AUTHORS entry for Devin Heitmueller, merging its item
into the older entry.
Clean up the order of some lists of plugin items.
svn path=/trunk/; revision=5861
|
|
<packet32.h> includes <winsock2.h>; we include that rather than
<winsock.h>, to avoid errors due to conflicting declarations in
<winsock.h> and <winsock2.h>.
svn path=/trunk/; revision=5742
|
|
extracting a pseudo-header, for the use of SunATM captures.
Add support for SunATM capture.
svn path=/trunk/; revision=5652
|
|
Have "wtap_open_offline()", if asked to open a FIFO, return that error
if it was asked to open the file for random access.
svn path=/trunk/; revision=5643
|
|
svn path=/trunk/; revision=5576
|
|
just an image of the ATM Sniffer data. This means that Ethereal doesn't
have to know any ATM Sniffer-specific details (that's all hidden in
Wiretap), and allows us to add to that pseudo-header fields, traffic
types, etc. unknown to ATM Sniffers.
Have Wiretap map VPI 0/VCI 5 to the signalling AAL - for some capture
files, this might not be necessary, as they may mark all signalling
traffic as such, but, on other platforms, we don't know the AAL, so we
assume AAL5 except for 0/5 traffic. Doing it in Wiretap lets us hide
those details from Ethereal (and lets Ethereal interpret 0/5 traffic as
non-signalling traffic, in case that happens to be what it is).
We may know that traffic is LANE, but not whether it's LE Control or
emulated 802.3/802.5; handle that case.
svn path=/trunk/; revision=5302
|
|
"struct x25_phdr" to "wiretap/wtap.h".
Have two X.25 dissectors, one of which assumes that there's a "struct
x25_phdr" pseudo-header and one of which doesn't; the former uses the
information in that pseudo-header to determine whether the packet is
DTE->DCE or DCE->DTE, and the latter assumes it has no clue whether the
packet is DTE->DCE or DCE->TDE. Use the former one in the LAPB
dissector, and the latter one in the XOT dissector and in the LLC
dissector table.
In the X.25-over-TCP dissector, handle multiple X.25 packets per TCP
segment, and handle X.25 packets split across TCP segments.
svn path=/trunk/; revision=5134
|
|
having a special encapsulation type for AiroPeek files.
svn path=/trunk/; revision=5123
|
|
returns radio information such as signal strength, channel, and data
rate in a pseudo-header. Add that pseudo-header.
Use the "802.11 with radio information" encapsulation type for Wireless
Sniffer files; extract the radio information from where it appears to be
in the header.
Add dissector code for that encapsulation type.
Fix an error in the code to put radio information into the AiroPeek
tree.
Make the "wrapped" flag for NetXRay/Windows Sniffer captures a
"gboolean".
svn path=/trunk/; revision=5122
|
|
"wtap_read()".
Add some additional error checks to the Sniffer file reader.
svn path=/trunk/; revision=4875
|
|
an "err" argument that points to an "int" into which to put an error
code if it fails.
Check for errors in one call to it, and note that we should do so in
other places.
In the "wtap_seek_read()" call in the TCP graphing code, don't overwrite
"cfile.pseudo_header", and make the buffer into which we read the data
WTAP_MAX_PACKET_SIZE bytes, as it should be.
In some of the file readers for text files, check for errors from the
"parse the record header" and "parse the hex dump" routines when reading
sequentially.
In "csids_seek_read()", fix some calls to "file_error()" to check the
error on the random stream (that being what we're reading).
svn path=/trunk/; revision=4874
|
|
svn path=/trunk/; revision=4707
|
|
svn path=/trunk/; revision=4655
|
|
svn path=/trunk/; revision=4619
|
