| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Enhancement patch:
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1758
This change gives Wireshark the ability to read ATM captures saved by UpTime
Select traffic capture.
svn path=/trunk/; revision=22612
|
|
packet-ppi.c can get access to it even when we don't HAVE_LIBPCAP (besides, it doesn't seem to be specific to capturing...)
svn path=/trunk/; revision=22591
|
|
Use G_GINT64_CONSTANT() to make a 64-bit integral constant; not all
compilers we use support LL as a suffix for that (MSVC++ 6, for one).
svn path=/trunk/; revision=22580
|
|
* asn1/mpeg/packet-mpeg-pes-template.c: Improved decoding of PES
extension header and Pack header. Decode SCR, PTS, and DTS.
* asn1/mpeg/mpeg-pes.asn (Pack): Remove.
* epan/dissectors/packet-mpeg-pes.c: Regenerate.
* wiretap/mpeg.c (mpeg_read): Decode the SCR using integer
arithmetic instead of double float arithmetic to prevent rounding
error.
* wiretap/wtap-int.h (mpeg_t) <t0>: Use time_t instead of double.
svn path=/trunk/; revision=22577
|
|
at the ends of packets.
svn path=/trunk/; revision=22540
|
|
This patch adds support for the Juniper NetScreen snoop output format.
It takes a text-dump op the captured packets and parses the headers
and hex-data. Since the snoop files on a Junpiper NetScreen can be saved
to a tftp-server, this patch makes it quite easy to use the snoop
function of the Juniper NetScreen firewalls.
/* XXX TODO:
*
* o Create a wiki-page with instruction on how to make tracefiles
* on Juniper NetScreen devices. Also put a few examples up
* on the wiki (Done: wiki-page added 2007-08-03)
*
* o Use the interface names to properly detect the encapsulation
* type (ie adsl packets are now not properly dissected)
* (Done: adsl packets are now correctly seen as PPP, 2007-08-03)
*
* o Pass the interface names and the traffic direction to either
* the frame-structure, a pseudo-header or use PPI. This needs
* to be discussed on the dev-list first
* (Posted a message to wireshark-dev abou this 2007-08-03)
*
*/
svn path=/trunk/; revision=22533
|
|
svn path=/trunk/; revision=22480
|
|
Changed eth_dir_get_name(dirent) macro
svn path=/trunk/; revision=22478
|
|
libm required if C library is not libc (like uclibc)
svn path=/trunk/; revision=22475
|
|
This patch adds MPEG PES (packetized elementary stream) to the list of
magic types in wiretap/mpeg.c.
svn path=/trunk/; revision=22460
|
|
svn path=/trunk/; revision=22451
|
|
don't worry about YY_PROTO, which isn't defined with the newer shinier
versions of Flex.
svn path=/trunk/; revision=22450
|
|
svn path=/trunk/; revision=22449
|
|
1) "-e" isn't supported by good old /bin/sh, so we use "-r"
instead;
2) "The algorithm for determining the precedence of the
operators and the return value that will be generated is
based on the number of arguments presented to test", so we
explicitly parenthesize.
svn path=/trunk/; revision=22448
|
|
svn path=/trunk/; revision=22447
|
|
such as the fact that Flex strips all but the last component of the "-o"
argument, and that it doesn't generate a header file to declare routines
the generated lexical analyzer defines. Use that script when building
lexical analyzers, and, for each lexical analyzer, include the generated
header file in the generated analyzer.
svn path=/trunk/; revision=22446
|
|
Makefile.nmake files; currently, it has the (F)lex-to-C rule and a
.SUFFIXES pseudo-rule to add .l to the list of suffixes. Have
Makefile.nmake files with .l.c rules include Makefile.nmake.inc to get
that rule.
The names Makefile.am.inc and Makefile.nmake.inc aren't necessarily the
right names for the files in question.
Use $(PACKAGE) in the Mate plugin's Makefile, rather than "mate".
svn path=/trunk/; revision=22437
|
|
Makefile.am files; currently, it has the (F)lex-to-C rule. Have
Makefile.am files with .l.c rules include Makefile.am.inc to get that
rule.
svn path=/trunk/; revision=22436
|
|
UN*X.
svn path=/trunk/; revision=22434
|
|
svn path=/trunk/; revision=22430
|
|
Move the %options to the beginning if they weren't already there, and
put them in the same order in all files.
Add "prefix=" options to .l files that don't already have them, so we
don't have to pass a "-P" option.
Add "never-interactive" and "noyywrap" options to our lexical analyzers,
to remove extra isatty() checks and to eliminate the need for yywrap()
from the Flex library.
Get rid of %option nostdinit - that's the default.
Add .l.c: rules to Makefile.am files, replacing the rules for specific
.l files. Have those rules all check that $(LEX) is set.
Update the address for the FSF.
svn path=/trunk/; revision=22424
|
|
a source release tarball without having Flex (think of a source release
tarball being as much a platform-independent distribution format for
people *not* interested in development, and who are on platforms for
which there aren't binary packages, as a way of getting the source to do
development). Don't check Flex's capabilities in the configure script
(handling reentrant scanners would have to be done differently).
svn path=/trunk/; revision=22414
|
|
them - check whether Flex supports them.
svn path=/trunk/; revision=22410
|
|
svn path=/trunk/; revision=22395
|
|
svn path=/trunk/; revision=22305
|
|
doesn't fix the problem, as the sign extension is still done; you have
to cast to "guchar".
svn path=/trunk/; revision=22304
|
|
Its argument, however, needs to be cast to "guchar", so that if the
high-order bit is set, it doesn't get sign-extended.
svn path=/trunk/; revision=22303
|
|
svn path=/trunk/; revision=22300
|
|
The encap_table_base in wcap.c is missing an entry.
This causes e.g. "dumpcap -i usb3 -L" to output:
Data link types (use option -y to set):
USB_LINUX
(MPEG)
svn path=/trunk/; revision=22292
|
|
integral data types, so we handle LP64 platforms if "gint64" is just a
"long int".
svn path=/trunk/; revision=22281
|
|
svn path=/trunk/; revision=22261
|
|
- Change a value string value to help an easily-frightened colleague
svn path=/trunk/; revision=22224
|
|
svn path=/trunk/; revision=22150
|
|
http://www.cacetech.com/documents/PPI_Header_format_1.0.pdf .
svn path=/trunk/; revision=22094
|
|
nm on my mac says it is there...
svn path=/trunk/; revision=22093
|
|
svn path=/trunk/; revision=22092
|
|
svn path=/trunk/; revision=22091
|
|
captypes ETH_CAPTYPE_OTHERPOD2 and
ETH_CAPTYPE_GIGPOD2 in comments for
the associated TpS tables.
svn path=/trunk/; revision=22074
|
|
The code for reading ERF files has not been significantly
updated since 2004. This patch brings it up to date with a
number of changes.
1) Increase number of decodable ERF types from 7 to 12. This
covers newer DAG card models and firmware updates.
2) Fix timestamp conversion. Was calculating only microsecond
precision, now displaying with nanosecond resolution. Hardware
precision is 7.5 to 30 ns depending on model.
3) Allow the user to specify HDLC encapsulation as 'chdlc',
'ppp_serial', 'frelay' or 'mtp2'. This is needed because the
ERF HDLC capture formats do not include information on what
protocol is used at the next level. This is currently done via
an environment variable 'ERF_HDLC_ENCAP' and is analagous to the
existing 'ERF_ATM_ENCAP' variable.
If the user does not specify an HDLC encapsulation it tries to
guess, and falls back to MTP2 for backwards compatibility with
Florent's existing behaviour.
I know environment variables are ugly, suggestions are welcome.
4) When reading HDLC captures as MTP2, use
WTAP_ENCAP_MTP2_WITH_PHDR rather than WTAP_ENCAP_MTP2. This
allows us to put the 'Multi-Channel ERF' record 'channel
number' field into the MTP2 pseudo header > 'link_number'
field. This is then displayed in Frame information, and can
be filtered on. (Would be nice if it could be made a display
column?)
Because the ERF record does not specify whether Annex A is used
or not, we pass MTP2_ANNEX_A_USED_UNKNOWN and allow the existing
user preference to decide.
Move the MTP2_ANNEX_A_ definitions into Wiretap, make the annex_a_used
field a guint8, and change MTP2_ANNEX_A_USED_UNKNOWN to 2 so it fits in
a guint8. (This means that if you can save an ERF MTP2 file as a
libpcap file, the pseudo-header will have MTP2_ANNEX_A_USED_UNKNOWN in
it.)
svn path=/trunk/; revision=22067
|
|
the new file type.
Add few functions to wiretap's exported API.
svn path=/trunk/; revision=22060
|
|
svn path=/trunk/; revision=22050
|
|
TpS_otherpod[]. Ask about its validity for ETH_CAPTYPE_OTHERPOD2 and
ETH_CAPTYPE_GIGPOD2.
svn path=/trunk/; revision=22016
|
|
svn path=/trunk/; revision=22015
|
|
svn path=/trunk/; revision=22005
|
|
svn path=/trunk/; revision=21998
|
|
svn path=/trunk/; revision=21997
|
|
network type; there's no "presumably" about it.
Suggest that "realtick" might have the right time stamp in other cases
(if not, a comment should explicitly indicate that, so that in all cases
where we either know that realtick is wrong or have a lot of evidence to
show that it's right, we note that fact).
svn path=/trunk/; revision=21996
|
|
Fix some other comments.
Add a suggestion for why the realtick values might correlate with
packets having an FCS.
svn path=/trunk/; revision=21993
|
|
svn path=/trunk/; revision=21986
|
|
svn path=/trunk/; revision=21983
|
