Age | Commit message (Collapse) | Author | Files | Lines |
|
- Many DCT2000 protocols can be embedded within an IP primitive
message. Add a heuristic to see if we can find the protocol payload
within in IP primitive message, and look for an ethereal dissector
matching the DCT2000 protocol name (this is useful for simple protocol
testing where no physical links are involved)
- Make some more of these protocols (diameter, http, mgcp) findable by name
- Adds protocol 'variant' number to stub and dissector
- Break the duplicated writing of the stub header out into a separate
function
svn path=/trunk/; revision=18212
|
|
svn path=/trunk/; revision=18206
|
|
svn path=/trunk/; revision=18197
|
|
svn path=/trunk/; revision=18188
|
|
that.
It also doesn't hae <glib/gprintf.h>, so use that only for GLib 2.0 and
later.
svn path=/trunk/; revision=18169
|
|
That requires that we define G_GINT64_MODIFIER ourselves if glib.h
doesn't define it for us, as that's what should be used to print 64-bit
integral values in any calls that use any of the GLib printf functions
(directly or indirectly).
svn path=/trunk/; revision=18154
|
|
format but still useful for dissecting arbitrary BER/DER ASN.1.
svn path=/trunk/; revision=18110
|
|
This patch should hopefully remove any possible buffer overflows in
parse_line() as reported by the current Coverity scan. I'm not sure
that the error it currently reports is valid (I think its confused by
supposing that a condition that is being tested can be true, whereas it
can't...), but this patch fixes a number of potential problems remaining
in the function.
svn path=/trunk/; revision=17979
|
|
svn path=/trunk/; revision=17968
|
|
Fix coverity bugs.
svn path=/trunk/; revision=17909
|
|
utilization, in units of .1%.
svn path=/trunk/; revision=17901
|
|
These patches:
- fix the bounds errors reported by coverity in bug 879
- fix a couple of other potential bounds errors (length checking 1st & 2nd lines in file)
- reorder catapult_dct2000_phdr so that normal protocol pseudo-header info is at the start. This means that the stub dissector can avoid the nasty
(overlapped) memcpy
- a little whitespace fixing
svn path=/trunk/; revision=17886
|
|
ugly printouts for "editcap -T".
svn path=/trunk/; revision=17873
|
|
Get rid of some unnecessary casts.
Multiply seconds by 10^9, not 10^6, to get nanoseconds.
svn path=/trunk/; revision=17872
|
|
Advertise nanosecond resolution.
svn path=/trunk/; revision=17871
|
|
Put the code to read the packet header and the packet data into routines
(which also fixes some places where observer_seek_read() was using the
sequential file handle rather than the random file handle), make the
packet header reader skip over the TLVs,
Do some additional sanity checking.
Wiretap supports nanosecond resolution; provide nanosecond resolution
time stamps.
Rename some structure members to match their purpose (they're TLV
counts, not flags).
Remove the TLV header from the TLV structures (and eliminate TLV
structures if we don't have the contents or they're just a string); if
we process them, we'll probably end up reading the header and data
separately.
Add some information about some of the TLVs in expert information packets.
svn path=/trunk/; revision=17870
|
|
I have taken a look at the trace myself and calculated the TpS to be
20000000.0 for this particular trace. If I also discard the start_timestamp
like it has been done for other versions of the netxray format, then I get
the proper results.
svn path=/trunk/; revision=17869
|
|
Please find a patch to catapult_dct2000.c:
- doesn't use g_hash_table_new_full(), which is missing from earlier versions of glib
- fixed a couple of memory leaks
- hopefully cast away a few warnings I saw on the fedora and solaris buildbot logs
svn path=/trunk/; revision=17867
|
|
svn path=/trunk/; revision=17866
|
|
svn path=/trunk/; revision=17863
|
|
patch and new files provide support for Catapult DCT2000
.out files to wiretap and ethereal.
This wiretap support (catapult_dct2000.c+h) appends a short header to
each packet giving some context, and a corresponding ethereal dissector
(packet-catapult-dct2000.c) parses this before passing the real payload
onto an existing ethereal dissector (for ethernet, ip, lapd, ppp,
frame-relay,...).
For now, there is only support for saving dct2000 files in their own
format, although I may add support for converting between dct2000 and
libpcap later.
updated version of these files and patch, now with support
for MTP2. Olivier's trace used the ANSI variant - the MTP2 and MTP3
decode fine with the right preferences set (although the ISUP dissector
reports a reserved/retired message type).
Witha a change to NOT to declare gboolean catapult_dct2000_board_ports_only;
as extern as MSVC choked on it.
svn path=/trunk/; revision=17862
|
|
svn path=/trunk/; revision=17861
|
|
wiretap/README.developer
- the referenced default seek_read function doesn't exist now
wiretap/wtap.c
- a "hole" in encap_table was causing the wrong encap value for later
types to be looked up (by name)
mergecap.c
- fix a couple of program name copy+paste errors from editcap.c
svn path=/trunk/; revision=17765
|
|
Coverity bug 148
svn path=/trunk/; revision=17756
|
|
> I've attached a fix that cleans up this code, actually since my last
> update of this module the particular call in question was fairly
> redundant so I just went ahead and removed it and updated the constant
> that specifies the maximum possible line length instead.
>
> Thanks for bring this to my attention.
svn path=/trunk/; revision=17737
|
|
ID. Fix up whitespace.
svn path=/trunk/; revision=17732
|
|
Following my last submitted patch I did some further investigation on the different types of iSeries Comms Traces, although the field formats are constant, things such as page throws and line spacing vary depending on the tool used to pull the trace form the iSeries spool.
This patch should better handle the different formats and more importantly exit in a graceful manner if an unknown format is encountered.
svn path=/trunk/; revision=17699
|
|
Attached is a fix that addresses a problem reading certain IBM iSeries
Communications traces.
svn path=/trunk/; revision=17655
|
|
(Coverity finds just one at a time...)
svn path=/trunk/; revision=17580
|
|
svn path=/trunk/; revision=17556
|
|
when comparing index against array size.
svn path=/trunk/; revision=17521
|
|
an off by one error (> vs >= in bounds check).
svn path=/trunk/; revision=17520
|
|
The attached patch adds support for LAPD frames captured using vISDN thru
libpcap. The support has already been included in libpcap.
The patch adds a new wiretap encapsulation, the necessary glue to decode
SLL-encapsulated frames, and some minor change in the LAPD dissector in order
to support the remote-to-remote frames captured on the ISDN E-Channel.
Please apply ethereal-encap-table.diff before, as it fixes a misalignment in
the encapsulation names table.
svn path=/trunk/; revision=17450
|
|
svn path=/trunk/; revision=17365
|
|
least try to flush it
svn path=/trunk/; revision=17326
|
|
Sniffer V2 format capture files with captyp=5, timeunit=0.
The ticks_per_sec for this case apparently is 1e6.
Bill Meier
svn path=/trunk/; revision=17019
|
|
I don't know if this is the right way to fix it, but it seems at least better than before
svn path=/trunk/; revision=16971
|
|
tethereal internally converted the stdout capture filename "-" into "" which doesn't make any real sense and only complicated things.
To make things even more confusing, wiretap expected "" for dump output and "-" for offline reading ...
svn path=/trunk/; revision=16962
|
|
able to write capture files to stdout using -w -
svn path=/trunk/; revision=16958
|
|
ordering (not the other way round)
svn path=/trunk/; revision=16925
|
|
svn path=/trunk/; revision=16857
|
|
aren't sane, rather than requiring them *all* to have invalid values.
svn path=/trunk/; revision=16610
|
|
Add Support for reading of IBM iSeries (AS/400) Comms traces
svn path=/trunk/; revision=16588
|
|
svn path=/trunk/; revision=16492
|
|
Update the big comment to reflect current reality.
svn path=/trunk/; revision=16453
|
|
was that file_util.h wasn't in the distribution tarball, so it couldn't
be included - it handles including <sys/stat.h>.
svn path=/trunk/; revision=16423
|
|
svn path=/trunk/; revision=16422
|
|
svn path=/trunk/; revision=16416
|
|
rewinddir() and closedir().
Clean up indentation.
svn path=/trunk/; revision=16415
|
|
argument, rather than requiring the caller to get the open() flag and
the fopen() flag in sync. That also means that if we're *not* using
libz, it can just be a wrapper around eth_fopen().
We need to include <fcntl.h>, at least on UN*X, to get open() declared
and the O_ flags defined.
svn path=/trunk/; revision=16409
|