| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
instead of != ==.
svn path=/trunk/; revision=2273
|
|
Set "current_blob" when the first read is done from the random file, as
"current_blob" is the current blob in the random file.
svn path=/trunk/; revision=2262
|
|
- add <stdarg.h> or <varargs.h> in snprintf.h
and remove those inclusions in the other #ifdef NEED_SNPRINTF_H codes
- remove the check of multiple inclusions in source (.c) code
(there is a bit loss of _cpp_ performance, but I prefer the gain of
code reading and maintenance; and nowadays, disk caches and VM are
correctly optimized ;-).
- protect all (well almost) header files against multiple inclusions
- add header (i.e. GPL license) in some include files
- reorganize a bit the way header files are included:
First:
#include <system_include_files>
#include <external_package_include_files (e.g. gtk, glib etc.)>
Then
#include "ethereal_include_files"
with the correct HAVE_XXX or NEED_XXX protections.
- add some HAVE_XXX checks before including some system header files
- add the same HAVE_XXX in wiretap as in ethereal
Please forgive me, if I break something (I've only compiled and regression
tested on Linux).
svn path=/trunk/; revision=2254
|
|
sequential pass through the file build a list of information about the
compressed blobs, with the starting offset in the compressed file and in
the uncompressed byte stream for each blob.
When seeking on the random stream, check whether the target location is
within the uncompressed buffer we currently have; if not, use that list
to figure out which blob contains the target location, and read that
blob into the buffer. Then, as we now know that the target location is
within the uncompressed buffer we currently have, just move the current
pointer into that buffer to the target location.
This means we don't have to read forwards through any uninteresting
blobs in order to seek forwards, and don't have to go all the way back
to the beginning and seek forwards in order to seek backwards.
svn path=/trunk/; revision=2251
|
|
IPLog format.
svn path=/trunk/; revision=2231
|
|
svn path=/trunk/; revision=2203
|
|
svn path=/trunk/; revision=2189
|
|
the C run-time library sets "statb.st_mode" appropriately, at least for
plain files and directories; it just doesn't offer the POSIX "S_ISxxx()"
macros to test the file type.
If those macros aren't defined (which might also be the case on really
ancient UNIX systems), define them appropriately, and use them even on
Win32 systems, so that we can properly report attempts by a user to read
from a directory on Win32, just as we do on UNIX.
svn path=/trunk/; revision=2188
|
|
defined on Win32 systems - it's not defined in <sys/types.h> on those
systems.
In "buffer.c", include "config.h", to cause HAVE_WINSOCK_H to be
defined, on systems that have it, so that we include it in <buffer.h>.
svn path=/trunk/; revision=2187
|
|
capture.c :
- modified capture() to try to open an interface as a pipe if pcap_open_live()
failed, and then read data in libpcap format from this pipe ;
- add new functions used by capture() : pipe_open_live() and pipe_dispatch()
which are equivalents to the pcap_ functions.
libpcap.[ch] :
- moved the MAGIC and headers definitions from libpcap.c to libpcap.h
because capture() now needs it.
svn path=/trunk/; revision=2181
|
|
1) aclocal expects autoconf/automake macros to be hidden;
2) GTK+ hid its autoconf/automake macros;
and, if both places exist but aren't the same directory, returns a "-I"
flag to tell aclocal to look in GTK+'s directory.
Then have "autogen.sh", and Makefiles in directories with "acinclude.m4"
files, use that script and pass what flag it supplies, if any, to
aclocal.
This should, I hope, avoid problems such as those FreeBSD systems where
GTK+ was installed from a port or package (and thus stuck its macros in
"/usr/X11R6/share/aclocal") but aclocal doesn't look there.
(It doesn't solve the problem of somebody downloading and installing,
say, libtool from source - which means it probably shows up under
"/usr/local", with its macros in "/usr/local/share/aclocal" - on a
system that comes with aclocal (meaning it probably just looks in
"/usr/share/aclocal", but that may be best fixed by, whenever you
download a source tarball for something that's part of your OS,
configuring it to install in the standard system directories and
*overwriting* your OS's version.)
svn path=/trunk/; revision=2165
|
|
is finally dead, and you're walking away, it springs up again and
attacks.
It appears that the ss990915 version of Alexey Kuznetzov's libpcap patch
has some extra stuff in the per-packet header for some sort of SMP
debugging, and that SuSE Linux 6.3 picked it up.
Thus, even if a libpcap file has the modified magic number, we *still*
have to go through the usual heuristic hell to figure out what type of
file it is.
svn path=/trunk/; revision=2164
|
|
pointers and arrays in a number of places, to remove warnings some
compilers give.
svn path=/trunk/; revision=2160
|
|
When capturing, report errors trying to create the output file
with "file_open_error_message()".
Make the "for_writing" argument to "file_open_error_message()" a
"gboolean", as it's either TRUE (if the file is being opened for
writing) or FALSE (if it's being opened for reading).
Report EISDIR as "XXX is a directory (folder), not a file.".
When checking whether an "open()" of a capture file succeeded, check
whether "open()" returns a negative number, not whether it returns 0.
In "wtap_open_offline()", if the file to be opened is a directory,
return EISDIR, not WTAP_ERR_NOT_REGULAR_FILE, so that the error message
can say "that's a directory, not a file".
If "wtap_open_offline()" returns WTAP_ERR_NOT_REGULAR_FILE, don't just
say the file is "invalid", say it's a "special file" or socket or some
other weird type of file.
svn path=/trunk/; revision=2144
|
|
a random stream open.
svn path=/trunk/; revision=2097
|
|
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
|
|
2.002, as used by release 3.50 of the Network Associates Sniffer for
Windows; currently, we treat it just like the 2.001 version, so we
rename the version #define WTAP_FILE_NETXRAY_2_001 to
WTAP_FILE_NETXRAY_2_00x and use that for both 2.001 and 2.002.
svn path=/trunk/; revision=2087
|
|
Differentiate between LAPB and LAPD sync sniffer traces.
Personally I think there must be a better way to find out which
protocol is in the trace but I currently lack the time to look
at the remaining frame info.
svn path=/trunk/; revision=2072
|
|
When trying to decode a sample trace from the NG offline sniffer
installation, one trace resulted in a "corrupted" error. The
reason was, that the file was a version 2 file format. That
format used type 8 for header purposes while version 4 uses it
for FRAME4.
svn path=/trunk/; revision=2071
|
|
svn path=/trunk/; revision=2047
|
|
svn path=/trunk/; revision=2041
|
|
of multiple compile lines in the output of the build, speeds the build
up).
svn path=/trunk/; revision=2024
|
|
unreliable).
svn path=/trunk/; revision=2019
|
|
Mayer, and yours truly.
svn path=/trunk/; revision=2002
|
|
to that file, leave public definitions in wtap.h.
Rename "union pseudo_header" to "union wtap_pseudo_header".
Make the wtap_pseudo_header pointer available in packet_info struct.
svn path=/trunk/; revision=1989
|
|
"FILE_T" is either a "gzFile" or a "FILE *", depending on whether zlib
support is enabled or not). Fix various function declarations and
definitions.
svn path=/trunk/; revision=1984
|
|
svn path=/trunk/; revision=1982
|
|
there's no need to keep it around in memory - when the frame data is
read in when handing a frame, read in the information, if any, necessary
to reconstruct the frame header, and reconstruct it. This saves some
memory.
This requires that the seek-and-read function be implemented inside
Wiretap, and that the Wiretap handle remain open even after we've
finished reading the file sequentially.
This also points out that we can't really do X.25-over-Ethernet
correctly, as we don't know where the direction (DTE->DCE or DCE->DTE)
flag is stored; it's not clear how the Ethernet type 0x0805 for X.25
Layer 3 is supposed to be handled in any case. We eliminate
X.25-over-Ethernet support (until we find out what we're supposed to
do).
svn path=/trunk/; revision=1975
|
|
to little-endian shorts - and to convert host-byte-order longs to
little-endian shorts (if the host-byte-order long will fit into a short,
"htoles()" does the right thing; if it doesn't, there is no right thing
to do - perhaps we should return a wiretap error, although, at least at
present, it's unlikely that we'll have packets bigger than 65535 bytes,
so it's unlikely that the values won't fit into a short).
svn path=/trunk/; revision=1953
|
|
svn path=/trunk/; revision=1951
|
|
Tethereal was dying on me because err was initialized to some random value.
It was this section of code that would exit even if wtap_loop was successful
(returned TRUE) because err was never initialized or set to anything.
err = load_cap_file(&cf, out_file_type);
if (err != 0) {
dissect_cleanup();
exit(2);
}
<BIGGER sheepish grin>
Fixed even more errors in LLC dissector. I had inadvertantly used the
wrong tvbuff_t* when calling dissect_data_tvb(). There is no way we are going
to be successful in this tvbuff conversion w/o regression testing. I'm
working on setting up a simple Makefile for regression testing tonight.
That's why I'm finding so many bugs in my LLC conversion.
</BIGGER sheepish grin>
svn path=/trunk/; revision=1946
|
|
ago.
svn path=/trunk/; revision=1937
|
|
per the "capture" member of a "wtap" structure, so that it doesn't
collide with the C++ reserved word "private".
svn path=/trunk/; revision=1936
|
|
build "register.c" in the top-level Makefile;
set path in "config.nmake" to include the Cygwin directory for
tools - those tools are needed to build "register.c";
remove constructed source files, and some additional object
files, when doing "nmake clean".
svn path=/trunk/; revision=1896
|
|
and nettl captures - a "start" field is used for capture files where the
time stamps on packets are relative to some initial time stamp, e.g. the
time the capture started, but those file formats use absolute time
stamps, so no "start" field is needed.
Make the "this is an HP-UX 11.x nettl capture" flag a member of the
private data structure for a nettl capture, rather than a global - it's
per-capture-file state.
Once the "start" field is removed from the RADCOM private data
structure, there's nothing left, so eliminate the private data
structure.
svn path=/trunk/; revision=1863
|
|
Add RCS ID tags to Makefile.nmake's.
svn path=/trunk/; revision=1836
|
|
svn path=/trunk/; revision=1820
|
|
them to simply read through the capture file ...
svn path=/trunk/; revision=1819
|
|
standard output, in the rules to get Flex to produce scanner code; that
way, if Flex fails to run for some reason, we don't leave around a
zero-length or otherwise incorrect "XXX-scanner.c" file that might
keep a subsequent make from thinking it has to generate that file.
svn path=/trunk/; revision=1808
|
|
be built as multi-threaded programs; add "/MT" to the list of compiler
flags.
Add "clean" rules in subdirectories, and run subdirectory "nmake -f
Makefile.nmake clean" when "nmake -f Makefile.nmake clean" is done in
the top-level directory, so that "nmake -f Makefile.nmake clean" cleans
everything up.
svn path=/trunk/; revision=1791
|
|
protocol type 0x0c in AIX iptrace is used for the IBM SP switch
devices. Encoding is RAW IP...
svn path=/trunk/; revision=1767
|
|
standard output, in the rules to get Flex to produce scanner code; that
way, if Flex fails to run for some reason, we don't leave around a
zero-length or otherwise incorrect "XXX-scanner.c" file that might
keep a subsequent make from thinking it has to generate that file.
svn path=/trunk/; revision=1763
|
|
svn path=/trunk/; revision=1742
|
|
Free it as soon as we're at the end of the sequential pass through the
file; that way, if we keep the capture file open with Wiretap even after
that's done (as I may do as part of some stuff I'm working on), we
at least aren't hanging on to the frame table memory after that point.
svn path=/trunk/; revision=1741
|
|
from the frame table - Network Monitor 2.x, at least, doesn't always
write frame N+1 right after frame N.
To do that, we need to mallocate a big array to hold the frame table,
and free it when we close the capture file; this requires that we have
capture-file-type-specific close routines as well as
capture-file-type-specific read routines - we let it the pointer to that
routine be null if it's not needed. Given that, we might as well get
rid of the switch statement in "wtap_close()", in favor of using
capture-file-type-specific close routines, as per the comment before
that switch statement.
svn path=/trunk/; revision=1740
|
|
unlike FreeBSD and older versions of NetBSD, which give "gzseek()" and
"gztell()" signatures with "long" file-offset arguments, and thus, on
some versions, requires that "HAVE_UNISTD_H" *not* be defined before
including "zlib.h" if you want the functions declared with a signature
that matches what's actually in the library, it requires that it *be*
defined before including "zlib.h" if you want the functions declared
with a signature that matches what's actually in the library.
svn path=/trunk/; revision=1719
|
|
"save session" feature in many Windows-based telnet apps. CRT, by VanDyke,
in particular, will put in newlines at 80 columns.
svn path=/trunk/; revision=1692
|
|
and 10 files). Add OS version detection to handle this.
svn path=/trunk/; revision=1675
|
|
and outgoing PDUs, rather than specifying a numerical mask with pduin
and pduout (0x30000000).
svn path=/trunk/; revision=1649
|
|
"g_message()" message, as other capture-file readers do.
svn path=/trunk/; revision=1648
|
