diff options
| author | Guy Harris <guy@alum.mit.edu> | 2003-12-18 03:43:40 +0000 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2003-12-18 03:43:40 +0000 |
| commit | a98aa75a5856d1e340413308ad1b0d24276a6a30 (patch) | |
| tree | e5a7918889f0173117515e75f764154ae0c494a7 /wiretap | |
| parent | 7725f5e92de8e4aef6f5ad650b2ad70044e0b2ea (diff) | |
WildPackets' EtherHelp appears to write EtherPeek-compatible files,
except that the 0x80 bit is turned on in the file version number field.
Turn that bit off before processing that field.
svn path=/trunk/; revision=9342
Diffstat (limited to 'wiretap')
| -rw-r--r-- | wiretap/etherpeek.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/wiretap/etherpeek.c b/wiretap/etherpeek.c index 13591ab523..53bd8f66f4 100644 --- a/wiretap/etherpeek.c +++ b/wiretap/etherpeek.c @@ -2,7 +2,7 @@ * Routines for opening EtherPeek (and TokenPeek?) files * Copyright (c) 2001, Daniel Thompson <d.thompson@gmx.net> * - * $Id: etherpeek.c,v 1.24 2003/10/01 07:11:46 guy Exp $ + * $Id: etherpeek.c,v 1.25 2003/12/18 03:43:40 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu> @@ -163,6 +163,20 @@ int etherpeek_open(wtap *wth, int *err) &ep_hdr.master, sizeof(ep_hdr.master), wth->fh, err); wth->data_offset += sizeof(ep_hdr.master); + /* + * It appears that EtherHelp (a free application from WildPackets + * that did blind capture, saving to a file, so that you could + * give the resulting file to somebody with EtherPeek) saved + * captures in EtherPeek format except that it ORed the 0x80 + * bit on in the version number. + * + * We therefore strip off the 0x80 bit in the version number. + * Perhaps there's some reason to care whether the capture + * came from EtherHelp; if we discover one, we should check + * that bit. + */ + ep_hdr.master.version &= ~0x80; + /* switch on the file version */ switch (ep_hdr.master.version) { |