Age | Commit message (Collapse) | Author | Files | Lines |
|
using the -z smb,sids command argument.
svn path=/trunk/; revision=7816
|
|
found at
http://adns.jgaa.com/
and
http://www.ethereal.com/distribution/win32/development/
The modifications to the root-level config.h.win32 and Makefile.nmake
may not be neccessary.
svn path=/trunk/; revision=7769
|
|
svn path=/trunk/; revision=7762
|
|
Added TCP desegmentation to the dissector.
svn path=/trunk/; revision=7729
|
|
to just be an extension to AODV - and the dissectors use the same port,
which doesn't work unless there's only one dissector).
svn path=/trunk/; revision=7616
|
|
svn path=/trunk/; revision=7597
|
|
svn path=/trunk/; revision=7567
|
|
svn path=/trunk/; revision=7562
|
|
svn path=/trunk/; revision=7538
|
|
Add Response-Time statistics for each known mgcp message-type.
Fix a few bugs and remove trailing whitespace.
Use "gdouble" for printing time-values and calculating the
average. It is easier to use and shouldn't overflow on big
trace files like "guint32".
Move some functions for time statistics into the new file
timestats.c in the main directory. This code may be useful in
the rpc and smb rtt-taps as well.
svn path=/trunk/; revision=7469
|
|
compatible additions to the RFC 1362 IPX WAN protocol, so call it "IPX
WAN", not "IPX WAN 2".
svn path=/trunk/; revision=7407
|
|
Socket 0x9001 is for NLSP - it supports LANs as well as WANs, at least
as I read the specification.
Socket 0x9004 is for "IPX WAN 2".
svn path=/trunk/; revision=7387
|
|
svn path=/trunk/; revision=7365
|
|
This feature, when enabled through Edit/preferences/protocols/smb,
will look at certain SMB and CIFS related protocols to discover the
mapping between SIDs and their Names.
For those SIDs whose name has been snooped/discovered ethereal will
also add "(<name>)" to the end of the SID when printed in the tree pane
through the function dissect_nt_sid().
Currently the feature is not too exciting since the only thing that packet-smb-sidsnooping.c will look at to build this mapping table is
replies to the LSA/QueryInfoPolicy infolevel 3 packets and thus
discover mappings between a Domain SID and a Domain Name.
In the near future this future will be enhanced to also look at more interesting calls such as LSA/LookupSIDs2 and similar.
svn path=/trunk/; revision=7362
|
|
protocol information.
svn path=/trunk/; revision=7359
|
|
dissectors for the OpenBSD enc(4) encapsulating interface and RFC 3378
Ethernet-over-IP.
svn path=/trunk/; revision=7311
|
|
Functionality to reassemble a RTP stream and save it as a file.
Support for G.711 coded
svn path=/trunk/; revision=7297
|
|
MGCP request/response matching and
MGCPSTAT RTT calculation.
For those with MGCP captures, try
-z mgcp,rtd[,filter]
svn path=/trunk/; revision=7294
|
|
HP extended 802.2 LLC
HP-UX remote management over HP extended 802.2 LLC
SNMP over HP extended 802.2 LLC.
svn path=/trunk/; revision=7253
|
|
Pull "packet-yhoo.h" into "packet-yhoo.c".
svn path=/trunk/; revision=7226
|
|
svn path=/trunk/; revision=7210
|
|
Remove comma after last element in enum.
svn path=/trunk/; revision=7176
|
|
svn path=/trunk/; revision=7171
|
|
svn path=/trunk/; revision=7084
|
|
svn path=/trunk/; revision=7071
|
|
svn path=/trunk/; revision=7045
|
|
svn path=/trunk/; revision=7001
|
|
accordingly.
svn path=/trunk/; revision=6996
|
|
- A new decoder called MDSHDR which decodes the internal header of the
Cisco MDS switch (this is different from the Boardwalk header).
- Support for some more new columns as part of FC support.
- Fixed the decoding of the Special Frame in FCIP.
- Fixed the decoding of credit management type field in FLOGI/PLOGI frame
in FC-ELS.
svn path=/trunk/; revision=6974
|
|
IO-Users is a feature for tethereal that will print statistics on io usage
similar to top talkers in other tools.
It needs to be ported to ethereal with a nice graph sometime later.
try:
-z io,users,ip
see man-page
svn path=/trunk/; revision=6972
|
|
SMB RTT statistics are similar to the RTT statistics already supported by ONC-RPC and DCE-RPC.
It will present a table with all seen SMB commands and present the Min/Max and Avg response time in ms.
Transaction2 and NT-Transaction commands are broken out and presented in its own subtables.
tethereal feature is activated with -z smb,rtt switch
and in ethereal it is activated either through -0z smb,rtt switch or through the Menu.
svn path=/trunk/; revision=6966
|
|
svn path=/trunk/; revision=6939
|
|
- Decoders for the few remaining FC protocols not included in my first
patch. Included in this list are decoders for FC-CT (common transport),
Name Server (dNS), Fabric Configuration Server (FCS) and Zone Server
(FZS).
- Decoder for MDS Debug Port Adapter. MDS Debug Port Adapter (internal
name was Boardwalk and this is the file name) is a piece of hardware
that can be purchased with Cisco's MDS Fibre Channel switches that
converts FC frames into Ethernet frames. One end is connected to a
port on a FC switch and the other end is connected to a FE/GE Ethernet
port. The decoder included here decodes the encapsulation header that
carries information such as SOF/EOF of FC frames.
svn path=/trunk/; revision=6919
|
|
from network-based libpcaps that use that protocol.
svn path=/trunk/; revision=6875
|
|
The Q bit in X.25 doesn't mean "this is QLLC traffic", it's just a "this
packet is special" indication. Have the X.25 dissector pass as the
"private_data" pointer a pointer to a gboolean indicating whether the Q
bit was set or not. Replace the "decode non-Q-bit traffic as SNA"
option with a "decode traffic as QLLC/SNA if we didn't see the Call
Request packet and thus don't know what it is" option, which hands
traffic to the QLLC dissector for that traffic. Have the QLLC dissector
hand traffic to the SNA dissector if the Q bit isn't set.
Arrange that we determine whether the Q bit is set regardless of whether
we're building the protocol tree or not.
If we don't just dissect traffic as QLLC/SNA if we didn't see the Call
Request packet, check not only for 0x45 (as an indication that it's
probably IP), check also for NLPID_ISO8473_CLNP and treat that as an
indication that it's probably OSI CLNP.
svn path=/trunk/; revision=6854
|
|
includes adding an SDLC dissector.
svn path=/trunk/; revision=6848
|
|
make ANSI point codes filterable in MTP3;
fix a bug in the ANSI SLS dissection;
have MTP3 store the SI for use by subdissectors;
add a new MTP3-Management dissector.
Fix Makefile.nmake to include the Wellfleet HDLC dissector.
svn path=/trunk/; revision=6837
|
|
using NTLMSSP version 1.
Show stub data as such for all requests and replies where we can't
dissect the stub data as a request or reply for some DCERPC-based
protocol.
svn path=/trunk/; revision=6825
|
|
svn path=/trunk/; revision=6798
|
|
svn path=/trunk/; revision=6793
|
|
The MD5 is copyrighted by L. Peter Deutsch, and released under the same
license as zlib. It is GPL-compatible, and should NOT have the GPL
applied to it.
svn path=/trunk/; revision=6790
|
|
svn path=/trunk/; revision=6762
|
|
header, Extended Link Service, Interswitch Link Service, FCP, and IPFC.
svn path=/trunk/; revision=6757
|
|
add MD4 and RC4 crypto support;
use it to decrypt the NT password encryption block in
UnicodeChangePassword2.
svn path=/trunk/; revision=6727
|
|
svn path=/trunk/; revision=6640
|
|
svn path=/trunk/; revision=6628
|
|
the script that builds them.
svn path=/trunk/; revision=6627
|
|
Instead of setting MIBDIRS in tethereal.c and gtk/main.c, set it in
packet-snmp.c.
svn path=/trunk/; revision=6606
|
|
header.
Add overflow checks to "BYTES_ARE_IN_FRAME()", and cast all arguments to
unsigned values (negative values should never be passed) to squelch
compiler warnings.
svn path=/trunk/; revision=6567
|
|
Using this command line option you canb now place any arbitrary display-filter fields on the COL_INFO line.
Assume you want NFS dissector in tethereal to put ALL filehandle hashes (nfs.fh.hash) on COL_INFO.
No worries, just add
-z proto,colinfo,nfs.fh.hash,nfs.fh.hash
as a parameter to tethereal.
Never again do you need to hack tethereal and recompile just because you want some extra info on the COL_INFO line.
svn path=/trunk/; revision=6560
|