Age | Commit message (Collapse) | Author | Files | Lines |
|
pcapng format instead of pcap. The default is to use pcap.
svn path=/trunk/; revision=28170
|
|
of 0 mean 65535, similar to what tcpdump does.
Fixes bug 2731.
svn path=/trunk/; revision=27526
|
|
substitute our own (I wrote them all, so I can steal them from the
BSD-licensed libpcap if I want :-)). This means that
linktype_name_to_val() and linktype_val_to_name() are always available,
and we don't need to #ifdef use of them.
Use pcap_datalink_val_to_description() to get the description for a
particular DLT_ value, rather than mapping the DLT_ value to a
WTAP_ENCAP_ value and getting the description for the latter.
svn path=/trunk/; revision=27074
|
|
svn path=/trunk/; revision=26676
|
|
svn path=/trunk/; revision=26642
|
|
svn path=/trunk/; revision=25566
|
|
by John Smith.
svn path=/trunk/; revision=25549
|
|
setting, and is used only in dumpcap.c, and needs to get at information
set by dumpcap's signal handlers so it can respond to ^C; move it to
dumpcap.c, rename it print_statistics_loop(), and make it set ld.go to
TRUE before looping and loop only as long as ld.go is TRUE.
That fixes bug 2592 (at least on Mac OS X, and probably on other UN*Xes;
it should fix it on Windows as well).
svn path=/trunk/; revision=25492
|
|
libwireshark (and the plugins using those functions) do not depend on
wiretap on Windows.
While doing that, rename the eth_* functions to ws_*.
svn path=/trunk/; revision=25354
|
|
crash. The changes to trigcap.c haven't been tested, but _should_ work.
svn path=/trunk/; revision=25279
|
|
svn path=/trunk/; revision=24855
|
|
1. Clean up dumpcap 'as a child' err msg handling so that:
- all err msgs are properly formatted when being sent
back to the parent.
- any log Critical, Warning, etc messages
are sent back to parent and are properly formatted.
2. Change handling of -w <...> slightly in capture_opts.c
so that wireshark provides a good error message if
there is a 'write permissions' issue on the file.
(Previously the error popup said only
"Child exited with status 2").
This fixes bug #2288.
Add some conditionalized DEBUG_CHILD_DUMPCAP code for
dumpcap debug logging to a file.
svn path=/trunk/; revision=24446
|
|
svn path=/trunk/; revision=24283
|
|
- retrieving the list of remote PCAP interfaces
- password authentication support
- UDP data fransfer
- packet sampling (available in WinPcap 4.x)
etc.
fix problem if non-default rpcap port is used
svn path=/trunk/; revision=23750
|
|
rewrite the tshark capture code almost completely, to use dumpcap instead of it's own pcap functionality.
This works on Win32 and should work on unix/linux (but I'm not sure here). Some stuff needs to be cleaned up, some more may need to be rewritten to specifically work with unix/win32. Futher work needs to be done at:
1. read filters (simply document current behaviour?)
2. event loop polling
3. privileges
4. code cleanup (e.g. in capture_loop.c)
Be prepared that tshark might not work as before / expected at least in the next days!
svn path=/trunk/; revision=22969
|
|
setuid instead of Wireshark. Remove the "DANGEROUS" notices, but leave it
disabled by default. Whine if the user runs Wireshark or TShark as root.
Add a preference to disable the whining. Add a "setuid-root" script that
can be used to switch dumpcap and TShark's setuid-ness on and off for
development and testing. Update the release notes and README.packaging.
svn path=/trunk/; revision=22733
|
|
This fixes dumpcap crash on Windows
svn path=/trunk/; revision=22707
|
|
Try to call get_interface_descriptive_name() as little as possible (storing
the result in capture_opts) to avoid a performance hit during live capture
(especially if you have lots of interfaces) and to avoid leaking memory.
One issue with this is that capture_opts.c cannot (without adding significant
dependencies) set the iface_descr so readers of that field (only gtk/main.c
and tshark.c) use a macro to (set if not already set and) get the value of
that field.
svn path=/trunk/; revision=22587
|
|
this in the GUI rather than calling pcap_stats() directly. This gets rid
of the last pcap_open_live() call in the GUI code. Update
README.packaging.
svn path=/trunk/; revision=22443
|
|
that "-D" and "-L" should produce machine-readable output. Use this to
move an indirect get_pcap_linktype() call from the GUI to dumpcap.
svn path=/trunk/; revision=22367
|
|
Fix compilation on OpenBSD. This needs to go into 0.99.6 release.
svn path=/trunk/; revision=22188
|
|
anywhere else). Instead of using getaddrinfo() and getnameinfo(),
promote inet_pton.c and inet_ntop.c to the top level and use those
routines instead.
(It's 2007, for crying out loud. Why is this even an issue?)
svn path=/trunk/; revision=22075
|
|
Add a capture_interface_list(), which works similar to
get_interface_list() except that it forks dumpcap instead of calling
the pcap routines directly. Use it in the GUI.
Add a "-I" flag to dumpcap, which prints out verbose interface
information.
Tested under Windows and Linux.
svn path=/trunk/; revision=22071
|
|
as an argument, and, on an error, if they have an error message, have
them set that "gchar *" to point to a g_malloc()ed string containing the
error message, rather than taking a pointer to a buffer for that message
as an argument. That's more like what's done in Wiretap, and doesn't
impose an upper limit on the lengths of those error messages. If that
pointer is null, don't allocate the message string and return it.
Have that error message already have the "cant_get" processing applied
to it, so nobody other than those routines need to call the "cant_get"
routines to process the error messages.
Have get_airpcap_interface_list() explicitly set "*err" to the
appropriate error code.
Clean up indentation.
svn path=/trunk/; revision=20521
|
|
fix this, by providing required functions in the new file file_util.c - it's mostly copied from GLib (g_open alike - that take UTF8 as filename format but don't use msvcrt.dll V6 for this as the glib files do)
"link" to these functions in file_util.h: #define eth_open eth_stdio_open
revert changes (from SVN 20282) throughout the code related to these file functions which were introduced with the first tries of MSVC 2005 ...
Hopefully I've done everything right with the new file_util.c ...
svn path=/trunk/; revision=20402
|
|
I posted a patch about 1.5 years ago for the formerly Ethereal to successfully compiled with Visual > 6. I have always successfully used this patched Ethereal/Wireshark compiled with VS 2003 and have just checked when compiled with Visual C++ 2005 Express
svn path=/trunk/; revision=20282
|
|
svn path=/trunk/; revision=20254
|
|
Fix some memleaks and overflows.
I haven't committed the changes that are not bug fixes.
svn path=/trunk/; revision=19777
|
|
that obviates the need to check for a null capture filter string, and
fixes bug 1055.
Keep track of whether it was set from the command line, though, so we
can catch attempts to set the filter more than once, and attempts to set
it when we're not capturing.
Clean up white space.
svn path=/trunk/; revision=19047
|
|
pointer, so we can determine whether a capture filter has been set or
not.
Use that to check in TShark whether the user specified a filter with
"-f" or not, rather than using the no-longer-set
"capture_filter_specified" variable.
Also, check for multiple "-f" options.
If no capture filter is specified, use a null string, to work around
broken versions of Linux libpcap.
svn path=/trunk/; revision=18989
|
|
svn path=/trunk/; revision=18268
|
|
svn path=/trunk/; revision=18235
|
|
svn path=/trunk/; revision=18197
|
|
svn path=/trunk/; revision=17950
|
|
even if doing a live capture; just print the packets without saving
them.
In dumpcap:
default to the capturing the entire packet;
don't do the "Press any key" stuff when debugging on UN*X;
do console logging (to the standard error) even when we're
running as the capture child (the sync pipe should only be the
standard output, not the standard error).
svn path=/trunk/; revision=17786
|
|
svn path=/trunk/; revision=17715
|
|
type and value, separated by a :.
svn path=/trunk/; revision=17438
|
|
dumpcap in addition to the things already done now
various dumpcap related code cleanup: mainly #include's and capture engine related stuff
svn path=/trunk/; revision=17327
|
|
using dumpcap as the capture child for Ethereal.
dumpcap is a plain console application now, even for Win32 (so no WinMain, create_console and special piping stuff reguired). The undocumented command line option -Z will switch dumpcap into "child mode", using binary instead of plain text output messages to communicate with a parent Ethereal.
Ethereal's main.c no longer needs to distinguish between child mode or not, so some simplifying here.
capture_sync.c has to call dumpcap in a "hidden window" mode using CreateProcess instead of spawnvp, otherwise an uggly console window would appear. The handles created by _pipe doesn't seem to be inheritable for this function, using CreatePipe instead.
The file capture_loop.c is only needed by dumpcap, removed from Ethereal link objects.
Some debugging aid added and other minor cleanup done.
svn path=/trunk/; revision=17256
|
|
status return values (0,1 or 2).
This way makes it much easier to debug, e.g. to set a common breakpoint if a command line parameter fails.
svn path=/trunk/; revision=17240
|
|
Win32: convert filenames coming in from command line parameters from locale (current code page) into utf8 encoding
This must also be done for the other command line tools like tethereal, editcap and alike ...
svn path=/trunk/; revision=17025
|
|
can be used by dumpcap (capture_loop.c) as well
svn path=/trunk/; revision=16972
|
|
unreliable
Instead, simply keep the signal_pipe setting directly from the command line which is working well
svn path=/trunk/; revision=16833
|
|
remove a lot of redundant code from tethereal and use (move) stuff from capture_loop.c instead.
concentrate common capture related code in capture_opts.c, e.g. trying to find the right interface to capture from (command line option, preference, first usable) instead of duplicating this code over several files.
remove redundant code from dumpcap.c
this also implements command line option -D (and indexed interfaces at -i) for Ethereal and Dumpcap (as we have it in Tethereal already for a while)
svn path=/trunk/; revision=16787
|
|
replace the other appearances later) ...
svn path=/trunk/; revision=16683
|
|
the parts into the corresponding files
svn path=/trunk/; revision=16664
|
|
necessary there.
Add a "cmdarg_err()" routine to report command-line option errors; it
creates a console if necessary, and prints the command name and the
trailing newline. Also add "cmdarg_err_cont()", which also creates a
console if necessary, and prints a trailing newline but no command name;
it's used to continue the message. Use those, rather than
"g_warning()", for errors.
That means that we no longer need to pass the command name to various
command-line argument parsing routines.
svn path=/trunk/; revision=16526
|
|
svn path=/trunk/; revision=16486
|
|
remove Byte(s) from the dropdown list of filesizes, this doesn't make sense
replace 1000 with 1024, as all (modern?) file managers are based on 1024 bytes for a kilobyte (the old KB vs. KiB controversy)
svn path=/trunk/; revision=16149
|
|
svn path=/trunk/; revision=14484
|