Age | Commit message (Collapse) | Author | Files | Lines |
|
configure that you want to capture on multiple remote interfaces
on mulitple hosts.
Improve some #ifdef mess in dumpcap.
svn path=/trunk/; revision=37178
|
|
Use consistent naming of variables on capture_options.
Make pcap sampling independent of remote capturing, since
it seems to work local pcap devices using winpcap (at
least that is what the documentation says).
svn path=/trunk/; revision=37176
|
|
* Remove number_of_ifaces, since ifaces->len can be used instead.
svn path=/trunk/; revision=37174
|
|
using the array of interface data.
Improve output of -L by printing the interface name.
svn path=/trunk/; revision=37120
|
|
old way.
svn path=/trunk/; revision=37113
|
|
parameters. An array of interface specific data is handled
in addition to the current way.
This change should not have any effect right now, it will
be used by dumpcap when supporting multiple interfaces
(and tshark/wireshark... in the future).
svn path=/trunk/; revision=37082
|
|
svn path=/trunk/; revision=37076
|
|
svn path=/trunk/; revision=37073
|
|
didn't change the GUI code for setting the autostop file size, and that
broke the build.
svn path=/trunk/; revision=36552
|
|
5691.
svn path=/trunk/; revision=36551
|
|
as an argument, along the lines of ws_fstat64, and, on Windows, make it
use _wstati64, to handle 64-bit file sizes.
svn path=/trunk/; revision=36547
|
|
svn path=/trunk/; revision=36387
|
|
as in other places of the code. Such that this is consistently
used. While there, clean up some whitespaces.
This fix was provided by Irene Ruengeler which testing
remote capturing (with multiple interfaces).
svn path=/trunk/; revision=36112
|
|
override the default of turning on a multiple file ring buffer, require
a positive integer to be specified for the files value.
svn path=/trunk/; revision=34082
|
|
read access to the ringbuffer that dumpcap creates. That way, a group of people can access the capture files without having to use root access.
[1] http://www.wireshark.org/lists/wireshark-users/201008/msg00235.html
svn path=/trunk/; revision=33978
|
|
Add RINGBUFFER_WARN_NUM_FILES and use it to print a warning. Print
warnings when we change the number of ringbuffer files.
svn path=/trunk/; revision=32998
|
|
capturing, and thus even when we build without pcap.
svn path=/trunk/; revision=32988
|
|
and add support for SIGINFO, so, if your OS supports SIGINFO, you can
get the packet count by typing ^T.
svn path=/trunk/; revision=32958
|
|
build without libpcap, to make sure that works, and then do a build with
libpcap, to put into a binary release. It's the former that's failing;
I'll back out the previous change and then work on that.
svn path=/trunk/; revision=32801
|
|
if_capabilities_t - it doesn't fail on Snow Leopard, even if I undefine
HAVE_PCAP_CREATE, and doesn't fail on the Leopard PPC buildbot, either.
svn path=/trunk/; revision=32799
|
|
monitor mode at the same time that we fetch its list of link-layer
types. Support fetching that list in monitor mode, as the list may be
different in regular and monitor mode. If the interface supports
monitor mode, when printing the list of link-layer types, indicate
whether they're fetched in monitor mode or not, as tcpdump 4.1.x does.
svn path=/trunk/; revision=32789
|
|
svn path=/trunk/; revision=32721
|
|
the code to print the machine-readable format into dumpcap, and have the
code in capture_opts.c just print the human-readable format.
svn path=/trunk/; revision=32714
|
|
standard error and, in Wireshark on Windows, create a console if
necessary. Have the cmdarg_err routines use them.
Use *fprintf_stderr() to print the output of -L, rather than using
cmdarg_err_cont(), so that we don't get extra newlines in the output (it
should look similar to the output of tcpdump).
svn path=/trunk/; revision=32711
|
|
interface by running dumpcap, so that if you need privileges to open an
interface, and dumpcap has those privileges, neither TShark nor
Wireshark need them.
svn path=/trunk/; revision=32710
|
|
svn path=/trunk/; revision=32703
|
|
pcap_set_buffer_size() did as well, so there aren't any libpcap releases
with pcap_create() but not pcap_set_buffer_size().
Only do one check for pcap_create.
svn path=/trunk/; revision=32695
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=475
BUT not activating the check for
pcap_create()
pcap_set_buffer_size()
This should make it possible to build with support for setting the buffersize if not capturing 802.11 traffic.
The code for handling the 'B' option should be OK in any case.
svn path=/trunk/; revision=32688
|
|
svn path=/trunk/; revision=32111
|
|
link-layer header types for interfaces; if special privileges are
necessary to open capture devices, Wireshark and TShark shouldn't have
those privileges, but dumpcap should.
svn path=/trunk/; revision=32104
|
|
svn path=/trunk/; revision=31729
|
|
pcapng format instead of pcap. The default is to use pcap.
svn path=/trunk/; revision=28170
|
|
of 0 mean 65535, similar to what tcpdump does.
Fixes bug 2731.
svn path=/trunk/; revision=27526
|
|
substitute our own (I wrote them all, so I can steal them from the
BSD-licensed libpcap if I want :-)). This means that
linktype_name_to_val() and linktype_val_to_name() are always available,
and we don't need to #ifdef use of them.
Use pcap_datalink_val_to_description() to get the description for a
particular DLT_ value, rather than mapping the DLT_ value to a
WTAP_ENCAP_ value and getting the description for the latter.
svn path=/trunk/; revision=27074
|
|
svn path=/trunk/; revision=26676
|
|
svn path=/trunk/; revision=26642
|
|
svn path=/trunk/; revision=25566
|
|
by John Smith.
svn path=/trunk/; revision=25549
|
|
setting, and is used only in dumpcap.c, and needs to get at information
set by dumpcap's signal handlers so it can respond to ^C; move it to
dumpcap.c, rename it print_statistics_loop(), and make it set ld.go to
TRUE before looping and loop only as long as ld.go is TRUE.
That fixes bug 2592 (at least on Mac OS X, and probably on other UN*Xes;
it should fix it on Windows as well).
svn path=/trunk/; revision=25492
|
|
libwireshark (and the plugins using those functions) do not depend on
wiretap on Windows.
While doing that, rename the eth_* functions to ws_*.
svn path=/trunk/; revision=25354
|
|
crash. The changes to trigcap.c haven't been tested, but _should_ work.
svn path=/trunk/; revision=25279
|
|
svn path=/trunk/; revision=24855
|
|
1. Clean up dumpcap 'as a child' err msg handling so that:
- all err msgs are properly formatted when being sent
back to the parent.
- any log Critical, Warning, etc messages
are sent back to parent and are properly formatted.
2. Change handling of -w <...> slightly in capture_opts.c
so that wireshark provides a good error message if
there is a 'write permissions' issue on the file.
(Previously the error popup said only
"Child exited with status 2").
This fixes bug #2288.
Add some conditionalized DEBUG_CHILD_DUMPCAP code for
dumpcap debug logging to a file.
svn path=/trunk/; revision=24446
|
|
svn path=/trunk/; revision=24283
|
|
- retrieving the list of remote PCAP interfaces
- password authentication support
- UDP data fransfer
- packet sampling (available in WinPcap 4.x)
etc.
fix problem if non-default rpcap port is used
svn path=/trunk/; revision=23750
|
|
rewrite the tshark capture code almost completely, to use dumpcap instead of it's own pcap functionality.
This works on Win32 and should work on unix/linux (but I'm not sure here). Some stuff needs to be cleaned up, some more may need to be rewritten to specifically work with unix/win32. Futher work needs to be done at:
1. read filters (simply document current behaviour?)
2. event loop polling
3. privileges
4. code cleanup (e.g. in capture_loop.c)
Be prepared that tshark might not work as before / expected at least in the next days!
svn path=/trunk/; revision=22969
|
|
setuid instead of Wireshark. Remove the "DANGEROUS" notices, but leave it
disabled by default. Whine if the user runs Wireshark or TShark as root.
Add a preference to disable the whining. Add a "setuid-root" script that
can be used to switch dumpcap and TShark's setuid-ness on and off for
development and testing. Update the release notes and README.packaging.
svn path=/trunk/; revision=22733
|
|
This fixes dumpcap crash on Windows
svn path=/trunk/; revision=22707
|
|
Try to call get_interface_descriptive_name() as little as possible (storing
the result in capture_opts) to avoid a performance hit during live capture
(especially if you have lots of interfaces) and to avoid leaking memory.
One issue with this is that capture_opts.c cannot (without adding significant
dependencies) set the iface_descr so readers of that field (only gtk/main.c
and tshark.c) use a macro to (set if not already set and) get the value of
that field.
svn path=/trunk/; revision=22587
|
|
this in the GUI rather than calling pcap_stats() directly. This gets rid
of the last pcap_open_live() call in the GUI code. Update
README.packaging.
svn path=/trunk/; revision=22443
|