Age | Commit message (Collapse) | Author | Files | Lines |
|
override the default of turning on a multiple file ring buffer, require
a positive integer to be specified for the files value.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@34082 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
read access to the ringbuffer that dumpcap creates. That way, a group of people can access the capture files without having to use root access.
[1] http://www.wireshark.org/lists/wireshark-users/201008/msg00235.html
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33978 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Add RINGBUFFER_WARN_NUM_FILES and use it to print a warning. Print
warnings when we change the number of ringbuffer files.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32998 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
capturing, and thus even when we build without pcap.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32988 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
and add support for SIGINFO, so, if your OS supports SIGINFO, you can
get the packet count by typing ^T.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32958 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
build without libpcap, to make sure that works, and then do a build with
libpcap, to put into a binary release. It's the former that's failing;
I'll back out the previous change and then work on that.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32801 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
if_capabilities_t - it doesn't fail on Snow Leopard, even if I undefine
HAVE_PCAP_CREATE, and doesn't fail on the Leopard PPC buildbot, either.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32799 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
monitor mode at the same time that we fetch its list of link-layer
types. Support fetching that list in monitor mode, as the list may be
different in regular and monitor mode. If the interface supports
monitor mode, when printing the list of link-layer types, indicate
whether they're fetched in monitor mode or not, as tcpdump 4.1.x does.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32789 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32721 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
the code to print the machine-readable format into dumpcap, and have the
code in capture_opts.c just print the human-readable format.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32714 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
standard error and, in Wireshark on Windows, create a console if
necessary. Have the cmdarg_err routines use them.
Use *fprintf_stderr() to print the output of -L, rather than using
cmdarg_err_cont(), so that we don't get extra newlines in the output (it
should look similar to the output of tcpdump).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32711 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
interface by running dumpcap, so that if you need privileges to open an
interface, and dumpcap has those privileges, neither TShark nor
Wireshark need them.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32710 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32703 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
pcap_set_buffer_size() did as well, so there aren't any libpcap releases
with pcap_create() but not pcap_set_buffer_size().
Only do one check for pcap_create.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32695 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=475
BUT not activating the check for
pcap_create()
pcap_set_buffer_size()
This should make it possible to build with support for setting the buffersize if not capturing 802.11 traffic.
The code for handling the 'B' option should be OK in any case.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32688 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32111 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
link-layer header types for interfaces; if special privileges are
necessary to open capture devices, Wireshark and TShark shouldn't have
those privileges, but dumpcap should.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32104 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@31729 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
pcapng format instead of pcap. The default is to use pcap.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@28170 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
of 0 mean 65535, similar to what tcpdump does.
Fixes bug 2731.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@27526 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
substitute our own (I wrote them all, so I can steal them from the
BSD-licensed libpcap if I want :-)). This means that
linktype_name_to_val() and linktype_val_to_name() are always available,
and we don't need to #ifdef use of them.
Use pcap_datalink_val_to_description() to get the description for a
particular DLT_ value, rather than mapping the DLT_ value to a
WTAP_ENCAP_ value and getting the description for the latter.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@27074 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@26676 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@26642 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@25566 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
by John Smith.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@25549 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
setting, and is used only in dumpcap.c, and needs to get at information
set by dumpcap's signal handlers so it can respond to ^C; move it to
dumpcap.c, rename it print_statistics_loop(), and make it set ld.go to
TRUE before looping and loop only as long as ld.go is TRUE.
That fixes bug 2592 (at least on Mac OS X, and probably on other UN*Xes;
it should fix it on Windows as well).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@25492 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
libwireshark (and the plugins using those functions) do not depend on
wiretap on Windows.
While doing that, rename the eth_* functions to ws_*.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@25354 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
crash. The changes to trigcap.c haven't been tested, but _should_ work.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@25279 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@24855 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
1. Clean up dumpcap 'as a child' err msg handling so that:
- all err msgs are properly formatted when being sent
back to the parent.
- any log Critical, Warning, etc messages
are sent back to parent and are properly formatted.
2. Change handling of -w <...> slightly in capture_opts.c
so that wireshark provides a good error message if
there is a 'write permissions' issue on the file.
(Previously the error popup said only
"Child exited with status 2").
This fixes bug #2288.
Add some conditionalized DEBUG_CHILD_DUMPCAP code for
dumpcap debug logging to a file.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@24446 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@24283 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
- retrieving the list of remote PCAP interfaces
- password authentication support
- UDP data fransfer
- packet sampling (available in WinPcap 4.x)
etc.
fix problem if non-default rpcap port is used
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@23750 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
rewrite the tshark capture code almost completely, to use dumpcap instead of it's own pcap functionality.
This works on Win32 and should work on unix/linux (but I'm not sure here). Some stuff needs to be cleaned up, some more may need to be rewritten to specifically work with unix/win32. Futher work needs to be done at:
1. read filters (simply document current behaviour?)
2. event loop polling
3. privileges
4. code cleanup (e.g. in capture_loop.c)
Be prepared that tshark might not work as before / expected at least in the next days!
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22969 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
setuid instead of Wireshark. Remove the "DANGEROUS" notices, but leave it
disabled by default. Whine if the user runs Wireshark or TShark as root.
Add a preference to disable the whining. Add a "setuid-root" script that
can be used to switch dumpcap and TShark's setuid-ness on and off for
development and testing. Update the release notes and README.packaging.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22733 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
This fixes dumpcap crash on Windows
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22707 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Try to call get_interface_descriptive_name() as little as possible (storing
the result in capture_opts) to avoid a performance hit during live capture
(especially if you have lots of interfaces) and to avoid leaking memory.
One issue with this is that capture_opts.c cannot (without adding significant
dependencies) set the iface_descr so readers of that field (only gtk/main.c
and tshark.c) use a macro to (set if not already set and) get the value of
that field.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22587 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
this in the GUI rather than calling pcap_stats() directly. This gets rid
of the last pcap_open_live() call in the GUI code. Update
README.packaging.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22443 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
that "-D" and "-L" should produce machine-readable output. Use this to
move an indirect get_pcap_linktype() call from the GUI to dumpcap.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22367 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Fix compilation on OpenBSD. This needs to go into 0.99.6 release.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22188 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
anywhere else). Instead of using getaddrinfo() and getnameinfo(),
promote inet_pton.c and inet_ntop.c to the top level and use those
routines instead.
(It's 2007, for crying out loud. Why is this even an issue?)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22075 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Add a capture_interface_list(), which works similar to
get_interface_list() except that it forks dumpcap instead of calling
the pcap routines directly. Use it in the GUI.
Add a "-I" flag to dumpcap, which prints out verbose interface
information.
Tested under Windows and Linux.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22071 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
as an argument, and, on an error, if they have an error message, have
them set that "gchar *" to point to a g_malloc()ed string containing the
error message, rather than taking a pointer to a buffer for that message
as an argument. That's more like what's done in Wiretap, and doesn't
impose an upper limit on the lengths of those error messages. If that
pointer is null, don't allocate the message string and return it.
Have that error message already have the "cant_get" processing applied
to it, so nobody other than those routines need to call the "cant_get"
routines to process the error messages.
Have get_airpcap_interface_list() explicitly set "*err" to the
appropriate error code.
Clean up indentation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20521 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
fix this, by providing required functions in the new file file_util.c - it's mostly copied from GLib (g_open alike - that take UTF8 as filename format but don't use msvcrt.dll V6 for this as the glib files do)
"link" to these functions in file_util.h: #define eth_open eth_stdio_open
revert changes (from SVN 20282) throughout the code related to these file functions which were introduced with the first tries of MSVC 2005 ...
Hopefully I've done everything right with the new file_util.c ...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20402 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
I posted a patch about 1.5 years ago for the formerly Ethereal to successfully compiled with Visual > 6. I have always successfully used this patched Ethereal/Wireshark compiled with VS 2003 and have just checked when compiled with Visual C++ 2005 Express
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20282 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20254 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Fix some memleaks and overflows.
I haven't committed the changes that are not bug fixes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@19777 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
that obviates the need to check for a null capture filter string, and
fixes bug 1055.
Keep track of whether it was set from the command line, though, so we
can catch attempts to set the filter more than once, and attempts to set
it when we're not capturing.
Clean up white space.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@19047 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
pointer, so we can determine whether a capture filter has been set or
not.
Use that to check in TShark whether the user specified a filter with
"-f" or not, rather than using the no-longer-set
"capture_filter_specified" variable.
Also, check for multiple "-f" options.
If no capture filter is specified, use a null string, to work around
broken versions of Linux libpcap.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18989 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18268 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18235 f5534014-38df-0310-8fa8-9805f1628bb7
|