Age | Commit message (Collapse) | Author | Files | Lines |
|
specifc. This finalizes the change of the infrastructure.
This patch is based on work by Irene Ruengeler.
svn path=/trunk/; revision=37794
|
|
svn path=/trunk/; revision=37478
|
|
configure that you want to capture on multiple remote interfaces
on mulitple hosts.
Improve some #ifdef mess in dumpcap.
svn path=/trunk/; revision=37178
|
|
Use consistent naming of variables on capture_options.
Make pcap sampling independent of remote capturing, since
it seems to work local pcap devices using winpcap (at
least that is what the documentation says).
svn path=/trunk/; revision=37176
|
|
* Remove number_of_ifaces, since ifaces->len can be used instead.
svn path=/trunk/; revision=37174
|
|
using the array of interface data.
Improve output of -L by printing the interface name.
svn path=/trunk/; revision=37120
|
|
parameters. An array of interface specific data is handled
in addition to the current way.
This change should not have any effect right now, it will
be used by dumpcap when supporting multiple interfaces
(and tshark/wireshark... in the future).
svn path=/trunk/; revision=37082
|
|
didn't change the GUI code for setting the autostop file size, and that
broke the build.
svn path=/trunk/; revision=36552
|
|
5691.
svn path=/trunk/; revision=36551
|
|
as in other places of the code. Such that this is consistently
used. While there, clean up some whitespaces.
This fix was provided by Irene Ruengeler which testing
remote capturing (with multiple interfaces).
svn path=/trunk/; revision=36112
|
|
read access to the ringbuffer that dumpcap creates. That way, a group of people can access the capture files without having to use root access.
[1] http://www.wireshark.org/lists/wireshark-users/201008/msg00235.html
svn path=/trunk/; revision=33978
|
|
so we give a non-zero exit status for invalid interfaces or capture
filters.
From me: don't exit immediately if dumpcap failed, print out information
from taps and the like.
svn path=/trunk/; revision=33393
|
|
capturing, and thus even when we build without pcap.
svn path=/trunk/; revision=32988
|
|
and add support for SIGINFO, so, if your OS supports SIGINFO, you can
get the packet count by typing ^T.
svn path=/trunk/; revision=32958
|
|
build without libpcap, to make sure that works, and then do a build with
libpcap, to put into a binary release. It's the former that's failing;
I'll back out the previous change and then work on that.
svn path=/trunk/; revision=32801
|
|
if_capabilities_t - it doesn't fail on Snow Leopard, even if I undefine
HAVE_PCAP_CREATE, and doesn't fail on the Leopard PPC buildbot, either.
svn path=/trunk/; revision=32799
|
|
monitor mode at the same time that we fetch its list of link-layer
types. Support fetching that list in monitor mode, as the list may be
different in regular and monitor mode. If the interface supports
monitor mode, when printing the list of link-layer types, indicate
whether they're fetched in monitor mode or not, as tcpdump 4.1.x does.
svn path=/trunk/; revision=32789
|
|
the code to print the machine-readable format into dumpcap, and have the
code in capture_opts.c just print the human-readable format.
svn path=/trunk/; revision=32714
|
|
interface by running dumpcap, so that if you need privileges to open an
interface, and dumpcap has those privileges, neither TShark nor
Wireshark need them.
svn path=/trunk/; revision=32710
|
|
svn path=/trunk/; revision=32702
|
|
pcap_set_buffer_size() did as well, so there aren't any libpcap releases
with pcap_create() but not pcap_set_buffer_size().
Only do one check for pcap_create.
svn path=/trunk/; revision=32695
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=475
BUT not activating the check for
pcap_create()
pcap_set_buffer_size()
This should make it possible to build with support for setting the buffersize if not capturing 802.11 traffic.
The code for handling the 'B' option should be OK in any case.
svn path=/trunk/; revision=32688
|
|
pcapng format instead of pcap. The default is to use pcap.
svn path=/trunk/; revision=28170
|
|
don't need global_capture_opts don't need to have it declared and thus
don't need capture_options defined.
Include gtk/capture_globals in the files in question.
Change some more capture_opts references to refer to
global_capture_opts.
Change some global_capture_opts references in routines with a
capture_opts argument to refer to capture_opts.
The structure type is capture_options, not capture_opts; fix some
references.
Include <sys/types.h>, if it's present, in capture_opts.h, so we get
gid_t defined.
Clean up indentation.
svn path=/trunk/; revision=25574
|
|
by John Smith.
svn path=/trunk/; revision=25549
|
|
setting, and is used only in dumpcap.c, and needs to get at information
set by dumpcap's signal handlers so it can respond to ^C; move it to
dumpcap.c, rename it print_statistics_loop(), and make it set ld.go to
TRUE before looping and loop only as long as ld.go is TRUE.
That fixes bug 2592 (at least on Mac OS X, and probably on other UN*Xes;
it should fix it on Windows as well).
svn path=/trunk/; revision=25492
|
|
- retrieving the list of remote PCAP interfaces
- password authentication support
- UDP data fransfer
- packet sampling (available in WinPcap 4.x)
etc.
fix problem if non-default rpcap port is used
svn path=/trunk/; revision=23750
|
|
setuid instead of Wireshark. Remove the "DANGEROUS" notices, but leave it
disabled by default. Whine if the user runs Wireshark or TShark as root.
Add a preference to disable the whining. Add a "setuid-root" script that
can be used to switch dumpcap and TShark's setuid-ness on and off for
development and testing. Update the release notes and README.packaging.
svn path=/trunk/; revision=22733
|
|
there's an invalid lvalue in it. I don't see what's wrong with it, but replace the macro with a function. Also: don't include the .xpm files in gtk/main.c if we're building without PCAP (as they're not used in that configuration).
svn path=/trunk/; revision=22588
|
|
Try to call get_interface_descriptive_name() as little as possible (storing
the result in capture_opts) to avoid a performance hit during live capture
(especially if you have lots of interfaces) and to avoid leaking memory.
One issue with this is that capture_opts.c cannot (without adding significant
dependencies) set the iface_descr so readers of that field (only gtk/main.c
and tshark.c) use a macro to (set if not already set and) get the value of
that field.
svn path=/trunk/; revision=22587
|
|
this in the GUI rather than calling pcap_stats() directly. This gets rid
of the last pcap_open_live() call in the GUI code. Update
README.packaging.
svn path=/trunk/; revision=22443
|
|
that "-D" and "-L" should produce machine-readable output. Use this to
move an indirect get_pcap_linktype() call from the GUI to dumpcap.
svn path=/trunk/; revision=22367
|
|
Add a capture_interface_list(), which works similar to
get_interface_list() except that it forks dumpcap instead of calling
the pcap routines directly. Use it in the GUI.
Add a "-I" flag to dumpcap, which prints out verbose interface
information.
Tested under Windows and Linux.
svn path=/trunk/; revision=22071
|
|
that obviates the need to check for a null capture filter string, and
fixes bug 1055.
Keep track of whether it was set from the command line, though, so we
can catch attempts to set the filter more than once, and attempts to set
it when we're not capturing.
Clean up white space.
svn path=/trunk/; revision=19047
|
|
svn path=/trunk/; revision=18197
|
|
even if doing a live capture; just print the packets without saving
them.
In dumpcap:
default to the capturing the entire packet;
don't do the "Press any key" stuff when debugging on UN*X;
do console logging (to the standard error) even when we're
running as the capture child (the sync pipe should only be the
standard output, not the standard error).
svn path=/trunk/; revision=17786
|
|
using dumpcap as the capture child for Ethereal.
dumpcap is a plain console application now, even for Win32 (so no WinMain, create_console and special piping stuff reguired). The undocumented command line option -Z will switch dumpcap into "child mode", using binary instead of plain text output messages to communicate with a parent Ethereal.
Ethereal's main.c no longer needs to distinguish between child mode or not, so some simplifying here.
capture_sync.c has to call dumpcap in a "hidden window" mode using CreateProcess instead of spawnvp, otherwise an uggly console window would appear. The handles created by _pipe doesn't seem to be inheritable for this function, using CreatePipe instead.
The file capture_loop.c is only needed by dumpcap, removed from Ethereal link objects.
Some debugging aid added and other minor cleanup done.
svn path=/trunk/; revision=17256
|
|
status return values (0,1 or 2).
This way makes it much easier to debug, e.g. to set a common breakpoint if a command line parameter fails.
svn path=/trunk/; revision=17240
|
|
can be used by dumpcap (capture_loop.c) as well
svn path=/trunk/; revision=16972
|
|
svn path=/trunk/; revision=16852
|
|
remove a lot of redundant code from tethereal and use (move) stuff from capture_loop.c instead.
concentrate common capture related code in capture_opts.c, e.g. trying to find the right interface to capture from (command line option, preference, first usable) instead of duplicating this code over several files.
remove redundant code from dumpcap.c
this also implements command line option -D (and indexed interfaces at -i) for Ethereal and Dumpcap (as we have it in Tethereal already for a while)
svn path=/trunk/; revision=16787
|
|
replace the other appearances later) ...
svn path=/trunk/; revision=16683
|
|
the parts into the corresponding files
svn path=/trunk/; revision=16664
|