Age | Commit message (Collapse) | Author | Files | Lines |
|
Bug 5621 - With String in Packet details searches, highlight row in tree
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5621
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35718 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
packet data highlight the target rather than the entire field.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35584 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
1. Restore the functionality of <Ctrl>A and <Ctrl>X to the filter textbox.
2. Assign intuitive shortcuts without consuming any new shortcut letters.
3. Add 'Un-Time Reference All Packets' to the menu.
4. Disallow the marking or ignoring of all packets in the capture.
5. Make the Mark/Ignore/Time Reference-related menu items context sensitive.
6. Add 'ref_time_count' to the capture_file structure
7. Utilize marked/ignored/ref_time_count vars to prevent needless looping thru
the entire packet list by exiting the loop when it becomes zero.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5115
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33817 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33791 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
we can use it in the main window title during and after capture. Add a
"-X" option for providing a description for stdin.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32357 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
This will remove the package from the dissection functions without
removing it from the capture file.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@31287 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@30073 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@30071 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@30049 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@30048 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
with capture_file.plist_end
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@30047 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@29187 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@27457 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@26804 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
We might receive new packets while redissecting and don't want to
dissect those before the packet-list is fully rebuilt.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@26309 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
where it is needed.
allocate and release the dfcode program as needed instead of having it hang around in the capture file structure.
this will ensure that dfcode will not have longer than se scope lifetime in case we need that property of it later
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20251 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
This works for both string and hex searches. This resolves feature request
bug #776.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@19897 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
handle files > 2GB correct.
Please distclean Win32 builds!
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@19814 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18197 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
- automatic adjustment depending on file format
- manual adjustment through menu items
save the setting in the recent file
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15534 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
I've done more than a day to change the timestamp resolution from microseconds to nanoseconds. As I really don't want to loose those changes, I'm going to check in the changes I've done so far. Hopefully someone else will give me a helping hand with the things left ...
What's done: I've changed the timestamp resolution from usec to nsec in almost any place in the sources. I've changed parts of the implementation in nstime.s/.h and a lot of places elsewhere.
As I don't understand the editcap source (well, I'm maybe just too tired right now), hopefully someone else might be able to fix this soon.
Doing all those changes, we get native nanosecond timestamp resolution in Ethereal. After fixing all the remaining issues, I'll take a look how to display this in a convenient way...
As I've also changed the wiretap timestamp resolution from usec to nsec we might want to change the wiretap version number...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15520 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
the length locally. within cf_read().
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15454 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
(so if the file's gzipped, it's *NOT* the size of the file after
uncompressing), and an approximation of the amount of that data read
sequentially so far.
Use those for various progress bars and the like.
Make the fstat() in the Ascend trace reader directly use wth->fd, as
it's inside Wiretap; that gets rid of the last caller of wtap_fd() (as
we're no longer directly using fstat() or lseek() in Ethereal), so get
rid of wtap_fd().
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15437 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
data, so that "f_len" still keeps the size of the underlying file (which
is necessary in order to make the progress bar when files are being read
work correctly).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15415 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
move another two capture related fields (iface and cfilter) from cfile to capture_opts
also move the handling of capture related command line options from main.c to capture.c, that way a future privilege seperated capture program can use the same code to parse it's command line than Ethereal.
It might be even possible to share this parser code even with Tethereal, didn't took a closer look at this.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13320 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
don't use global cfile at all but only an untpyed handle to call the cf_... functions in file.c
move the save_file member from capture_file to capture_opts, as it's only used while capturing and while preparing it
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13276 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
is the place where it should be
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13268 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
they have LF at the end of the line on UN*X and CR/LF on Windows;
hopefully this means that if a CR/LF version is checked in on Windows,
the CRs will be stripped so that they show up only when checked out on
Windows, not on UN*X.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11400 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
with "string" rather than "ascii", to make it clearer what they're
involved with.
Use "gtk_toggle_button_set_active()", not
"gtk_toggle_button_set_state()" (the latter is a deprecated alias for
the former, probably dating back to GTK+ 1.0[.x] - 1.2[.x] and later
have "gtk_toggle_button_set_active()").
Do *NOT* change the radio buttons for the type of string search to do
based on whether we're doing a string search or not - doing so means we
don't correctly remember the type of string search.
Get rid of code to fetch some values that we don't subsequently use.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10609 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
fixed a minor bug in the cfile handling (file length in summary dialog)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9961 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"capture_file" structure. Keep it locally, instead.
Check for errors when printing packets.
Report failure to open a print destination and failure to write to a
print destination differently.
Don't have the "print preamble" and "print final" routines return
success/failure indications - revert to the old scheme where they
didn't, and have the callers use "ferror()" to check for errors.
Report write errors when printing dissections in Tethereal.
Report print errors as errors, not warnings.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9828 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
capture_file structure - just make it local to the routine scanning
through the packets.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9616 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
an independent global variable.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8524 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
rather than constructing that name when a capture file is opened and
putting a pointer to it in that structure.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8476 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
capture temporary files, it's "<capture", and for saved capture files,
it's the last component of the pathname of the file. Use that in
various places when displaying the file name.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8474 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8306 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
in a frame in Find Frame.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8067 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6204 f5534014-38df-0310-8fa8-9805f1628bb7
|