| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
svn path=/trunk/; revision=8576
|
|
"-D" output, and support interface indices as arguments to "-i",
tcpdump-style.
svn path=/trunk/; revision=8402
|
|
Rename it from Endpoint Talkers to : Conversation List
Change command line arguments to both tethereal and ethereal
to be -z conv,<type>
to reflect the new name Conversations
This is the last time the tethereal cmd line arg is changed. But now it has a
proper intuitive name at least.
io,users was weird
talkers was too close to names used in other tools
svn path=/trunk/; revision=8379
|
|
Welcome FDDI into the endpoint talkers family.
Nobody gets left behind!
svn path=/trunk/; revision=8310
|
|
svn path=/trunk/; revision=8284
|
|
The search uses a naive approach; more work is required to add a
Boyer-Moore Search algorithm.
svn path=/trunk/; revision=8280
|
|
Useage is -z talkers,ipx[,<filter>]
svn path=/trunk/; revision=8242
|
|
-z talkers,fc[,<filter>] to invoke it.
svn path=/trunk/; revision=8237
|
|
Update the talkers tap for tethereal (iousers) and change the command line to invoke the tethereal version from -z io,users, to -z talkers, to be the same
as for ethereal.
Sorry if it breaks some scripts but io,users was a very nonintuitive name for this option.
talkers is not much better but at least a little bit more descriptive/intuitive. Anyone with a better name for this are welcome to provide a patch.
The tethereal version is now agnostic to wether v4 or v6 are transporting UDP/TCP
svn path=/trunk/; revision=8236
|
|
list of disabled protocols.
svn path=/trunk/; revision=8145
|
|
Note that, inside double quotes, you must escape backslashes with
backslashes.
svn path=/trunk/; revision=8104
|
|
agents.
svn path=/trunk/; revision=8093
|
|
Besides "STRING", there is now "UNPARSED_STRING", where the distinction
is that "STRING" was a double-quoted string and "UNPARSED_STRING" is just
a sequence of characters that the scanner didn't know how to scan/parse,
so it's up to the Ftype to parse it.
This gives us more flexibility and prepares the dfilter parsing engine
for the upcoming addition of the "contains" operator.
In the process of doing this, I also re-did the double-quoted string
support in the scanner, so that instead of the naively-simple support we
used to have, double-quoted strings now can have embedded dobule-quotes,
embedded octal sequences, and embedded hexadecimal sequences:
"\"" embedded double-quote
"\110" embedded octal
"\x48" embedded hex
Enhance the dfilter unit test script to be able to run a single collection
of tests instead of having to run all of them all the time.
svn path=/trunk/; revision=8083
|
|
set its concurrency level. Fix an ADNS queueing bug.
svn path=/trunk/; revision=8063
|
|
Almost completely rewritten in order to:
- be able to use a unlimited number of ringbuffer files
0 specified with -b argument or in the GUI, means that the number of file
is unlimited.
else the maximum number of ring buffer files is arbitrarily set to 1024.
- close the current file and open (truncating it) the next file at switch
- set the final file name once open (or reopen)
- avoid the deletion of files that could not be truncated (can't arise now)
and do not erase empty files
The idea behind that is to remove the limitation of the maximum # of
ringbuffer files being less than the maximum # of open fd per process
and to be able to reduce the amount of virtual memory usage (having only
one file open at most) or the amount of file system usage (by truncating
the files at switch and not the capture stop, and by closing them which
makes possible their move or deletion after a switch).
svn path=/trunk/; revision=7912
|
|
svn path=/trunk/; revision=7872
|
|
Show the name of the program in boldface and capitalize it.
svn path=/trunk/; revision=7818
|
|
using the -z smb,sids command argument.
svn path=/trunk/; revision=7816
|
|
Add a new routine to iterate through all dissector tables, calling a
routine for each table, to support having the "-d" code list all
dissector tables.
Get rid of "dissector_handle_get_dissector_name()"; it was put in there
for "-d", but turns out not to be necessary for that.
Clean up the usage message a bit (using the convention, adhered to by at
least some UNIX utilities, of listing all the flags with no arguments in
a single lump, and then listing the ones with arguments individually,
and also putting "-v" and "-h" in a separate lump, as Ethereal does).
svn path=/trunk/; revision=7788
|
|
svn path=/trunk/; revision=7700
|
|
svn path=/trunk/; revision=7692
|
|
svn path=/trunk/; revision=7687
|
|
At some point we should probably add the list automatically, like we do
the filter fields.
svn path=/trunk/; revision=7686
|
|
when the new "Rotate capture file every n second(s)" checkbox or the
-b <# of file>[:<duration>] argument are used, [t]ethereal will skip to the
next ring buffer file if the specified duration has elapsed (even if the
specified capture size is not reached). This is useful when you want to have
separate capture files per hour or day for instance.
I let the autostop filesize parameter mandatory (i.e. the "rotate capture
file after n kilobytes") but this could be no longer strictly necessary when
that new feature is used ...
Another point: it might be interesting to really truncate the file at the
switch and not the closure ... According to user comments and my own real
case tests, I might plan to enhance this point and others (still ring buffer
related) in the future.
svn path=/trunk/; revision=7678
|
|
the documentation for that tap for Tethereal.
svn path=/trunk/; revision=7587
|
|
Wrap some paragraphs to 80 columns.
svn path=/trunk/; revision=7569
|
|
Make it able to calculate COUNT() SUM() MIN() MAX() and AVG() for integers and
relative time fields.
See tethereal manpage for examples.
svn path=/trunk/; revision=7550
|
|
Make it possible to use subsecond granularity for the measurement intervals.
io,stat is updated to accept the interval to be specified with ms resolution.
Example
-z io,stat,0.001,smb
to generate 1ms statistics for all SMB traffic.
svn path=/trunk/; revision=7527
|
|
svn path=/trunk/; revision=7317
|
|
Added top talkers calculation for UDP socketpairs
try -z io,users,udpip
svn path=/trunk/; revision=7266
|
|
"tcpip" added.
-z io,users,tcpip will create a top talkers list of individual tcpip connections
svn path=/trunk/; revision=7264
|
|
IO-Users is a feature for tethereal that will print statistics on io usage
similar to top talkers in other tools.
It needs to be ported to ethereal with a nice graph sometime later.
try:
-z io,users,ip
see man-page
svn path=/trunk/; revision=6972
|
|
SMB RTT statistics are similar to the RTT statistics already supported by ONC-RPC and DCE-RPC.
It will present a table with all seen SMB commands and present the Min/Max and Avg response time in ms.
Transaction2 and NT-Transaction commands are broken out and presented in its own subtables.
tethereal feature is activated with -z smb,rtt switch
and in ethereal it is activated either through -0z smb,rtt switch or through the Menu.
svn path=/trunk/; revision=6966
|
|
Fix up the documentation of the "-i" flag in the Ethereal man page to
note only that "netstat -i" and "ifconfig -a" *might* work, to
specifically note that not all UNIXes support the "-a" flag to
"ifconfig", and to note that pipe data must be in *standard* libpcap
format.
Document the support for pipes in the "-i" flag in Tethereal.
svn path=/trunk/; revision=6822
|
|
svn path=/trunk/; revision=6590
|
|
Using this command line option you canb now place any arbitrary display-filter fields on the COL_INFO line.
Assume you want NFS dissector in tethereal to put ALL filehandle hashes (nfs.fh.hash) on COL_INFO.
No worries, just add
-z proto,colinfo,nfs.fh.hash,nfs.fh.hash
as a parameter to tethereal.
Never again do you need to hack tethereal and recompile just because you want some extra info on the COL_INFO line.
svn path=/trunk/; revision=6560
|
|
svn path=/trunk/; revision=6551
|
|
Similar to what is available on ethereal:/Tools/ProtocolHierarchyStatistics
but this one can handle ALL protocols that tethereal has dissectors for.
Maybe a gtk/gtk2 version of this should replace the existing one in ethereal?
Try -z io,phs or -z io,phs,<filter> to test it.
svn path=/trunk/; revision=6532
|
|
frames matching user specified filters.
Try it with
-z io,stat,1,nfs,smb,arp
on a capture containing both nfs, cifs and arp traffic.
svn path=/trunk/; revision=6531
|
|
svn path=/trunk/; revision=6479
|
|
optional extra parameter.
This makes it possible to generate any types of stats based on user defined subsets of the capture.
Try -z rpc,rtt,100003,3,nfs.fh.hash==0x12345678
NFS rtt statistics for a specific file.
svn path=/trunk/; revision=6337
|
|
ranges specified with a mask, as well as manufacturer OUIs. Match the
address range values, as well as MAC addresses and manufacturer OUIs,
when translating MAC addresses to names.
Have "make-manuf" read a file containing the well-known addresses and
append it to the list of OUIs.
svn path=/trunk/; revision=6234
|
|
try: -z rpc,programs
svn path=/trunk/; revision=6190
|
|
modified while the draw thread is walking it.
Changed the cmdline switch to -z so the same one can be used both for
ethereal and tethereal.
Updated man pages to reflect the RPCSTAT feature.
(Try this with Tools/Statistics/ONC-RPC/RTT and load a capture containing
onc-rpc. )
svn path=/trunk/; revision=6189
|
|
svn path=/trunk/; revision=6177
|
|
One example extension is rpcstat.
Try -Z rpc,rtt,100003,3 as argument to tethereal when reading a capture
containing NFSv3 packets.
tap-rpcstat.[ch] is intended to demonstrate the api and can be used to
base other extensions on.
svn path=/trunk/; revision=6175
|
|
packets in real time feature.
svn path=/trunk/; revision=6034
|
|
svn path=/trunk/; revision=5922
|
|
Allow "-" as the output file name in Wiretap, referring to the
standard error.
Optimize the capture loop.
Fix some of the error-message printing code in Ethereal and Tethereal.
Have Wiretap check whether it can seek on a file descriptor, and pass
the results of that test to the file-type-specific "open for output"
routine. Have the "open for output" routines for files where we need to
seek when writing the file return an error if seeks don't work.
svn path=/trunk/; revision=5884
|
|
noise from the packet trace display.
Propagate those changes to the Tethereal man page.
svn path=/trunk/; revision=5570
|
