Age | Commit message (Collapse) | Author | Files | Lines |
|
- retrieving the list of remote PCAP interfaces
- password authentication support
- UDP data fransfer
- packet sampling (available in WinPcap 4.x)
etc.
fix problem if non-default rpcap port is used
svn path=/trunk/; revision=23750
|
|
#23537 change
svn path=/trunk/; revision=23540
|
|
example, we're ^C'ed. This should fix bug 2003.
svn path=/trunk/; revision=23538
|
|
retaining CAP_NET_ADMIN and CAP_NET_RAW. Update some Makefile
dependencies for dumpcap.
svn path=/trunk/; revision=23511
|
|
pipe instead of stdin. Add an argument (currently the parent PID) back
to the "-Z" flag and use it to construct the pipe name. This lets us
pass the parent's stdin handle to dumpcap, which lets us capture from
stdin on Windows. Add a comment about checking for the parent process.
In capture_loop.c, remove the wait_forever argument from cap_pipe_select()
since it was always FALSE. Set the timeout under Windows to 250 ms
instead of 250000 ms.
svn path=/trunk/; revision=23279
|
|
dumpcap, when using it as a capture child; leave the standard output
alone, in case tshark was told to write the capture to the standard
error.
Get rid of the argument to the "-Z" option to dumpcap; it might not work
on Windows.
svn path=/trunk/; revision=23124
|
|
"with", so we shouldn't put our own "with" in there.
svn path=/trunk/; revision=23037
|
|
descriptor to use as the sync pipe. For now, always pass 1, so the sync
pipe is the standard output of dumpcap.
svn path=/trunk/; revision=23025
|
|
sync_pipe_errmsg_to_parent(); have it take the FD for the sync pipe as
an argument.
svn path=/trunk/; revision=23024
|
|
svn path=/trunk/; revision=23022
|
|
this in the GUI rather than calling pcap_stats() directly. This gets rid
of the last pcap_open_live() call in the GUI code. Update
README.packaging.
svn path=/trunk/; revision=22443
|
|
that "-D" and "-L" should produce machine-readable output. Use this to
move an indirect get_pcap_linktype() call from the GUI to dumpcap.
svn path=/trunk/; revision=22367
|
|
Add a capture_interface_list(), which works similar to
get_interface_list() except that it forks dumpcap instead of calling
the pcap routines directly. Use it in the GUI.
Add a "-I" flag to dumpcap, which prints out verbose interface
information.
Tested under Windows and Linux.
svn path=/trunk/; revision=22071
|
|
Also: minor cleanup for capture_loop.c
svn path=/trunk/; revision=20864
|
|
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1289
Rename 'svnversion' to 'wireshark_svnversion' to resolve a symbol conflict with
GTK 2.10.6 (hmm, shouldn't GTK not be exporting that symbol or at least naming
it so as to prevent such collisions? Well, so should we, so...)
From Andreas Fink: change #ifdef for size_t in airdcap_interop.h to fix
compile on MacOS X.
svn path=/trunk/; revision=20726
|
|
Fix some memleaks and overflows.
I haven't committed the changes that are not bug fixes.
svn path=/trunk/; revision=19777
|
|
svn path=/trunk/; revision=19624
|
|
version string, so the information comes out right for applications that
don't use Portaudio.
Get rid of an extra "with" in the version string for dumpcap.
Get rid of an extra blank after the libpcap version string, and get rid
of an extra newline before it.
Attempt to add more compiler version information and to prettify the
MSVC++ version information (both untested).
svn path=/trunk/; revision=19613
|
|
in last year by Gianluca Varenni.
Add partial support for reading from named pipes (currently disabled).
Move utf_8to16() and utf_16to8() to a separate module (unicode-utils.[ch])
so that we don't have to cut and paste code in dumpcap.c.
Fix up whitespace.
svn path=/trunk/; revision=19291
|
|
svn path=/trunk/; revision=18987
|
|
svn path=/trunk/; revision=18892
|
|
"Windows XP S", where it should be "Windows XP Service Pack 2"
dumpcap uses this too, so I had to duplicate utf_16to8 there :-(
svn path=/trunk/; revision=18891
|
|
svn path=/trunk/; revision=18235
|
|
svn path=/trunk/; revision=18197
|
|
svn path=/trunk/; revision=17793
|
|
by dumpcap and Ethereal (so that, on UN*X, the child process can report
a detailed "can't exec dumpcap" error).
Rename most of the "sync_pipe_XXX_to_parent()" routines, as they're also
in Tethereal, which doesn't have a sync pipe.
svn path=/trunk/; revision=17789
|
|
even if doing a live capture; just print the packets without saving
them.
In dumpcap:
default to the capturing the entire packet;
don't do the "Press any key" stuff when debugging on UN*X;
do console logging (to the standard error) even when we're
running as the capture child (the sync pipe should only be the
standard output, not the standard error).
svn path=/trunk/; revision=17786
|
|
svn path=/trunk/; revision=17714
|
|
transport failed between Ethereal and dumpcap.
I've also changed the way the secondary error message is transported from former "header message 0 secondary 0" to "header header message 0 header secondary 0" as that might be a bit more clearer, and I'll need it for further development anyway.
I was using this while debugging and not recognizing the real problem - for about four hours :-(. I'll need this feature when doing the interface (and link layer type) browsing later (transferring this data from dumpcap to Ethereal) to get a full blown privilege seperation.
svn path=/trunk/; revision=17608
|
|
primary and secondary error messages and let the parent worry about how
to display them. This means dumpcap doesn't need stub routines for
generating the formatting tags for the primary and secondary messages.
Have a separate message for capture filter errors, so that the parent
can check whether the capture filter looks like a display filter and
report the appropriate message. This means that dumpcap doesn't need a
stub routine for compiling display filters (a stub routine also means
that Ethereal won't do the check for capture filters that look like
display filters!).
svn path=/trunk/; revision=17465
|
|
svn path=/trunk/; revision=17403
|
|
dumpcap in addition to the things already done now
various dumpcap related code cleanup: mainly #include's and capture engine related stuff
svn path=/trunk/; revision=17327
|
|
no longer needs util.c, so it no longer includes routines that use
host_ip_af(), so it no longer needs to define its own host_ip_af().
That also means dumpcap.c no longer needs to include <sys/socket.h>.
svn path=/trunk/; revision=17278
|
|
svn path=/trunk/; revision=17269
|
|
using dumpcap as the capture child for Ethereal.
dumpcap is a plain console application now, even for Win32 (so no WinMain, create_console and special piping stuff reguired). The undocumented command line option -Z will switch dumpcap into "child mode", using binary instead of plain text output messages to communicate with a parent Ethereal.
Ethereal's main.c no longer needs to distinguish between child mode or not, so some simplifying here.
capture_sync.c has to call dumpcap in a "hidden window" mode using CreateProcess instead of spawnvp, otherwise an uggly console window would appear. The handles created by _pipe doesn't seem to be inheritable for this function, using CreatePipe instead.
The file capture_loop.c is only needed by dumpcap, removed from Ethereal link objects.
Some debugging aid added and other minor cleanup done.
svn path=/trunk/; revision=17256
|
|
status return values (0,1 or 2).
This way makes it much easier to debug, e.g. to set a common breakpoint if a command line parameter fails.
svn path=/trunk/; revision=17240
|
|
svn path=/trunk/; revision=17238
|
|
svn path=/trunk/; revision=17009
|
|
svn path=/trunk/; revision=16960
|
|
svn path=/trunk/; revision=16938
|
|
add an error message if no interfaces could be found (and mention that it might be a privilege problem)
svn path=/trunk/; revision=16924
|
|
Even though dumpcap isn't finished I would like this patch applied in
order to:
1. remove some compiler warnings
2. avoid a seg fault when running dumpcap without parameters as normal
user.
svn path=/trunk/; revision=16922
|
|
svn path=/trunk/; revision=16852
|
|
svn path=/trunk/; revision=16819
|
|
various minor code cleanup
svn path=/trunk/; revision=16805
|
|
remove a lot of redundant code from tethereal and use (move) stuff from capture_loop.c instead.
concentrate common capture related code in capture_opts.c, e.g. trying to find the right interface to capture from (command line option, preference, first usable) instead of duplicating this code over several files.
remove redundant code from dumpcap.c
this also implements command line option -D (and indexed interfaces at -i) for Ethereal and Dumpcap (as we have it in Tethereal already for a while)
svn path=/trunk/; revision=16787
|
|
this way, the capture prefix will "logically" group the files together and file browsers will also group them
we may want to move the files into a subdir capture later
svn path=/trunk/; revision=16691
|
|
use capture_opts_trim()
output of command line usage and version "enhanced"
svn path=/trunk/; revision=16684
|
|
Add dumpcap to svn:ignore.
svn path=/trunk/; revision=16676
|
|
capture_loop.c to capture_info.c and call it from capture.c (instead of capture_loop.c).
This way, the capture child don't need to now any of the packet_counter things (no epan/packet.h and all alike).
Currently the capture_info code will always open another wiretap file instance to build it's own counter values. This isn't optimized for now (next step: use data from cf_continue_tail() somehow).
svn path=/trunk/; revision=16669
|