| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- Change apply / prepare / ... as filter to use the field's value, which
is now stored in fdata as well as cinfo. Now we don't have to reprocess
the entire packet list when using these features. This also prevents
the use of these features from overwriting custom column information.
(custom columns can now be used in apply / prepare ... as filter)
- Break col_expr and col_expr_val out into a struct that is included not only
in cinfo, but now also fdata.
- Have col_custom_set_fstr() quote FT_STRING & FT_STRINGZ when storing the
col_expr_val value (for filter creation).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@24511 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Fix for bug #491: Unexpected frame.time_delta behavior
This patch ... fixes bug 491. It does this by changing the
behaviour of the frame.time_delta field so it reflects the delta
time between captured packets (tshark already did this). To keep
the delta time between displayed packets, the field
frame.time_delta_displayed is created.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21154 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
handle files > 2GB correct.
Please distclean Win32 builds!
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@19814 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18197 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17093 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"unknown" for frame numbers. Note that in epan/frame_data.h, and make
the frame number in experts unsigned, and use 0 for "unknown", and
display it as an unsigned number - and, if it's 0, don't display it at
all.
Fix the signature of "expert_dlg_draw()" to match what a tap's draw
routine's signature is expected to be.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15760 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
I've done more than a day to change the timestamp resolution from microseconds to nanoseconds. As I really don't want to loose those changes, I'm going to check in the changes I've done so far. Hopefully someone else will give me a helping hand with the things left ...
What's done: I've changed the timestamp resolution from usec to nsec in almost any place in the sources. I've changed parts of the implementation in nstime.s/.h and a lot of places elsewhere.
As I don't understand the editcap source (well, I'm maybe just too tired right now), hopefully someone else might be able to fix this soon.
Doing all those changes, we get native nanosecond timestamp resolution in Ethereal. After fixing all the remaining issues, I'll take a look how to display this in a convenient way...
As I've also changed the wiretap timestamp resolution from usec to nsec we might want to change the wiretap version number...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15520 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15332 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
they have LF at the end of the line on UN*X and CR/LF on Windows;
hopefully this means that if a CR/LF version is checked in on Windows,
the CRs will be stripped so that they show up only when checked out on
Windows, not on UN*X.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11400 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
that spelling).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9917 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9630 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
filter's colors" bug, by storing the pointer to the matching color_filter_t
structure in the frame_data structure.
Replace "frame" and "frames" by "packet" and "packets" in many places.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9607 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
One can now select a packet and mark it as a TimeReference packet using the menu.
A TimeReference packet will be indicated by having all timestamp related column entries replaced by the string *REF*
A TimeReference packet will always be displayed in the packet pane, and overrides any display filters.
When a frame is a TimeReference frame, all later frames will calculate the TimeRelativeToFirstPacket relative to the timestamp of the TimeReference frame instead of the first frame of the capture.
You can have any number of TimeReference frames you like.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8459 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Ethereal presents a column to display culmulative bytes into the capture.
A new column type is added : Culmulative Bytes.
While PacketLength column type specifies the number of bytes in the current packet,
Culmulative Bytes specifies the culmulative number of bytes from the start of the capture.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8359 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Fixed bug in said function which prevented it from actually working.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7982 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6116 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
While we're at it, add "extern" to a bunch of function declaration the
preceding change *didn't* require to have the "extern" added.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5995 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
in the "packet_info" structure instead, as we don't need a pointer for
every single frame in the capture file, just for each frame for which we
currently have an open "epan_dissect_t".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5614 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"data source" has a name and a top-level tvbuff, and frames can have a
list of data sources associated with them.
Use the tvbuff pointer to determine which data source is the data source
for a given field; this means we don't have to worry about multiple data
sources with the same name - the only thing the name does is label the
notebook tab for the display of the data source, and label the hex dump
of the data source in print/Tethereal output.
Clean up a bunch of things discovered in the process of doing the above.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4749 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4374 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
structure to the "packet_info" structure; only stuff that's permanently
stored with each frame should be in the "frame_data" structure, and the
"column_info" structure is not guaranteed to hold the column values for
that frame at all times - it was only in the "frame_data" structure so
that it could be passed to dissectors, and, as all dissectors are now
passed a pointer to a "packet_info" structure, it could just as well be
put in the "packet_info" structure.
That saves memory, by shrinking the "frame_data" structure (there's one
of those per frame), and also lets us clean up the code a bit.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4370 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
frame_data{h,c}. Added a frame_data_init to be called by epan_init.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3223 f5534014-38df-0310-8fa8-9805f1628bb7
|
