Age | Commit message (Collapse) | Author | Files | Lines |
|
found in a tree.
svn path=/trunk/; revision=17741
|
|
Modification to (proto.h) is made to add an additional expert group type of PI_REQUEST_CODE to allow Request tag information to be passed to the expert tap. This is for such reasons where a dissector would like to echo specific information about certain types of requests. For example: NCP connection request is really a request not a REPLY_CODE. Same is true for the TCP SYN request.
Changes to packet-ncp.c
1. Server broadcast message flag. Now indicates if the message is a pending message or an oplock clear notification.
2. Cleanup of packet signature detection process. Previous method had some flaws so I redesigned it. Appears to be solid now.
3. Echo NCP Server Session information to expert tap.
Note on item #3: NCP Connection+Task = NCP Session, a Single connection can have many tasks. The server sees each connection/task as a unique session. For this reason the NCP session information is now echoed to the expert composite statistics so that you can easily identify the different NCP processes and sessions. It is important to NCP analysis to understand that each session is most likely a different program on the requesting host sharing the same NCP connection.
Changes to packet-ncp2222.inc
1. Comment out the echo of NCP connection info to expert tap. Replaced by NCP sessions.
2. Add displayEID in request decode (resolves Coverity defect for dead code in NCP dissector)
Changes to ncp2222.py
1. Fix for endian display of bindery object type in NCP 0x1720.
2. Fix for size of bindery object type to 2 bytes instead of 4 to match other bindery NCP's.
svn path=/trunk/; revision=17636
|
|
svn path=/trunk/; revision=17566
|
|
"proto_tree_add_XXX_format()" routines except that the format doesn't
have to include the field name - the field name, followed by ": ", are
put into the representation string, followed by the result of the
formatting, so you just format the value with the format string, not the
entire representation.
svn path=/trunk/; revision=17221
|
|
svn path=/trunk/; revision=16652
|
|
and not free the string to which it points. Pass to
REPORT_DISSECTOR_BUG() strings allocated with ep_strdup_printf(), so
that they're freed automatically.
svn path=/trunk/; revision=16039
|
|
"abort()" if the ETHEREAL_ABORT_ON_DISSECTOR_BUG environment variable is
set; this is for debugging purposes, to make it easier to get a stack
trace of the offending call.
svn path=/trunk/; revision=16013
|
|
column-utils.h, and add it to expert.h, so we check the arguments to
"expert_add_info_format()", at least if the format argument is a
constant string.
Fix some more calls to "expert_add_info_format()" to pass it a format
string.
Don't record BoundsError exceptions as expert events - they merely
reflect a capture done with a snapshot length too short to capture all
of the packet (any case where it's caused by something else is a bug).
svn path=/trunk/; revision=15776
|
|
where others might have a look and probably already find it useful :-). Anyway, we can easily disable it at one or two places in the code if it get's in our way of a new release.
Please see: http://wiki.ethereal.com/Development/ExpertInfo for a complete overview of the intended feature and it's current state of implementation.
While I'm working on this, I've also added some more status result codes to the DCE/RPC and DCOM dissectors.
svn path=/trunk/; revision=15754
|
|
svn path=/trunk/; revision=15700
|
|
svn path=/trunk/; revision=15682
|
|
which makes it much better visible.
Add some more optional flags to the protocol items, so more "special cases" can be marked in the protocol tree.
New flags:
/** The protocol field has a bad checksum */
FI_CHECKSUM_ERROR
/** The protocol field has an unusual sequence (e.g. TCP window is zero) */
FI_SEQUENCE_WARNING
/** The protocol field has a bad sequence (e.g. TCP segment is lost) */
FI_SEQUENCE_ERROR
svn path=/trunk/; revision=15499
|
|
Fix warnings of type:
proto.c:2219: warning: ISO C forbids conditional expr with only one void side
svn path=/trunk/; revision=15156
|
|
svn path=/trunk/; revision=15118
|
|
fails when trying to use varargs. Due to a missing include
config.h we were using varargs with proto.h
svn path=/trunk/; revision=15117
|
|
(presumably-)harmless-but-otherwise-unremovable const-to-nonconst
warnings.
In the TACACS dissector, clean up the variables used in option parsing
to avoid some const-to-nonconst warnings.
Clean up some white space.
svn path=/trunk/; revision=15043
|
|
svn path=/trunk/; revision=15015
|
|
svn path=/trunk/; revision=14966
|
|
svn path=/trunk/; revision=14959
|
|
svn path=/trunk/; revision=14845
|
|
svn path=/trunk/; revision=14740
|
|
by iDEFENSE. Add constant format strings to proto_item_append_text()
in a bunch of other dissectors. Copy a comment from proto.c to proto.h.
svn path=/trunk/; revision=14713
|
|
"discards qualifier from assignment".
svn path=/trunk/; revision=14663
|
|
proto_item inside the tree (but it can't be moved to a different "tree level")
svn path=/trunk/; revision=14524
|
|
It should not dump core as far as all my tests are concerned and Menu_Statistics/ProtocolHierStats work
It needs more testing and there might still be cases where it will crash that will need to be fixed but I feel it will be worth it since it will decrease the time to filter very large capture files dramatically.
Real significant performance boost for very large captures.
(If we cant fix all the problems we can just revert this patch)
svn path=/trunk/; revision=14051
|
|
optimization for COLUMNS to make ethereal faster when filtering
optimization to make the slow find_protocol_by_id() fast.
(idea from Didier, implementation modified by me to be less intrusive)
svn path=/trunk/; revision=14026
|
|
svn path=/trunk/; revision=13870
|
|
svn path=/trunk/; revision=13725
|
|
used in DissectorError exceptions.
svn path=/trunk/; revision=13079
|
|
Add a DISSECTOR_ASSERT() macro, which is the usual type of assertion
macro, but throws a DissectorError exception with a message giving the
flien and line number and the failed test as a string. Use that macro
in "alloc_field_info()".
Report that exception in the Info column and the protocol tree, as well
as logging the exception failure with g_warning().
svn path=/trunk/; revision=13078
|
|
const, although the pointers can't point to consts (as the values get
filled in as they're registered).
svn path=/trunk/; revision=12981
|
|
"const char *".
svn path=/trunk/; revision=12888
|
|
records by tw fields: base (for integers), and blurb
Add a "-G values" option which shows value strings and true_false strings for
the fields that have them.
svn path=/trunk/; revision=11954
|
|
integers.
Make FT_INT64 and FT_UINT64 add numerical values, rather than byte-array
values, to the protocol tree, and add routines to add specified 64-bit
integer values to the protocol tree.
Use those routines in the RSVP dissector.
svn path=/trunk/; revision=11796
|
|
the DISSECTOR_SUPPORT_xy files any longer and as a consequence they
won't be linked into libethereal.
svn path=/trunk/; revision=11559
|
|
they have LF at the end of the line on UN*X and CR/LF on Windows;
hopefully this means that if a CR/LF version is checked in on Windows,
the CRs will be stripped so that they show up only when checked out on
Windows, not on UN*X.
svn path=/trunk/; revision=11400
|
|
as this info can be derived from the presence of the FT_FRAMENUM field
svn path=/trunk/; revision=10901
|
|
a doubleclick will follow the link
svn path=/trunk/; revision=10892
|
|
added lot's of new (hopefully correct) comments
svn path=/trunk/; revision=10841
|
|
svn path=/trunk/; revision=10838
|
|
proto_tree_add_xy_fromat functions,
because of GNUC printf format checks
svn path=/trunk/; revision=10837
|
|
add a config.nmake option to control whether to build
libethereal.dll or not;
remove "./wiretap" from PATH to prevent problems due to
wrongly-loaded files;
build dissector.lib with MSVC;
move "print.c" and "ps.c" to the dissector helpers, as "print.c"
imports variables from packet-frame.c and packet-data.c, which
are in libethereal;
move "g711.c" out of the dissector helpers, as they're used only
by Ethereal in a tap, not in Tethereal or in any dissector;
add a .def file for libethereal;
arrange to declare global variables exported from libethereal
with "__declspec(dllimport)" when building programs that import
those variables;
update the NSIS installer.
Make the "configure" script define ETH_VAR_IMPORT as "extern".
svn path=/trunk/; revision=10834
|
|
svn path=/trunk/; revision=10833
|
|
Fix the PROTO_ITEM_IS_XXX and PROTO_ITEM_SET_XXX macros by replacing
the if(x) with trigraphs so the macros can still be used in subsequent
conditional tests.
svn path=/trunk/; revision=10758
|
|
svn path=/trunk/; revision=10755
|
|
this sets flags for later rendering of the field data
svn path=/trunk/; revision=10752
|
|
svn path=/trunk/; revision=10740
|
|
and the item N levels up from a protocol tree item.
svn path=/trunk/; revision=10486
|
|
support them.
From Ronnie Sahlberg: Kerberos updates with new constants from the
current draft, decryption and dissection of Kerberos blobs, and changes
to work with the changed BER dissector.
svn path=/trunk/; revision=10479
|
|
protocols ...
svn path=/trunk/; revision=9538
|