Age | Commit message (Collapse) | Author | Files | Lines |
|
acked_packets (i.e. packets that have interesting tcp properties such as being retransmissions etc) hang off the per conversation tcpd struct instead of being global.
while this should improve performance by unmeasurably little it does have the sideeffect that once we finish the rewrite tcp analysis might actually work and work well even for tcp over tcp tunnelling.
this also means that if you include packet-tcp.h you also need to include emem.h .
svn path=/trunk/; revision=17681
|
|
svn path=/trunk/; revision=17673
|
|
drawing_area widgets. Instead of canoodling around with a global list
of graphs, simply associate a graph to its widgets using OBJECT_SET_DATA.
This should take care of Coverity CIDs 50 - 59.
Clean up whitespace.
svn path=/trunk/; revision=17554
|
|
failed in unusual conditions.
This bug was discovered while looking at defects #130 and #131 discovered by coverity.
This patch also fixes these non-severe defects.
svn path=/trunk/; revision=17531
|
|
After investigating the time-sequence graphs (Stevens and tcptrace) produced
using an FTP capture file supplied by Eduardo Segura
(see http://www.ethereal.com/lists/ethereal-users/200512/msg00153.html )
I've identified several problems in tcp_trace.c.
The problems mostly involve incorrect determination of the lower/upper
sequence number bounds (for the Y axis) in certain cases (e.g. having to do
with 'partial' conversations).
I've reworked the '...get_bounds' code to handle cases such as:
1. out of order data segments (e.g.: the first segment in a captured
conversation has a higher sequence number than a later segment);
2. 'ack' sequence numbers for initial ack segments in a conversation lower
than the sequence numbers of the initial data segments;
3. maximum 'ack + win' sequence number in a conversation greater than the
max data sequence number;
4. Stevens graph: only use data segment sequence numbers when
determining bounds;
5. TCP RST packet without 'ack' flag: do not try to use the 'ack' seq num from
the packet in this case. (This was the specific cause of the originally reported
problem).
I've also reworked the tcptrace display code slightly to properly handle
the initial ack packet of a sequence;
As an example of the some of the fixes the Ethereal tcptrace style graph
of the following conversation fragment will now be similar to the graph
produced by Tcptrace.
data: seq 10000 len 100
data: seq 10100 len 200
ack: ack 5000 win 6000
ack: ack 5400 win 5600
svn path=/trunk/; revision=16874
|
|
directory to the epan directory. Some of them should perhaps ultimately
be moved to epan/dissectors, if they pertain only to stuff exported by a
particular dissector.
Fix Gerald's e-mail address in files we're moving.
svn path=/trunk/; revision=15844
|
|
generate columns; use cf_retap_packets instead of cf_redissect_packets()
when running taps (the general flow graph stat uses the Info column).
svn path=/trunk/; revision=15793
|
|
I've done more than a day to change the timestamp resolution from microseconds to nanoseconds. As I really don't want to loose those changes, I'm going to check in the changes I've done so far. Hopefully someone else will give me a helping hand with the things left ...
What's done: I've changed the timestamp resolution from usec to nsec in almost any place in the sources. I've changed parts of the implementation in nstime.s/.h and a lot of places elsewhere.
As I don't understand the editcap source (well, I'm maybe just too tired right now), hopefully someone else might be able to fix this soon.
Doing all those changes, we get native nanosecond timestamp resolution in Ethereal. After fixing all the remaining issues, I'll take a look how to display this in a convenient way...
As I've also changed the wiretap timestamp resolution from usec to nsec we might want to change the wiretap version number...
svn path=/trunk/; revision=15520
|
|
that it doesn't appear to be part of GTK+.
svn path=/trunk/; revision=15501
|
|
filter as an argument on the command line and have a dialog box to enter
the display filter through the GUI. Use it for all stats using
"gtk_tap_dfilter_dlg_cb()".
Add a top-level "stat_menu.h" file to declare "REGISTER_STAT_GROUP_E"
for the benefit of the declaration of "register_dfilter_stat()" in the
top-level "tap_dfilter_dlg.h". Rename the "stat_menu.h" in the gtk
directory to "gtk_stat_menu.h", so as not to have two headers with the
same name.
Get rid of headers not declaring any functions not being used in the
module.
svn path=/trunk/; revision=15493
|
|
- Add plugins_dlg.h
- Include .h files in their respective .c files
- Include .h and remove extern declarations in .c files
- set eol-style and keywords on gui_utils.[hc]
svn path=/trunk/; revision=15471
|
|
named ui_util.h in / dir
svn path=/trunk/; revision=15465
|
|
and "Statistics" menu items into "stat.h" and "stat.c", to separate them
from the core tapping APIs. A tap could conceivably not register as a
"-z" command-line argument or "Statistics" menu item, and a stat could
conceivably not be implemented as a tap, and dissectors that implement
tapping points don't need the UI-related stuff from "stat.h", they just
want the tap-related stuff in <epan/tap.h>.
svn path=/trunk/; revision=15427
|
|
svn path=/trunk/; revision=15263
|
|
svn path=/trunk/; revision=15244
|
|
svn path=/trunk/; revision=15232
|
|
cfile.current_frame to it separately.
Note that we shouldn't ever get a "Selected packet isn't a TCP segment"
error any more; we can now handle all link layers.
Give a little more detail in the message shown if there's *more than
one* TCP header in the packet.
svn path=/trunk/; revision=14895
|
|
Don't regenerate the packet list when generating the TCP stream graph -
it won't be changing; just redissect and run the tap.
svn path=/trunk/; revision=14894
|
|
svn path=/trunk/; revision=14892
|
|
tcp-graph has been modified to extract tcp data from a TAP instead of reading and parsing directly from the capture file.
This makes tcp graph work for any type of capture and for any transport.
In the future someone with access to captures with TCP over something over TCP
to add a dialog where the user can specify WHICH of the multiple TCP sessions to graph.
svn path=/trunk/; revision=14889
|
|
This includes: all functions in file.h now have a cf_ prefix, will have doxygen tags, will have the capture_file *cf as the first parameter and I tried to generalize the return values for non trivial functions.
Hopefully, I didn't introduced any new bugs, as I had to change a lot of files...
svn path=/trunk/; revision=13289
|
|
contractions. (Safari does, at least when you're trying to open a file
to which you don't have read access.)
svn path=/trunk/; revision=12852
|
|
svn path=/trunk/; revision=12130
|
|
according to Gisle Vanem, WIN32 isn't a built-in in MSVC, but _WIN32 is.
svn path=/trunk/; revision=11972
|
|
they have LF at the end of the line on UN*X and CR/LF on Windows;
hopefully this means that if a CR/LF version is checked in on Windows,
the CRs will be stripped so that they show up only when checked out on
Windows, not on UN*X.
svn path=/trunk/; revision=11400
|
|
do some font related renaming/code cleanup
svn path=/trunk/; revision=11166
|
|
two, and it returns a gboolean.
svn path=/trunk/; revision=11133
|
|
changed window_xy (dialog) function calling in a lot of gtk files
cleanup of file selection code
cleanup in dlg_utils/file_dlg/ui_util
Please report any problems!!!
svn path=/trunk/; revision=11003
|
|
use window_new instead of dlg_window_new for the statistics windows
(as these are no dialog windows)
do some code cleanup
svn path=/trunk/; revision=10979
|
|
use the dlg_window_new function for all dialogs
svn path=/trunk/; revision=10586
|
|
svn path=/trunk/; revision=10390
|
|
various other string related changes
svn path=/trunk/; revision=10373
|
|
Put both capture filename and
x.x.x.x:x -> y.y.y.y:y
describing the tcp session we are currently graphing in the menu text
of the window.
svn path=/trunk/; revision=10249
|
|
svn path=/trunk/; revision=10206
|
|
called "IO stats" now "Throughput Graph" as this might be somewhat more descriptive IMHO.
Same applies to the "TCP Stream Analysis" -> "TCP Stream Graphs"
svn path=/trunk/; revision=10203
|
|
items now again grouped by function, not by ISO layer
svn path=/trunk/; revision=10202
|
|
svn path=/trunk/; revision=10182
|
|
now sorted by ISO-layer, than alphabetically (now longer by functionality).
Seperated the tap registering from the actual menu making stuff,
so the seperate step of registering the tap and the menu is no longer needed.
Removed all things related to this double registering.
svn path=/trunk/; revision=10180
|
|
the title, and arranges to set the icon for it. Use that instead of
"gtk_window_new()" and separate calls to set the title and arrange to
set the icon.
Regularize #includes a bit.
Clean up white space.
svn path=/trunk/; revision=10054
|
|
scrolled_window_new().
added gtk_scrolled_window_set_policy(AUTOMATIC,AUTOMATIC) to
scrolled_window_new()
added GTK2's gtk_scrolled_window_set_shadow(GTK_SHADOW_IN)
to every place needed
svn path=/trunk/; revision=9999
|
|
"simple_dialog()"; NULL might be #defined to be a pointer expression on
some platforms, causing compiler warnings (and, on platforms where a
null pointer doesn't have all its bits 0, possibly causing misbehavior,
although I don't think there are any such platforms on which Ethereal
runs).
Don't allow 0 as button mask argument to "simple_dialog()".
Squelch a compiler warning.
Report fatal problems as errors, not warnings.
Report file I/O errors with "file_open_error_message()".
Report file write errors (including those reported by "close()", e.g.
some errors writing to an NFS server) when saving raw packet data to a
file.
svn path=/trunk/; revision=9915
|
|
better reflect the real error text
svn path=/trunk/; revision=9913
|
|
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
|
|
layouting the dialog buttons, and use it where appropriate.
This will help us with the GTK1/2 conflict on button layouts and
will also result in a more consistent look of the dialogs at all.
svn path=/trunk/; revision=9771
|
|
added some ethereal specific stock icons
svn path=/trunk/; revision=9763
|
|
"gtk_spin_button_get_value_as_float()" be doubles rather than floats -
GTK+ 2.x's "gtk_spin_button_get_value_as_float()" actually returns
doubles.
svn path=/trunk/; revision=9654
|
|
svn path=/trunk/; revision=9636
|
|
svn path=/trunk/; revision=9628
|
|
svn path=/trunk/; revision=9560
|
|
svn path=/trunk/; revision=9422
|