Age | Commit message (Collapse) | Author | Files | Lines |
|
Also move ncp222.py, x11-fields, process-x11-fields.pl,
make-reg-dotc, and make-reg-dotc.py.
Adjust #include lines in files that include packet-*.h
files.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11410 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
they have LF at the end of the line on UN*X and CR/LF on Windows;
hopefully this means that if a CR/LF version is checked in on Windows,
the CRs will be stripped so that they show up only when checked out on
Windows, not on UN*X.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11400 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Ethertype.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10558 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
it if we catch an exception (after showing the exception), so that
subsequent exceptions will have the right protocol.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10159 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
rethrow BoundsError, call "show_exception()" for all other errors, and
then fall through to dissect the trailer outside the TRY/CATCH/ENDRY
construct.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10150 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
to add the trailer - that avoids the problem with throwing an exception
inside a CATCH* clause for that same exception. (XXX - is this a
problem with our exception mechanism? What happens in languages with
built-in exceptions if a
try
XXX
catch YYY
ZZZ
end
construct throws exception YYY inside code block ZZZ? If it doesn't
re-enter ZZZ, that argues that our exception mechanism is buggy or, at
least, violates the Principle of Least Surprise.)
Move the code to put the trailer information into the protocol tree out
of the CATCH2 clause, so the trailer shows up if we *do* have the
trailer information.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9898 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Otherwise, they're caught by ethertype() which results in an infinite loop.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9893 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Add in a URL to the RTNET home page.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9102 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8982 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Protocol, although the packets I've seen with 0x81fd don't look like the
ISMP packets described in RFC 2641/2642/2643.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8645 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
0 means "there is no FCS in the packet data", 4 means "there is an FCS
in the packet data", -1 means "I don't know whether there's an FCS in
the packet data, guess based on the packet size".
Assume that Ethernet encapsulated inside other protocols has no FCS, by
having the "eth" dissector assume that (and not check for an Ethernet
pseudo-header).
Have "ethertype()" take an argument giving the FCS size; pass 0 when
appropriate.
Fix up Wiretap routines to set the pseudo-header. This means we no
longer use the "generic" seek-and-read routine, so get rid of it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8574 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
An Ethernet trailer is only needed to pad the packet to 60 bytes of
Ethernet header plus payload; if the packet has what appears to be a
trailer, and it's 4 or more bytes (i.e., long enough to include an FCS),
and the Ethernet frame was claimed to have 64 or more bytes (i.e., it
has at least an FCS worth of data more than the minimum 60 bytes),
assume that the last 4 bytes of the frame were an FCS.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8207 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7839 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7526 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Network Load Balancing probes, we can at least recognize them as such.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7247 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6476 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6416 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6117 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
equivalents for the toplevel directory. The removal of winsock2.h will
hopefully not cause any problems under MSVC++, as those files using
struct timeval still include wtap.h, which still includes winsock2.h.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5932 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Control Protocol.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5663 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5233 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5009 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4747 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"epan/..." pathnames, so as to avoid collisions with header files in any
of the directories in which we look (e.g., "proto.h", as some other
package has its own "proto.h" file which it installs in the top-level
include directory).
Don't add "-I" flags to search "epan", as that's no longer necessary
(and we want includes of "epan" headers to fail if the "epan/" is left
out, so that we don't re-introduce includes lacking "epan/").
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4586 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
structure to the "packet_info" structure; only stuff that's permanently
stored with each frame should be in the "frame_data" structure, and the
"column_info" structure is not guaranteed to hold the column values for
that frame at all times - it was only in the "frame_data" structure so
that it could be passed to dissectors, and, as all dissectors are now
passed a pointer to a "packet_info" structure, it could just as well be
put in the "packet_info" structure.
That saves memory, by shrinking the "frame_data" structure (there's one
of those per frame), and also lets us clean up the code a bit.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4370 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
specifies how the selector values used as keys in those tables are to be
displayed, and the title to use when displaying the table.
Use that information in the code to display the initial and current
entries of various dissector tables.
Have the dissector for BACnet APDUs register itself by name, and have
the BACnet NPDU dissector call it iff the BAC_CONTROL_NET bit isn't set,
rather than doing it with a dissector table.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4358 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4269 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
of packet data captured.
Make the "BYTES_ARE_IN_FRAME()" macro take a "captured length of the
packet" argument.
Add some length checks to capture routines.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4235 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4199 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Nikander.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4170 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
for which the ethertype dissector knows the name.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3557 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
protocol type values that are PPP protocol types.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3554 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
as well just include "ppptypes.h" in "packet-ethertype.c", rather than
defining ETHERTYPE_ values equal to the corresponding PPP_ values, and
add entries for the PPP protocols we now dissect when running atop
Ethernet.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3548 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3547 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
apparently, means an Ethernet packet is stuffed into the payload; add
support for it as an Ethernet, Cisco HDLC, and GRE packet type.
Sort the Ethernet types in "etypes.h" by value.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3250 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"compressed" to the list of NLPIDs in "nlpid_vals[]".
Use "nlpid_vals" for the Frame Relay NLPID field.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3206 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2965 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
we get an exception, add in any trailer we and then rethrow the
exception, so that the trailer will be put into the tree even if some
subdissector threw an exception. (Yes, an exception can be thrown even
in a frame with a trailer; you could have a frame, all of which was
captured, that has an IP datagram containing a UDP datagram, and if the
UDP payload isn't big enough for the type of packet it's supposed to be,
a ReportedBoundsError exception can be thrown.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2917 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
into "ethertype()".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2915 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
ESIS dissectors.
Register the IP dissector and have dissectors that call it directly
(rather than through a port table) call it through a handle.
Add a routine "tvb_set_reported_length()" which a dissector can use if
it was handed a tvbuff that contains more data than is actually in its
part of the packet - for example, handing a padded Ethernet frame to IP;
the routine sets the reported length of the tvbuff (and also adjusts the
actual length, as appropriate). Then use it in IP.
Given that, "ethertype()" can determine how much of the Ethernet frame
was actually part of an IP datagram (and can do the same for other
protocols under Ethernet that use "tvb_set_reported_length()"; have it
return the actual length, and have "dissect_eth()" and "dissect_vlan()"
use that to mark trailer data in Ethernet II frames as well as in 802.3
frames.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2658 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
dissector call it through a handle, and make it static.
Give "dissect_data()" an "offset" argument, so dissectors can use it to
dissect part of the packet without having to cook up a new tvbuff.
Go back to using "dissect_data()" to dissect the data in an IPP request.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2651 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2242 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2218 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
a particular type, rather than taking a varargs list, along the lines of
the "proto_tree_add_XXX_format()" routines.
Replace most calls to "proto_tree_add_item()" and
"proto_tree_add_item_hidden()" with calls to those routines.
Rename "proto_tree_add_item()" and "proto_tree_add_item_hidden()" to
"proto_tree_add_item_old()" and "proto_tree_add_item_hidden_old()", and
add new "proto_tree_add_item()" and "proto_tree_add_item_hidden()"
routines that don't take the item to be added as an argument - instead,
they fetch the argument from the packet whose tvbuff was handed to them,
from the offset handed to them.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2031 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Convert ethertype() and dissect_null() to use tvbuff.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1979 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Add exceptions routines.
Convert proto_tree_add_*() routines to require tvbuff_t* argument.
Convert all dissectors to pass NULL argument ("NullTVB" macro == NULL) as
the tvbuff_t* argument to proto_tree_add_*() routines.
dissect_packet() creates a tvbuff_t, wraps the next dissect call in
a TRY block, will print "Short Frame" on the proto_tree if a BoundsError
exception is caught.
The FDDI dissector is converted to use tvbuff's.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1939 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1849 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1848 f5534014-38df-0310-8fa8-9805f1628bb7
|