| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
one byte in the hexdump.
svn path=/trunk/; revision=600
|
|
the IP layer, leaving the lower layer's abbreviation in the protocol column.
svn path=/trunk/; revision=599
|
|
svn path=/trunk/; revision=585
|
|
were printed in the wrong byteorder.
svn path=/trunk/; revision=539
|
|
bunch of source files.
Replace the "payload" field of a "packet_info" structure with "len" and
"captured_len" fields, which contain the total packet length and total
captured packet length (including all headers) at the current protocol
layer (i.e., if a given layer has a length field, and that length field
says its shorter than the length we got from the capture, reduce the
"pi.len" and "pi.captured_len" values appropriately). Those fields can
be used in the future if we add checks to make sure a field we're
extracting from a packet doesn't go past the end of the packet, or past
the captured part of the packet.
Get rid of the additional payload argument to some dissection functions;
use "pi.captured_len - offset" instead.
Have the END_OF_FRAME macro use "pi.captured_len" rather than
"fd->cap_len", so that "dissect the rest of the frame" becomes "dissect
the rest of the packet", and doesn't dissect end-of-frame padding such
as padding added to make an Ethernet frame 60 or more octets long. (We
might want to rename it END_OF_PACKET; if we ever want to label the
end-of-frame padding for the benefit of people curious what that extra
gunk is, we could have a separate END_OF_FRAME macro that uses
"fd->cap_len".)
svn path=/trunk/; revision=506
|
|
svn path=/trunk/; revision=505
|
|
capture is in progress.
svn path=/trunk/; revision=491
|
|
svn path=/trunk/; revision=458
|
|
Required packets.
svn path=/trunk/; revision=455
|
|
"proto_tree_add_item()" call (and fix the length passed to it, which, it
appears, has been wrong for ages).
svn path=/trunk/; revision=439
|
|
string pointer from the result of ip_to_str (statically allocated string).
Use the ip_src and the new field ip_dst in follow.c to build a correct
string display filter.
svn path=/trunk/; revision=408
|
|
allowing users to filter on the existence of these protocols. I also
added packet-clip.c to the Nmake makefile.
svn path=/trunk/; revision=402
|
|
Added the protocol IDs for ipx and IGMP, but not their fields.
svn path=/trunk/; revision=365
|
|
suggestion, this new method using a static array should use less memory
and be faster. It also has a nice side-effect of making the source-code
more readble, IMHO.
Changed the print routines to look for protocol proto_data instead of
looking at the text label as they did before, hoping that the data hex
dump field item starts with "Data (".
Added the -G keyword to ethereal to make it dump a glossary of display
filter keywords to stdout and exit. This data is then formatted with
the doc/dfilter2pod perl program to pod format, which is combined
with doc/ethereal.pod.template to create doc/ethereal.pod, from which
the ethereal manpage is created. This way we can keep the manpage up-to-date
with a list of fields that can be filtered on.
svn path=/trunk/; revision=364
|
|
new proto_tree routines. I also removed the check for lex and yacc from
wiretap's configure script. The IP dissector now uses
proto_register_field_array().
svn path=/trunk/; revision=348
|
|
mechanism that is built into ethereal. Wiretap is now used to read all
file formats. Libpcap is used only for capturing.
svn path=/trunk/; revision=342
|
|
were printing values in hex. The lack of "0x" in fron of the hex numbers
made me think the values were decimal, causing me to waste a bit of time
during debugging.
svn path=/trunk/; revision=323
|
|
svn path=/trunk/; revision=304
|
|
svn path=/trunk/; revision=303
|
|
solicitations).
svn path=/trunk/; revision=295
|
|
svn path=/trunk/; revision=283
|
|
svn path=/trunk/; revision=237
|
|
by accident -> It should be displayed correctly with this fix
svn path=/trunk/; revision=234
|
|
proto*() functions. The configure script tries to use ipv6 name resolution if
it knows the type of ipv6 stack the user has (this can be avoided with the
--disable-ipv6 switch) Additionally, the configure script now deals with wiretap
better. If the user doesn't want to compile wiretap, the wiretap is never
visited. A few unnecessary #includes were removed from some wiretap files, and
a CPP macro was moved from bpf.c to wtap.h.
svn path=/trunk/; revision=229
|
|
reference the protocol tree with struct proto_tree and struct proto_item
objects. That way, the packet decoding source code file can be used with
non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged
some of the information in packet.h to more appropriate places (like other
packet-*.[ch] files).
svn path=/trunk/; revision=223
|
|
svn path=/trunk/; revision=213
|
|
they're not used outside this file.
Compute their sizes with the standard "number of elements in an array" C
idiom, rather than hardcoding them as numbers.
Add the "information request" and "information reply" ICMP packet types.
svn path=/trunk/; revision=212
|
|
update the packet counts and percentages in the dialog box popped up
during a capture, even for non-Ethernet captures.
svn path=/trunk/; revision=184
|
|
of variable as a bit field container. ANSI specs only allow unsigned ints
to host bit fields; IBM's C compiler is very ANSI-strict.
svn path=/trunk/; revision=183
|
|
* Added Joerg to the AUTHORS file
* Added Guy's bitfield decode patch
* Fixed time output
svn path=/trunk/; revision=142
|
|
* Added check_col(), add_col_str() and add_col_fmt() to replace references
to ft->win_info.
* Added column prefs handling code.
svn path=/trunk/; revision=97
|
|
because it is still in its infancy, but it can be compiled in optionally.
The library exists in its own subdirectory ethereal/wiretap. This patch also
edits all the packet-*.c files to remove the #include <pcap.h> line which is
unnecessary in these files. In the ethereal code, file.c is the most heavily
modified with #ifdef WITH_WIRETAP lines for the optional library.
svn path=/trunk/; revision=82
|
|
1455.
Make the arguments to "val_to_str()" and "match_strval()" that
point to things those routines don't modify pointers to "const",
and make the "value_string" tables passed into those routines in
"packet-ip.c" "const".
svn path=/trunk/; revision=72
|
|
it returns NULL, formats the value with the format passed in as
an argument, and returns a pointer to that static buffer.
Change several "match_strval()" calls to use "val_to_str()".
In "dissect_ospf()", use "match_strval()" to look up the packet
type, and use "Unknown" if it doesn't find a match.
svn path=/trunk/; revision=66
|
|
* Hacks to the filter interface (Gerald)
* About box (Laurent)
* AppleTalk support (Simon)
* Mods to the match_strval routine (Gerald)
svn path=/trunk/; revision=61
|
|
1883, it should, perhaps with some additions, be able to handle IPv6
options as well).
Make the IPv4 and TCP dissectors use it.
Fix a typo in the IP dissector ("Unknon" for "Unknown").
Show the IP and TCP header lengths as byte counts rather than
4-byte-word counts.
Show the protocol field value of an IP header as a name if it's a
protocol we know about.
List the acknowledgment and urgent pointer values in a TCP header only
if the corresponding flag is set.
Make the ETT_ values members of an enum, so that the compiler
automatically assigns them sequential integer values (at least if said
compiler conforms to the ANSI C standard).
svn path=/trunk/; revision=45
|
|
svn path=/trunk/; revision=37
|
|
* FDDI support (Laurent, Guy)
svn path=/trunk/; revision=36
|
|
generalizes the column printing code, adds a "frame" tree item to
the tree view, and fixes a bunch of miscellaneous coding bugs.
svn path=/trunk/; revision=31
|
|
svn path=/trunk/; revision=10
|
|
svn path=/trunk/; revision=7
|
|
svn path=/trunk/; revision=2
|
