Age | Commit message (Collapse) | Author | Files | Lines |
|
Make "proto_is_protocol_enabled()" and "proto_get_protocol_short_name()"
take a "protocol_t *" as an argument, so they don't have to look up the
"protocol_t" - this will probably speed them up considerably, and
they're called on almost every dissector handoff.
Get rid of a number of "proto_is_protocol_enabled()" calls that aren't
necessary (dissectors called through handles, including those called
through dissector tables, or called as heuristic dissectors, aren't even
called if their protocol isn't enabled).
Change some direct dissector calls to go through handles.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8979 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Prepare/Match/FindFrame similar to chat the ConversationList has.
Only enabled for SMB and ONC-RPC at this point
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8391 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
routine ...
I am not happy with the signature for it as yet, though.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7702 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Replace "proto_item_set_len()" with "proto_item_set_end()", and get rid
of the "old_offset" variables the "proto_item_set_len()" calls required.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7634 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
fixed-length opaque data to be dissected, and add support for SGI's
variant of the ONC RPC mount protocol.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6620 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
value for a field to be used for the procedure number for that version
of the protocol; use that field, if specified, instead of just putting
in a generic "rpc.procedure" field.
Have the ypserv dissector register those fields and supply them to
"rpc_init_proc_table()". Supply -1 for other RPC programs (for now),
meaning "no such field exists".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6486 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
One example extension is rpcstat.
Try -Z rpc,rtt,100003,3 as argument to tethereal when reading a capture
containing NFSv3 packets.
tap-rpcstat.[ch] is intended to demonstrate the api and can be used to
base other extensions on.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6175 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6117 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
When we see PRTOMAP GETPORT calls for UDP, make sure all further UDP packets to or from
this port goes to the ONC-RPC dissector regardless of the port on the other side.
We need this because if there is ONC-RPC traffic going between the ONC-RPC Program port to a port which has a normal ethereal dissector, ethereal would dissect the traffic as the protocol associated with the other port instead.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5430 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5090 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5078 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
that we no longer use as of 0.9.0 (when we got rid of support for
non-tvbuffified dissectors).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5077 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"epan/..." pathnames, so as to avoid collisions with header files in any
of the directories in which we look (e.g., "proto.h", as some other
package has its own "proto.h" file which it installs in the top-level
include directory).
Don't add "-I" flags to search "epan", as that's no longer necessary
(and we want includes of "epan" headers to fail if the "epan/" is left
out, so that we don't re-introduce includes lacking "epan/").
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4586 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
related protocols.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4533 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4098 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
rid of support for them, and remove the "_tvb" from the end of the names
of RPC type dissection routines.
Update Gerald's e-mail address.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3477 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3453 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3400 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
dissector for indirect replies that looks up the call. Use them in the
portmapper/RPCBIND dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3008 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
specified program/version/procedure, and a "rpc_proc_name()" routine to
return the name of a specified program/version/procedure, and make the
callit dissector use those, rather than doing the work itself.
Un-export various routines and declarations that can again be private to
the RPC dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3007 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
dissection (dissection of V2 CALLIT calls; no V3/V4 stuff or reply
handling yet).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2994 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
either with a table of old-style dissectors or a table of tvbuffified
dissectors, and have the RPC dissector pass the appropriate arguments to
the dissectors.
Finish tvbuffifying the NLM dissector, getting rid of the last traces of
old-style dissector code.
In those routines in the NFS dissector that take new-style arguments
(because they're called from the NLM dissector), make them take an
offset as an argument, so they don't assume that they're handed a tvbuff
starting at the stuff they're supposed to dissect, and make the versions
that take old-style arguments construct a tvbuff and call the versions
that take new-style arguments. Do the latter with the routines in
"packet-rpc.c" as well.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2943 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
statements.
Move the setting of the Protocol column in various dissectors before
anything is fetched from the packet, and also clear the Info column at
that point in those and some other dissectors, so that if an exception
is thrown, the columns don't reflect the previous protocol.
Don't use
col_add_fstr(..., "%s", string);
Use
col_add_str(..., string);
as it does the same thing, but doesn't drag all the heavy *printf
machinery in.
Fix the DDTP dissector to set the Info column regardless of whether
we're building a protocol tree or not, and to set it to "Encrypted
payload" if the payload is encrypted. Also fix a typo in a field name.
Register the FTP data dissector as being associated with the FTP data
protocol, not the FTP protocol (the removed "CHECK_DISPLAY_AS_DATA()"
call checked "proto_ftp_data", and the removed "pinfo->current_proto ="
line set it to "FTP-DATA", so it should be associated with
"proto_ftp_data").
Make the H1 dissector check whether the frame has at least 2 bytes in it
before checking the first two bytes; heuristic dissectors must not throw
exceptions until they've accepted the packet as one of theirs.
Use "tvb_format_text()" rather than "tvb_get_ptr()" and "format_text()"
in some dissectors where the result of "tvb_get_ptr()" is used only in
the "format_text()" call.
In the Quake dissector, don't check whether there are at least 4 bytes
in the packet - if we return, the packet won't be dissected at all (it's
not as if some other dissector will get to handle it), and, if we don't
return, we'll throw an exception if there aren't at least 4 bytes in the
packet, so the packet will be marked as short or malformed, as
appropriate.
In the RIPng dissector, associate the table of strings for the command
field with the command field, so that the dissector doesn't have to
format the string for the protocol tree entry itself, and so that the
filter construction dialog box can let you select "Request" or
"Response" from a list rather than requiring you to know the values for
"Request" and "Response".
Make "dissect_rpc()" static, as it's called only through a heuristic
dissector list.
Use "col_set_str()" to set the COL_PROTOCOL column for RPC protocols;
the string used is from a table provided by the dissector, and is a
string constant.
Don't format the Info column for WSP into a buffer and then format that
buffer into the column with "%s" - "col_add_fstr()" can do the
formatting for you, without having to allocate your own buffer (or run
through the *printf machinery twice).
Don't fetch fields from the WTP packet until you're ready to use them,
so that you don't throw an exception before you even set the Protocol
column or clear the Info column.
Use "pinfo->destport", not "pi.destport", in the Zebra dissector when
checking whether the packet is a request or reply, and do the check by
comparing with "pinfo->match_port" rather than TCP_PORT_ZEBRA (so that
if the dissector is ever registered on another port, it still correctly
determines whether the packet is a request or reply - the Network
Monitor HTTP dissector has port 80 wired into its brain, which is a bit
irritating if you're trying to get it to dissect HTTP proxy traffic on
port 3128 or proxy administration UI traffic on port 3132).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2931 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"cleanup_dissect_rpc()".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2693 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
All ONC/RPC dissectors remain old dissectors for now but this will
change too.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2687 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2365 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
number of replies seen, keep the frame number of the first request seen
for that call and the first reply seen for that call. Use that to
determine whether a request or reply is a duplicate or not.
That means that we don't have to reset the table of RPC calls on a
rescan of the capture (which didn't even fix all the cases where we'd
have misreported the original call or reply as a duplicate due to having
seen it once on the initial pass through the file and once again when,
for example, the user clicked on the packet); doing so causes plenty of
other problems, so don't do that - and don't clear the "visited" flag on
frames on a rescan, either, as that's only done because we were clearing
out conversations and calling all protocols' "init" routines.
As a free bonus, this means that, for a reply, we know what frame the
request was in; put that information into the protocol tree for the
reply, snoop-style.
Make the table of RPC call information, and the routines that manipulate
it, static to "packet-rpc.c"; nobody outside "packet-rpc.c" uses them.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2358 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
- add <stdarg.h> or <varargs.h> in snprintf.h
and remove those inclusions in the other #ifdef NEED_SNPRINTF_H codes
- remove the check of multiple inclusions in source (.c) code
(there is a bit loss of _cpp_ performance, but I prefer the gain of
code reading and maintenance; and nowadays, disk caches and VM are
correctly optimized ;-).
- protect all (well almost) header files against multiple inclusions
- add header (i.e. GPL license) in some include files
- reorganize a bit the way header files are included:
First:
#include <system_include_files>
#include <external_package_include_files (e.g. gtk, glib etc.)>
Then
#include "ethereal_include_files"
with the correct HAVE_XXX or NEED_XXX protections.
- add some HAVE_XXX checks before including some system header files
- add the same HAVE_XXX in wiretap as in ethereal
Please forgive me, if I break something (I've only compiled and regression
tested on Linux).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2254 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
existing functions changed. So NFS was also necessary to change.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2225 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2141 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1704 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
This change allows you to add a new packet-*.c file and not cause a
recompilation of everything that #include's packet.h
Add the plugin_api.[ch] files ot the plugins/Makefile.am packaging list.
Add #define YY_NO_UNPUT 1 to the lex source so that the yyunput symbol
is not defined, squelching a compiler complaint when compiling the generated
C file.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1637 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
non-null, it returns through that argument a pointer to the displayed
version of the string, otherwise it just frees that string.
Use that to put, in the tree item for READDIR and READDIRPLUS reply
directory entry items, the file name from the directory entry.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1521 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1327 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1184 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
stuff them into shared read-only space.
Put the "VALS()" cast macro into the initialization of an
"hf_register_info" array.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1072 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1069 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
dynamically-assigned "ett_" integer values, assigned by
"proto_register_subtree_array()"; this:
obviates the need to update "packet.h" whenever you add a new
subtree type - you only have to add a call to
"proto_register_subtree_array()" to a "register" routine and an
array of pointers to "ett_", if they're not already there, and
add a pointer to the new "ett_" variable to the array, if they
are there;
would allow run-time-loaded dissectors to allocate subtree types
when they're loaded.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1043 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
dissect_rpc_string. Replaced only instance of this routine being called.
Added display filtering to rpc dissector. Replaced most instances of
proto_tree_add_text with proto_tree_add_item.
Added program version and procedure to the program tree in addition to it
being in the RPC tree.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1037 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1034 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Added stat dissector.
Enhancements to portmap dissector.
Added rpc_prog_name function to packet-rpc to retrieve the name of an
rpc program. This should likely eventually be modified to use the
/etc/rpc or rpc.bynumber NIS maps in addition to the programs that
are registered within ethereal.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1016 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Added proto_registrar_get_name routine to proto.c to retrieve the name
of particular proto_tree field.
Added dissect_rpc_string_item to packet-rpc.c. This routine does the same
thing as dissect_rpc_string, except it takes a hfindex of a
proto_tree item instead of a name. It uses the p_r_get_name call
to get the name, and adds the actual string content as a hidden
field (so that the subtree highlights the entire data area - length,
data, and padding). There is only one call to dissect_rpc_string, so
I believe that this routine should replace it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1011 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@976 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@946 f5534014-38df-0310-8fa8-9805f1628bb7
|