Age | Commit message (Collapse) | Author | Files | Lines |
|
The 5 digit file number should contain the monotonic increasing file number modulo 100000 to fit the alloted space.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21775 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18197 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
as an argument, rather than keeping the count to themselves, so the
count kept by the capturing program can be updated correctly - including
getting reset when files are switched. Fixes bug 895.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18032 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
bypass Wiretap; that means we don't have to run the packet through
wtap_process_pcap_packet() and then undo that conversion in Wiretap if
we're just going to write it out, shortening the code path.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17461 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
necessary for the switch to GTK 2.6 (at least on WIN32).
to do this, I've added file_util.h to wiretap (would file_compat.h be a better name?), and provide compat_macros like eth_open() instead of open(). While at it, move other file related things there, like #include <io.h>, definition of O_BINARY and alike, so it's all in one place.
deleted related things from config.h.win32
As of these massive changes, I'm almost certain that this will break the Unix build. I'll keep an eye on the buildbot so hopefully everything is working again soon.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16403 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
has a checkbox "Compress with gzip"
currently limited to Ethereal and all the variants of libpcap filetypes only.
We might want to add output compression support to the other tools as well (tethereal, mergecap, ...).
We might also want to add support for the other filetypes, but this is only possible if the filetype functions doesn't use special output operations like fseek.
One bug is still left: if the input and output filetypes while saving are the same, Ethereal currently optimizes this by simply copy the binary file instead of using wiretap (so it will be faster but it will ignore the compress setting).
Don't know a good workaround for this, as I don't know a way to find out if the input file is currently compressed or not. One idea might be to use a heuristic on the filesize (compared to the packet size summmary). Another workaround I see is to remove this optimization, which is of course not the way I like to do it ...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15804 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15440 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
(so if the file's gzipped, it's *NOT* the size of the file after
uncompressing), and an approximation of the amount of that data read
sequentially so far.
Use those for various progress bars and the like.
Make the fstat() in the Ascend trace reader directly use wth->fd, as
it's inside Wiretap; that gets rid of the last caller of wtap_fd() (as
we're no longer directly using fstat() or lseek() in Ethereal), so get
rid of wtap_fd().
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15437 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
-use g_snprintf instead of sprintf and snprintf
-use g_strdup_printf where appropriate
-remove #include "snprintf.h" (as only g_snprintf should be used)
-replace some more alloc/realloc/calloc/free with their glib pendants
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15264 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
rework of the -b command line parameter (for Ethereal and Tethereal)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13949 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
(decoupling dependencies)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13266 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13009 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
they have LF at the end of the line on UN*X and CR/LF on Windows;
hopefully this means that if a CR/LF version is checked in on Windows,
the CRs will be stripped so that they show up only when checked out on
Windows, not on UN*X.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11400 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
<fcntl.h> is included, as <fcntl.h> doesn't define it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11276 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
other #include related cleanups
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11272 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
fails, set "rb_data.pdh" to NULL, so we know it's not open (if
"wtap_dump_close()" fails, the wtap_dumper_t is still closed - and the
file descriptor for it is probably closed, too, as, if "close()" fails,
the FD is probably closed; the Single UNIX Specification Version 3 says
the state of the FD is unspecified, but in practice most OSes probably
still close it).
If we try to close the current file, first check to make sure it's open,
i.e. that "rb_data.pdh" is non-null. (Or perhaps we should avoid trying
to close it if the open *or* the most recent attempt to rotate the
capture files failed.)
Note that if "wtap_dump_close()" fails we might not need to close the
underlying file descriptor (and, even if we do, there's no guarantee
that attempt won't also fail and leave the FD still open - which is why
I suspect that a failed "close()" leaves the FD closed on most OSes).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11075 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
pathname.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10233 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
ringbuffer files - yes, we can fail before that's done, so we have to
check for that.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10232 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Almost completely rewritten in order to:
- be able to use a unlimited number of ringbuffer files
0 specified with -b argument or in the GUI, means that the number of file
is unlimited.
else the maximum number of ring buffer files is arbitrarily set to 1024.
- close the current file and open (truncating it) the next file at switch
- set the final file name once open (or reopen)
- avoid the deletion of files that could not be truncated (can't arise now)
and do not erase empty files
The idea behind that is to remove the limitation of the maximum # of
ringbuffer files being less than the maximum # of open fd per process
and to be able to reduce the amount of virtual memory usage (having only
one file open at most) or the amount of file system usage (by truncating
the files at switch and not the capture stop, and by closing them which
makes possible their move or deletion after a switch).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7912 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
It can sometimes happen that capturing is stopped just after Ethereal
has switched to a new ring buffer. The result is that no frames
are displayed. The patch to ringbuffer.c displays the previous ring
buffer if the current buffer is empty on close.
The patch to capture.c fixes a bug where an error return from
ringbuf_wtap_dump_close was ignored, and tidies up the code around
the call.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6315 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6117 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
equivalents for the toplevel directory. The removal of winsock2.h will
hopefully not cause any problems under MSVC++, as those files using
struct timeval still include wtap.h, which still includes winsock2.h.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5932 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
writing a capture to a FIFO, and improve the error checking for ring
buffers.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5745 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
it fails.
"wtap_dump_close()" allows you to pass a null pointer as the second
argument, so an error value isn't returned; use that in the cleanup
routine, as we don't care whether the closes fail.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5386 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
files to get that big.
From Thomas Wittwer and Matthias Nyffenegger:
Support for "ring buffer mode", wherein there's a ring buffer of N
capture files; as each capture file reaches its maximum size (the ring
buffer works only with a maximum capture file size specified), Ethereal
rolls over to the next capture file in the ring buffer, replacing
whatever packets might be in it with new packets.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4324 f5534014-38df-0310-8fa8-9805f1628bb7
|