| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Make the Ethereal "decode as" stuff not blow up with string dissector
tables.
Selectors for uint dissector tables are unsigned, not signed.
svn path=/trunk/; revision=8408
|
|
"-D" output, and support interface indices as arguments to "-i",
tcpdump-style.
svn path=/trunk/; revision=8402
|
|
Ethereal presents a column to display culmulative bytes into the capture.
A new column type is added : Culmulative Bytes.
While PacketLength column type specifies the number of bytes in the current packet,
Culmulative Bytes specifies the culmulative number of bytes from the start of the capture.
svn path=/trunk/; revision=8359
|
|
a list of disabled protocols, and to save that list from the Edit >
Protocols dialog box.
Add checks for read errors in "read_prefs()".
Clean up white space.
svn path=/trunk/; revision=8144
|
|
svn path=/trunk/; revision=8084
|
|
don't assume that a dissector handle has a protocol associated
with it (there's none for the "OSI network layer" dissector, for
example, as that dissector hands off to one of several protocols
based on the NLPID);
rename a few functions to have names that better explain what
they do;
have separate functions to show all the layer types (dissector
tables) and to show all the protocols supported for a layer
type, and have both of them take, as an argument, the standard
I/O stream to which they should write;
improve the parser for the "-d" option to give more information
on errors;
fix up some comments.
svn path=/trunk/; revision=7949
|
|
Almost completely rewritten in order to:
- be able to use a unlimited number of ringbuffer files
0 specified with -b argument or in the GUI, means that the number of file
is unlimited.
else the maximum number of ring buffer files is arbitrarily set to 1024.
- close the current file and open (truncating it) the next file at switch
- set the final file name once open (or reopen)
- avoid the deletion of files that could not be truncated (can't arise now)
and do not erase empty files
The idea behind that is to remove the limitation of the maximum # of
ringbuffer files being less than the maximum # of open fd per process
and to be able to reduce the amount of virtual memory usage (having only
one file open at most) or the amount of file system usage (by truncating
the files at switch and not the capture stop, and by closing them which
makes possible their move or deletion after a switch).
svn path=/trunk/; revision=7912
|
|
svn path=/trunk/; revision=7870
|
|
Add a new routine to iterate through all dissector tables, calling a
routine for each table, to support having the "-d" code list all
dissector tables.
Get rid of "dissector_handle_get_dissector_name()"; it was put in there
for "-d", but turns out not to be necessary for that.
Clean up the usage message a bit (using the convention, adhered to by at
least some UNIX utilities, of listing all the flags with no arguments in
a single lump, and then listing the ones with arguments individually,
and also putting "-v" and "-h" in a separate lump, as Ethereal does).
svn path=/trunk/; revision=7788
|
|
svn path=/trunk/; revision=7682
|
|
when the new "Rotate capture file every n second(s)" checkbox or the
-b <# of file>[:<duration>] argument are used, [t]ethereal will skip to the
next ring buffer file if the specified duration has elapsed (even if the
specified capture size is not reached). This is useful when you want to have
separate capture files per hour or day for instance.
I let the autostop filesize parameter mandatory (i.e. the "rotate capture
file after n kilobytes") but this could be no longer strictly necessary when
that new feature is used ...
Another point: it might be interesting to really truncate the file at the
switch and not the closure ... According to user comments and my own real
case tests, I might plan to enhance this point and others (still ring buffer
related) in the future.
svn path=/trunk/; revision=7678
|
|
in all signal handlers that could modify it (i.e. by calling system
calls or worst standard C library functions).
Else the following code for instance is buggy if a signal arises between
the tests:
if (system_call() == -1) {
if (errno == Exxx) {
...
} else {
...
}
}
And MANY (open source or not) programs are broken that way ...
svn path=/trunk/; revision=7664
|
|
Support can be enabled at configure time by using "--with-adns=DIR".
If support is enabled, async queries happen whenever host name resolution
is enabled. Do we need a separate preference for async queries?
Currently, only IPv4 reverse queries are supported. I can add IPv4 forward
lookup support, but I don't have any way to test IPv6 queries.
svn path=/trunk/; revision=7640
|
|
registration routines, for taps with menu items (taps that can be run
from the "Tools->Statistics" menu), create the menu item for the tap.
"make-tapreg-dotc" constructs a "register_all_tap_menus()" function that
calls all the tap menu item registration routines it finds, and Ethereal
calls that routine after the main window has been constructed (so that
the main menu exists, as the menu items are added to it). (Tethereal
doesn't call it.)
Get rid of the "menu" and "menu_init" arguments to
"register_ethereal_tap"; the menu item is registered in the tap's menu
item registration routine, not in its main registration routine.
Have the RTP GUI tap register its menu item that way, rather than by
having it compiled into "gtk/menu.c". (We're not ready yet to have taps
whose menu items are under a submenu register themselves in that
fashion, as "register_tap_menu_item()" can't yet create submenus.)
svn path=/trunk/; revision=7540
|
|
structure into its own routine; rename "col_init()" to "col_setup()",
and call the new routine "col_init()".
svn path=/trunk/; revision=7467
|
|
to "protect" what's currently in the column, so that attempts to clear
the column will only clear stuff after the fence and attempts to
overwrite the column will append stuff after the fence. This, for
example, allows a dissector to arrange that the Info column contain
information for its protocol and for protocols running atop it.
svn path=/trunk/; revision=7466
|
|
separate line, and to put the "running with" info on a separate line
from that, to make the output narrower.
svn path=/trunk/; revision=7344
|
|
Ethereal/Tethereal was linked into a common routine, and use that in
both Ethereal and Tethereal.
Add to that routine code to get OS version information.
svn path=/trunk/; revision=7320
|
|
message, to make the margins more even and to bring the second line
under 80 characters. (It's amazing how long Herman Hollerith's legacy
has lasted....)
svn path=/trunk/; revision=6835
|
|
svn path=/trunk/; revision=6834
|
|
svn path=/trunk/; revision=6833
|
|
Use _WIN32 rather than WIN32 throughout (both of them appear to work - I
don't know whether one is the "right" one to use and, if one is, which
one it is - and they're both used in Ethereal, but let's at least be
consistent within a given file).
Update the capture device open failure message on Windows not to say
Token Ring devices aren't supported - current versions of WinPcap do
support it, and the Ethereal message was updated, but the Tethereal one
wasn't.
Fix up the Tethereal code to match the Ethereal code a bit more, so that
we go to "error" on Windows if the capture device open fails, and so
that the code actually compiles on Windows. Fix up the indentation
while we're at it.
svn path=/trunk/; revision=6829
|
|
Fix up the documentation of the "-i" flag in the Ethereal man page to
note only that "netstat -i" and "ifconfig -a" *might* work, to
specifically note that not all UNIXes support the "-a" flag to
"ifconfig", and to note that pipe data must be in *standard* libpcap
format.
Document the support for pipes in the "-i" flag in Tethereal.
svn path=/trunk/; revision=6822
|
|
qualifiers as necessary to ensure that we don't have to.
"strcmp()", "strcasecmp()", and "memcmp()" don't return booleans; don't
test their results as if they did.
Use "guint8", not "guchar", for a pointer to (one or more) 8-bit bytes.
Update Michael Tuexen's e-mail address.
svn path=/trunk/; revision=6726
|
|
Instead of setting MIBDIRS in tethereal.c and gtk/main.c, set it in
packet-snmp.c.
svn path=/trunk/; revision=6606
|
|
svn path=/trunk/; revision=6590
|
|
tethereal forgot to tell epan_dissect_new() to build a tree
svn path=/trunk/; revision=6529
|
|
and generate the table of stuff to register from tap source files, so
Tethereal doesn't need to know what tap listeners exist.
Get rid of "tap-xxx.h" files, as they're now empty.
Add "tethereal-tap-register.c" to the .cvsignore file, as it's a new
generated file.
Update "Makefile.nmake" to generate "tethereal-tap-register.c".
Clean up "Makefile.am" and "Makefile.nmake" a bit.
svn path=/trunk/; revision=6525
|
|
that causes us to report that no packets were captured if you ^C out of
a capture.
svn path=/trunk/; revision=6523
|
|
<ucd-snmp/version.h>, so get rid of the stuff to check for its presence
and handle its absence.
svn path=/trunk/; revision=6503
|
|
building with an SNMP library.
If we have Net-SNMP, include <net-snmp/version.h>, not
<ucd-snmp/version.h>.
Don't include any of the SNMP headers unless HAVE_SOME_SNMP is defined.
Include <net-snmp/config_api.h> if we have Net-SNMP, to declare
"read_premib_configs()" and "read_configs()".
Supply the include directories for Net-SNMP in the Makefile.nmake for
GTK 1.2 and GTK 2.
svn path=/trunk/; revision=6493
|
|
Define HAVE_SOME_SNMP if either HAVE_UCD_SNMP or HAVE_NET_SNMP
is defined, and use HAVE_SOME_SNMP, rather than HAVE_UCD_SNMP,
in most places when testing whether we have an SNMP library or
not.
Be more selective when including Net-SNMP header files.
Fix up {gtk,gtk2}/main.c to do the same SNMP stuff that tethereal.c
does - including the MIB stuff that gtk/main.c was doing but gtk2/main.c
wasn't doing.
Fix the copyright date in gtk/main.c.
svn path=/trunk/; revision=6483
|
|
svn path=/trunk/; revision=6479
|
|
that up to its callers, so only one dissection need be done when reading
a capture file.
svn path=/trunk/; revision=6442
|
|
In gtk/main.c and tethereal.c set MIBDIRS to <get_program_path()>\snmp\mibs
so that we can drop the MIB files there, instead of the default c:\usr\...
path.
Add NET_SNMP_DIR to config.nmake and modify Makefile.nmake to adjust
CFLAGs, ethereal_LIBS and tethereal_LIBS accordingly.
Define HAVE_UCD_SNMP in config.h.win32.
I tested this by creating c:\program files\ethereal\snmp\mibs and
dropping in the MIB files that come with Net-SNMP. Ethereal resolved
system.sysDescr.0 to "iso.3.6.1.2.1.1.1.0" under Windows. Under Linux
it resolved to "SNMPv2-MIB::sysDescr.0".
Ethereal.nsi still needs to be updated.
A compiled version of the Net-SNMP library can be found at
http://www.ethereal.com/distribution/win32/development/
svn path=/trunk/; revision=6385
|
|
Update gtk and gtk2 versions of RPC_STAT to allow a filter string to be specified on both the command line as well as the GUI.
Update the documentation for ethereal to reflect this.
svn path=/trunk/; revision=6343
|
|
optional extra parameter.
This makes it possible to generate any types of stats based on user defined subsets of the capture.
Try -z rpc,rtt,100003,3,nfs.fh.hash==0x12345678
NFS rtt statistics for a specific file.
svn path=/trunk/; revision=6337
|
|
svn path=/trunk/; revision=6202
|
|
try: -z rpc,programs
svn path=/trunk/; revision=6190
|
|
modified while the draw thread is walking it.
Changed the cmdline switch to -z so the same one can be used both for
ethereal and tethereal.
Updated man pages to reflect the RPCSTAT feature.
(Try this with Tools/Statistics/ONC-RPC/RTT and load a capture containing
onc-rpc. )
svn path=/trunk/; revision=6189
|
|
One example extension is rpcstat.
Try -Z rpc,rtt,100003,3 as argument to tethereal when reading a capture
containing NFSv3 packets.
tap-rpcstat.[ch] is intended to demonstrate the api and can be used to
base other extensions on.
svn path=/trunk/; revision=6175
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
svn path=/trunk/; revision=6117
|
|
packets in real time feature.
svn path=/trunk/; revision=6034
|
|
equivalents for the toplevel directory. The removal of winsock2.h will
hopefully not cause any problems under MSVC++, as those files using
struct timeval still include wtap.h, which still includes winsock2.h.
svn path=/trunk/; revision=5932
|
|
from the get_persconffile_path mess).
svn path=/trunk/; revision=5927
|
|
and some compile errors in Tethereal, when compiling without libpcap.
If libpcap is missing (whether that's detected at compile time or, as on
Windows, at run time), don't call any of the "capture_prefs" routines -
the routine to create the capture preferences page wasn't called, so the
other routines can try to refer to non-existent widgets and other items
and crash.
Get rid of the stub routines in "capture_prefs()" used when compiling
without libpcap, as they're no longer called.
svn path=/trunk/; revision=5888
|
|
Allow "-" as the output file name in Wiretap, referring to the
standard error.
Optimize the capture loop.
Fix some of the error-message printing code in Ethereal and Tethereal.
Have Wiretap check whether it can seek on a file descriptor, and pass
the results of that test to the file-type-specific "open for output"
routine. Have the "open for output" routines for files where we need to
seek when writing the file return an error if seeks don't work.
svn path=/trunk/; revision=5884
|
|
the command-line options are processed, so that we don't crash if you've
set the "column.format" preference from the command line.
Fix a grammaro in a comment.
svn path=/trunk/; revision=5838
|
|
pass a non-zero count to "pcap_dispatch()" when possible;
fix the check after "test_for_fifo()";
if there's a maximum file size, we're definitely saving to a
file, so don't bother checking "ld.pdh", as it won't be null;
if writing to a FIFO, flush after "pcap_dispatch()" returns,
rather than after every packet, so we don't do as many writes to
the FIFO.
svn path=/trunk/; revision=5805
|
|
supported in Win32 applications; use the native Win32 mechanism for
catching ^C (and other events that would terminate a program running in
a console window).
That mechanism (and the signal mechanism in the MSVC++ C run-time) cause
the handler to be run in a separate thread, so it can't just do a
longjmp. Fortunately, WinPcap's packet-dispatch loop, unlike the
libpcap loop on some UNIX platforms, can be interrupted by ^C, so we
don't have to do the longjmp there - we can just set "ld.go" to FALSE to
terminate the capture loop.
svn path=/trunk/; revision=5776
|
