| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
1875). The man page already states this
svn path=/trunk/; revision=23014
|
|
fix Buildbot.
svn path=/trunk/; revision=23003
|
|
We can simply block waiting for input from the child process because we are
in a CLI that does not need to worry about updating a GUI while we're waiting
for packets and so forth.
Before I realized that I wrote a working (for me) method using select() that
I've left in for now (#ifdef'd out).
svn path=/trunk/; revision=22999
|
|
whatever reason), try to use g_static_mutex_init() instead
svn path=/trunk/; revision=22977
|
|
svn path=/trunk/; revision=22975
|
|
svn path=/trunk/; revision=22974
|
|
rewrite the tshark capture code almost completely, to use dumpcap instead of it's own pcap functionality.
This works on Win32 and should work on unix/linux (but I'm not sure here). Some stuff needs to be cleaned up, some more may need to be rewritten to specifically work with unix/win32. Futher work needs to be done at:
1. read filters (simply document current behaviour?)
2. event loop polling
3. privileges
4. code cleanup (e.g. in capture_loop.c)
Be prepared that tshark might not work as before / expected at least in the next days!
svn path=/trunk/; revision=22969
|
|
fetch the major OS version. If we're running Windows >= 6 (Vista)
_and_ npf.sys isn't running, warn the user in Wireshark and TShark.
Add a recent prefs item to disable the warning in Wireshark.
svn path=/trunk/; revision=22877
|
|
setuid instead of Wireshark. Remove the "DANGEROUS" notices, but leave it
disabled by default. Whine if the user runs Wireshark or TShark as root.
Add a preference to disable the whining. Add a "setuid-root" script that
can be used to switch dumpcap and TShark's setuid-ness on and off for
development and testing. Update the release notes and README.packaging.
svn path=/trunk/; revision=22733
|
|
Try to call get_interface_descriptive_name() as little as possible (storing
the result in capture_opts) to avoid a performance hit during live capture
(especially if you have lots of interfaces) and to avoid leaking memory.
One issue with this is that capture_opts.c cannot (without adding significant
dependencies) set the iface_descr so readers of that field (only gtk/main.c
and tshark.c) use a macro to (set if not already set and) get the value of
that field.
svn path=/trunk/; revision=22587
|
|
encap type is registered the plugin probably needs it before reg_handoff)
svn path=/trunk/; revision=22461
|
|
that "-D" and "-L" should produce machine-readable output. Use this to
move an indirect get_pcap_linktype() call from the GUI to dumpcap.
svn path=/trunk/; revision=22367
|
|
Add a capture_interface_list(), which works similar to
get_interface_list() except that it forks dumpcap instead of calling
the pcap routines directly. Use it in the GUI.
Add a "-I" flag to dumpcap, which prints out verbose interface
information.
Tested under Windows and Linux.
svn path=/trunk/; revision=22071
|
|
it's a pointer to an arbitrary object, assumed to be correctly aligned,
not a pointer to a not-necessarily-properly-aligned array of bytes.
Cast it, so we won't get alignment warnings.
svn path=/trunk/; revision=21940
|
|
epan/filesystem.c
have get_plugin_dir() calling init_plugin_dir() if necessary
epan/epan.c and epan/report_err.c
move the report_failure family into the new report_err.c file, have epan_init() calling the initializer
epan/plugins.h and epan/proto.c
do not have init_plugins() calling the proto_reg functions instead do it in init_proto()
gtk/main.c and tshark.c
init_plugin_dir() has become suprefluous
capinfos.c and editcap.c
load the wiretap plugins
Makefiles
do what's needed to build withe the above changes.
svn path=/trunk/; revision=21935
|
|
Output preamble and finale on live capture.
svn path=/trunk/; revision=21930
|
|
svn path=/trunk/; revision=21928
|
|
Fix for bug #1056
svn path=/trunk/; revision=21867
|
|
WIRESHARK_RUN_FROM_BUILD_DIRECTORY is set and, if so and we weren't run
with special privileges, set the running_in_build_directory_flag. Have
it do the same if it finds ".libs" in the pathname of the program and we
weren't run with special privileges, as that means it was probably run
from the libtool wrapper script and presumably thus isn't an installed
binary.
This means that get_credential_info() has to be called before
init_progfile_dir().
Clean up some indentation.
svn path=/trunk/; revision=21866
|
|
The splash screen shows a progress bar and a percentage complete - like the progress dialog.
As dissectors are initialised and handed off the name is shown. However, the names of plugin dissectors are not shown.
The update to the make-dissector-reg shell script has been tested, though I think generally the python version is used.
svn path=/trunk/; revision=21716
|
|
--enable-extra-gcc-checks set.
If we turn on -pedantic, try turning on -Wno-long-long as well, so that
it's not *so* pedantic that it rejects the 64-bit integral data types
that we explicitly require.
Constify a bunch of stuff, and make some other changes, to get rid of
warnings.
Clean up some indentation.
svn path=/trunk/; revision=21526
|
|
svn path=/trunk/; revision=21330
|
|
Update also the code path for when not compiling with pcap so that code path also
uses the new signature.
svn path=/trunk/; revision=21219
|
|
The purpose of the patch is to provide a new output format (so it is
independent of -V): single line record per-packet with the fields chosen by the
user, with configuration options to control separator, quoting and whether a
header line is printed. It also extends some existing options behaviour (-c and
-a:filesize) so that they affect reading a file as well as writing one, so that
only the first <n> packets or bytes are read).
svn path=/trunk/; revision=21211
|
|
Fix for bug #491: Unexpected frame.time_delta behavior
This patch ... fixes bug 491. It does this by changing the
behaviour of the frame.time_delta field so it reflects the delta
time between captured packets (tshark already did this). To keep
the delta time between displayed packets, the field
frame.time_delta_displayed is created.
svn path=/trunk/; revision=21154
|
|
testing for the "duration specified" variable along with the "maximum
file size" variable.
svn path=/trunk/; revision=20950
|
|
svn path=/trunk/; revision=20863
|
|
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1289
Rename 'svnversion' to 'wireshark_svnversion' to resolve a symbol conflict with
GTK 2.10.6 (hmm, shouldn't GTK not be exporting that symbol or at least naming
it so as to prevent such collisions? Well, so should we, so...)
From Andreas Fink: change #ifdef for size_t in airdcap_interop.h to fix
compile on MacOS X.
svn path=/trunk/; revision=20726
|
|
svn path=/trunk/; revision=20664
|
|
G_LOG_LEVEL_ERROR|G_LOG_LEVEL_CRITICAL|G_LOG_FLAG_FATAL|G_LOG_FLAG_RECURSION to log_func_ignore() so that error messages from g_assert() get printed (by glib's default handler). Without this change developers only get a message saying the program aborted and maybe (if they're lucky^H^H^H^H^Hconfigured correctly) a core file. The latter would allow them to find out what went wrong but it would be much easier to just see the error message.
svn path=/trunk/; revision=20647
|
|
if set, and if the program isn't running with additional privileges,
it'll treat the directory in which the program is found as the data
directory.
If, on Windows, the version-number subdirectory of {data
directory}\plugins doesn't exist (which is assumed to mean that the
program is being run from the build directory), or if, on UN*X,
WIRESHARK_RUN_FROM_BUILD_DIRECTORY is set, the plugin directory is the
"plugins" subdirectory of the data directory, and all subdirectories of
that directory are scanned for plugins, as the "plugins" subdirectory of
the build directory contains subdirectories for the plugins; this means
that if we're running from the build directory, we'll find the plugins
we built in the build tree.
When generating the wireshark-filter man page, run tshark with
WIRESHARK_RUN_FROM_BUILD_DIRECTORY set, so it uses the plugins from the
build to generate the list of filters.
svn path=/trunk/; revision=20261
|
|
svn path=/trunk/; revision=20207
|
|
by myself:
Corrected patch; epan/column.c and epan/column_utils.c were not included. This
one has now been properly tested against a clean checkout of today's code.
- New menu option available under view\time display format
- New sub-option (e) to -t switch for both wireshark and tshark
- Extended recent settings code to handle new value
- Did NOT add new explicit epoch time column
svn path=/trunk/; revision=20040
|
|
usage description (-h).
svn path=/trunk/; revision=19962
|
|
that uses libwireshark.
svn path=/trunk/; revision=19940
|
|
including dftest - will get the GUID table initialized (which anything
that needs libwireshark needs to have happen, so dissectors can register
GUIDs in that table).
svn path=/trunk/; revision=19939
|
|
svn path=/trunk/; revision=19938
|
|
handle files > 2GB correct.
Please distclean Win32 builds!
svn path=/trunk/; revision=19814
|
|
and add version info for AirPcap. Add a corresponding
get_gui_runtime_info(). Fix up whitespace.
svn path=/trunk/; revision=19620
|
|
the code that displays it - we might, for example, be able to have the
About dialog word-wrap to the appropriate size, and word-wrap text
printed to the standard output to the terminal width if it's going to a
terminal and to 80 or whatever columns otherwise.)
Don't report anything in dumpcap about libraries not used by dumpcap.
(It was printing a blank, which looked a bit weird.)
Fix the handling of _MSC_VER as per Gerald's fix for _MSC_FULL_VER.
svn path=/trunk/; revision=19618
|
|
version string, so the information comes out right for applications that
don't use Portaudio.
Get rid of an extra "with" in the version string for dumpcap.
Get rid of an extra blank after the libpcap version string, and get rid
of an extra newline before it.
Attempt to add more compiler version information and to prettify the
MSVC++ version information (both untested).
svn path=/trunk/; revision=19613
|
|
> [tshark from a fifo]
> Ulf - I notice you made the relevant change here (r16787) - is there any reason why tshark shouldn't use capture_loop_dispatch to do its processing, rather than attempting to use cap_pipe_dispatch or pcap_dispatch directly?
well, there didn't seem to be, so I've made a patch which does exactly this, and which fixes the problem.
svn path=/trunk/; revision=19456
|
|
in last year by Gianluca Varenni.
Add partial support for reading from named pipes (currently disabled).
Move utf_8to16() and utf_16to8() to a separate module (unicode-utils.[ch])
so that we don't have to cut and paste code in dumpcap.c.
Fix up whitespace.
svn path=/trunk/; revision=19291
|
|
that obviates the need to check for a null capture filter string, and
fixes bug 1055.
Keep track of whether it was set from the command line, though, so we
can catch attempts to set the filter more than once, and attempts to set
it when we're not capturing.
Clean up white space.
svn path=/trunk/; revision=19047
|
|
pointer, so we can determine whether a capture filter has been set or
not.
Use that to check in TShark whether the user specified a filter with
"-f" or not, rather than using the no-longer-set
"capture_filter_specified" variable.
Also, check for multiple "-f" options.
If no capture filter is specified, use a null string, to work around
broken versions of Linux libpcap.
svn path=/trunk/; revision=18989
|
|
other protocols such as ldap and smb/smb2
move the initialization of the guid mapping table from the dcerpc dissector to a more neutral place
svn path=/trunk/; revision=18947
|
|
I believe this is a typo in the command line help for the -i option:
Usage: wireshark [options] ... [ <infile> ]
Capture interface:
-i <interface> name or idx of interface (def: first none
loopback)
Shouldn't that read "first non-loopback" ?
svn path=/trunk/; revision=18813
|
|
to get the directory where the data files are stored, and on UN*X we
might have an option in the future to have it search there for data
files, to make it easier to run WireShark/TShark from the build
directory and have it find plugins, etc..
svn path=/trunk/; revision=18622
|
|
svn path=/trunk/; revision=18310
|
|
svn path=/trunk/; revision=18268
|
