Age | Commit message (Collapse) | Author | Files | Lines |
|
svn path=/trunk/; revision=36008
|
|
free uninitialized memory.
See also: bug 5652.
svn path=/trunk/; revision=35791
|
|
UTF-8 where we don't already do so. In Wireshark use g_utf16_to_utf8
instead of utf_16to8. This should fix bug 5520.
svn path=/trunk/; revision=35411
|
|
svn path=/trunk/; revision=35248
|
|
keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
|
|
the file system.
\tshark -f "port 53" -a duration:1 -z proto,col info,dns.qry.type,dns.qry.type
svn path=/trunk/; revision=34791
|
|
svn path=/trunk/; revision=34601
|
|
indentation.
svn path=/trunk/; revision=34487
|
|
svn path=/trunk/; revision=34137
|
|
svn path=/trunk/; revision=33555
|
|
libwireshark into libwireshark, and call it only in programs linked with
libwireshark. That way, programs that don't link with libwireshark
don't have to link with libgcrypt or libgnutls solely so that they can
say that they're linked with a particular version of libgcrypt or
libgnutls.
Don't link dumpcap with libgcrypt or libgnutls any more.
svn path=/trunk/; revision=33531
|
|
(when using tshark -T fields)
svn path=/trunk/; revision=33529
|
|
svn path=/trunk/; revision=33527
|
|
svn path=/trunk/; revision=33511
|
|
so we give a non-zero exit status for invalid interfaces or capture
filters.
From me: don't exit immediately if dumpcap failed, print out information
from taps and the like.
svn path=/trunk/; revision=33393
|
|
for Wireshark but not TShark. Apply the fix to TShark as well. Fixes bug
4916.
svn path=/trunk/; revision=33327
|
|
The attached patch simply documents a long supported but hidden tshark -G
option.
Tshark's print_usage() has been augmented as well as the tshark man page.
svn path=/trunk/; revision=33253
|
|
same works only on UN*X; note that, and don't bother compiling it on
Windows.
svn path=/trunk/; revision=33125
|
|
taps, etc., so we at least print the statistics for the packets we
*could* read.
Also, if we're printing packet data, and the standard output and
standard error are going to the same place, before printing the error
message for that error, flush the standard output and print a newline to
the standard error, so the error appears after all the packet data, and
has a newline separating it from the packet data.
This fixes bug 4845.
svn path=/trunk/; revision=33124
|
|
Fix the no-libpcap build.
svn path=/trunk/; revision=33103
|
|
svn path=/trunk/; revision=33100
|
|
back out the change to check its return value until we fix that.
Also back out the test suite changes to look for an error exit for
invalid capture filters and interfaces.
svn path=/trunk/; revision=33029
|
|
svn path=/trunk/; revision=33012
|
|
Return 2 for a capture error - we mainly use 1 for command-line syntax
errors (rather than, say, filter syntax errors or an invalid interface).
Now that TShark exits with an error status when given an invalid capture
filter or invalid interface, check for "error" rather than "success" as
an exit status.
svn path=/trunk/; revision=33006
|
|
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4735
svn path=/trunk/; revision=33004
|
|
capturing, and thus even when we build without pcap.
svn path=/trunk/; revision=32988
|
|
is just an indication that the capture child exited; don't treat it as
an error, unless the child process exits with an abnormal status.
As tshark sends a "stop capture" indication to the child when it's
^C'ed, the child will exit and we'll get an EOF from the capture pipe;
don't make SIGINT etc. interrupt system calls, so they don't cause reads
from the capture pipe to get EINTR errors.
svn path=/trunk/; revision=32986
|
|
Make SIGINFO a restart-the-system-call signal, so reads etc. don't
return an error.
svn path=/trunk/; revision=32968
|
|
svn path=/trunk/; revision=32964
|
|
svn path=/trunk/; revision=32959
|
|
and add support for SIGINFO, so, if your OS supports SIGINFO, you can
get the packet count by typing ^T.
svn path=/trunk/; revision=32958
|
|
svn path=/trunk/; revision=32886
|
|
interface statistics, have its error messages come out as sync-pipe
errors, have it send a sync-pipe "success" message on success, and have
the callers get that message and display it.
svn path=/trunk/; revision=32843
|
|
build without libpcap, to make sure that works, and then do a build with
libpcap, to put into a binary release. It's the former that's failing;
I'll back out the previous change and then work on that.
svn path=/trunk/; revision=32801
|
|
if_capabilities_t - it doesn't fail on Snow Leopard, even if I undefine
HAVE_PCAP_CREATE, and doesn't fail on the Leopard PPC buildbot, either.
svn path=/trunk/; revision=32799
|
|
monitor mode at the same time that we fetch its list of link-layer
types. Support fetching that list in monitor mode, as the list may be
different in regular and monitor mode. If the interface supports
monitor mode, when printing the list of link-layer types, indicate
whether they're fetched in monitor mode or not, as tcpdump 4.1.x does.
svn path=/trunk/; revision=32789
|
|
svn path=/trunk/; revision=32737
|
|
libpcap/WinPcap and the capture mechanism atop which they run might
either silently limit the buffer size to a smaller value or raise it to
a higher value - that's the part that's platform-dependent.
svn path=/trunk/; revision=32718
|
|
the code to print the machine-readable format into dumpcap, and have the
code in capture_opts.c just print the human-readable format.
svn path=/trunk/; revision=32714
|
|
standard error and, in Wireshark on Windows, create a console if
necessary. Have the cmdarg_err routines use them.
Use *fprintf_stderr() to print the output of -L, rather than using
cmdarg_err_cont(), so that we don't get extra newlines in the output (it
should look similar to the output of tcpdump).
svn path=/trunk/; revision=32711
|
|
interface by running dumpcap, so that if you need privileges to open an
interface, and dumpcap has those privileges, neither TShark nor
Wireshark need them.
svn path=/trunk/; revision=32710
|
|
svn path=/trunk/; revision=32704
|
|
svn path=/trunk/; revision=32701
|
|
can no longer state what the default is (it's platform-dependent).
svn path=/trunk/; revision=32700
|
|
don't abort.
svn path=/trunk/; revision=32697
|
|
pcap_set_buffer_size() did as well, so there aren't any libpcap releases
with pcap_create() but not pcap_set_buffer_size().
Only do one check for pcap_create.
svn path=/trunk/; revision=32695
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=475
BUT not activating the check for
pcap_create()
pcap_set_buffer_size()
This should make it possible to build with support for setting the buffersize if not capturing 802.11 traffic.
The code for handling the 'B' option should be OK in any case.
svn path=/trunk/; revision=32688
|
|
Added this option to tshark.
svn path=/trunk/; revision=32685
|
|
If the user specifies -V or -x, turn on print_packet_info (-S) so they actually
get some output in case we're also writing to a file.
svn path=/trunk/; revision=32486
|
|
worse, has no include-once guards; include it only once.
svn path=/trunk/; revision=32110
|