Age | Commit message (Collapse) | Author | Files | Lines |
|
they have LF at the end of the line on UN*X and CR/LF on Windows;
hopefully this means that if a CR/LF version is checked in on Windows,
the CRs will be stripped so that they show up only when checked out on
Windows, not on UN*X.
svn path=/trunk/; revision=11400
|
|
Added support for NS_LS_TCP, NS_LS_UDP, NS_LS_LOOPBACK, NS_LS_ICMP and
unnamed subsystem 0xb9 (which contains ethernet headers in my captures frames).
However, NS_LS_ICMP will not be dissected since we dont have a
RAW_ICMP wiretap encapsulation type.
Updated decoding of usec timestamp for HPUX11 since HPUX11 has 0.1us
resolution for the scalar in this field.
YMMV but all these ones works for me from nettl traces from HPUX11.
svn path=/trunk/; revision=5523
|
|
svn path=/trunk/; revision=4199
|
|
svn path=/trunk/; revision=4042
|
|
Update the lists of known capture file formats in the Tethereal,
editcap, and mergecap man pages to match the current list (as found in
the Ethereal man page).
svn path=/trunk/; revision=4039
|
|
svn path=/trunk/; revision=2696
|
|
svn path=/trunk/; revision=2452
|
|
svn path=/trunk/; revision=2335
|
|
svn path=/trunk/; revision=2203
|
|
svn path=/trunk/; revision=2047
|
|
and outgoing PDUs, rather than specifying a numerical mask with pduin
and pduout (0x30000000).
svn path=/trunk/; revision=1649
|
|
Update the nettl section in wiretap/README, and give sample commands to
make captures on HP-UX.
svn path=/trunk/; revision=1642
|
|
svn path=/trunk/; revision=1118
|
|
provides. "Every problem in computer science can be solved by adding a
layer of indirection."
svn path=/trunk/; revision=1008
|
|
line of ISDN routers. Much like the ascend reader, this module reads an
ASCII hex dump of trace data.
Rearranged the order in which wiretap tries trace files, to keep the
ASCII-readers (ascend and toshiba) at the end, and put the binary-readers
(everything else) at the front of the list. If a telnet session of
and ascend trace or toshiba trace were captured near the beginning of
another trace, wiretap might think the trace was ascend or toshiba if it
tried that module first.
Fixed the way wtap_seek_read() selects functions to call. It was using
the encap type instead of the file type. We got lucky because
WTAP_ENCAP_ASCEND == WTAP_FILE_ASCEND
svn path=/trunk/; revision=952
|
|
from RADCOM WAN/LAN Analyzers.
(BTW, the previous checkin also removed the comments about the hack
wherein we pretended that ATM Sniffer captures were really Ethernet,
Token-Ring, or RFC 1483 captures, given that said hack was itself
removed.)
svn path=/trunk/; revision=526
|
|
removed when a more powerful display filtering mechanism was added to
Ethereal.
svn path=/trunk/; revision=525
|
|
proto*() functions. The configure script tries to use ipv6 name resolution if
it knows the type of ipv6 stack the user has (this can be avoided with the
--disable-ipv6 switch) Additionally, the configure script now deals with wiretap
better. If the user doesn't want to compile wiretap, the wiretap is never
visited. A few unnecessary #includes were removed from some wiretap files, and
a CPP macro was moved from bpf.c to wtap.h.
svn path=/trunk/; revision=229
|
|
appears to be the UNIX "time_t" when the capture started, so use that to
figure out the time when a packet was captured.
svn path=/trunk/; revision=204
|
|
Basic/Windows Sniffer Pro.
svn path=/trunk/; revision=200
|
|
svn path=/trunk/; revision=198
|
|
svn path=/trunk/; revision=195
|
|
svn path=/trunk/; revision=179
|
|
svn path=/trunk/; revision=176
|
|
svn path=/trunk/; revision=174
|
|
iptrace 1.0 is not supported yet.
svn path=/trunk/; revision=146
|
|
This necessitated a change in ethereal because iptrace supports multi-NIC
packet capturing, including multi-datalink-type capturing.
svn path=/trunk/; revision=145
|
|
to read an uncompressed Sniffer file.
svn path=/trunk/; revision=118
|
|
That requires that, in the packet-reading loop, we pass to the callback
routine the offset in the file of a packet's data, because we can no
longer compute that offset by subtracting the size of the captured
packet data from the offset in the file after the data was read -
"snoop" may stick padding in after the packet data to align packet
headers on 4-byte boundaries.
Doing that required that we arrange that we do that for "libpcap"
capture files as well; the cleanest way to do that was to write our own
code for reading "libpcap" capture files, rather than using the
"libpcap" code to do it.
Make "wtap_dispatch_cb()" and "pcap_dispatch_cb()" static to "file.c",
as they're not used elsewhere.
If we're using wiretap, don't define in "file.h" stuff used only when
we're not using wiretap.
Update the wiretap README to reflect Gilbert's and my recent changes.
Clean up some memory leaks in "wiretap/lanalyzer.c" and
"wiretap/ngsniffer.c", where the capture-file-format-specific data
wasn't freed if the open failed.
svn path=/trunk/; revision=91
|
|
wiretap functions to be more generic and therefore allow an easier integration
of more packet-capture file types. I also put in all the GPL copyrights in the
wiretap code.
svn path=/trunk/; revision=83
|
|
because it is still in its infancy, but it can be compiled in optionally.
The library exists in its own subdirectory ethereal/wiretap. This patch also
edits all the packet-*.c files to remove the #include <pcap.h> line which is
unnecessary in these files. In the ethereal code, file.c is the most heavily
modified with #ifdef WITH_WIRETAP lines for the optional library.
svn path=/trunk/; revision=82
|