Age | Commit message (Collapse) | Author | Files | Lines |
|
format but still useful for dissecting arbitrary BER/DER ASN.1.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18110 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
patch and new files provide support for Catapult DCT2000
.out files to wiretap and ethereal.
This wiretap support (catapult_dct2000.c+h) appends a short header to
each packet giving some context, and a corresponding ethereal dissector
(packet-catapult-dct2000.c) parses this before passing the real payload
onto an existing ethereal dissector (for ethernet, ip, lapd, ppp,
frame-relay,...).
For now, there is only support for saving dct2000 files in their own
format, although I may add support for converting between dct2000 and
libpcap later.
updated version of these files and patch, now with support
for MTP2. Olivier's trace used the ANSI variant - the MTP2 and MTP3
decode fine with the right preferences set (although the ISUP dissector
reports a reserved/retired message type).
Witha a change to NOT to declare gboolean catapult_dct2000_board_ports_only;
as extern as MSVC choked on it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17862 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
least try to flush it
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17326 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
tethereal internally converted the stdout capture filename "-" into "" which doesn't make any real sense and only complicated things.
To make things even more confusing, wiretap expected "" for dump output and "-" for offline reading ...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16962 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
able to write capture files to stdout using -w -
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16958 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Add Support for reading of IBM iSeries (AS/400) Comms traces
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16588 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
argument, rather than requiring the caller to get the open() flag and
the fopen() flag in sync. That also means that if we're *not* using
libz, it can just be a wrapper around eth_fopen().
We need to include <fcntl.h>, at least on UN*X, to get open() declared
and the O_ flags defined.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16409 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
necessary for the switch to GTK 2.6 (at least on WIN32).
to do this, I've added file_util.h to wiretap (would file_compat.h be a better name?), and provide compat_macros like eth_open() instead of open(). While at it, move other file related things there, like #include <io.h>, definition of O_BINARY and alike, so it's all in one place.
deleted related things from config.h.win32
As of these massive changes, I'm almost certain that this will break the Unix build. I'll keep an eye on the buildbot so hopefully everything is working again soon.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16403 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
has a checkbox "Compress with gzip"
currently limited to Ethereal and all the variants of libpcap filetypes only.
We might want to add output compression support to the other tools as well (tethereal, mergecap, ...).
We might also want to add support for the other filetypes, but this is only possible if the filetype functions doesn't use special output operations like fseek.
One bug is still left: if the input and output filetypes while saving are the same, Ethereal currently optimizes this by simply copy the binary file instead of using wiretap (so it will be faster but it will ignore the compress setting).
Don't know a good workaround for this, as I don't know a way to find out if the input file is currently compressed or not. One idea might be to use a heuristic on the filesize (compared to the packet size summmary). Another workaround I see is to remove this optimization, which is of course not the way I like to do it ...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15804 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
resolution (currently supported by Ethereal only). Support for both read and write was added.
The file format stays the same as the common libpcap format, only the lower part of the timestamp field uses nanoseconds instead of microseconds.
This file format uses the libpcap magic number 0xa1b23c4d.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15623 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
I've done more than a day to change the timestamp resolution from microseconds to nanoseconds. As I really don't want to loose those changes, I'm going to check in the changes I've done so far. Hopefully someone else will give me a helping hand with the things left ...
What's done: I've changed the timestamp resolution from usec to nsec in almost any place in the sources. I've changed parts of the implementation in nstime.s/.h and a lot of places elsewhere.
As I don't understand the editcap source (well, I'm maybe just too tired right now), hopefully someone else might be able to fix this soon.
Doing all those changes, we get native nanosecond timestamp resolution in Ethereal. After fixing all the remaining issues, I'll take a look how to display this in a convenient way...
As I've also changed the wiretap timestamp resolution from usec to nsec we might want to change the wiretap version number...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15520 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
these, ethereal does)
- change k12.atm.vci and k12.atm.vpi into atm.vci and atm.vpi
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@14682 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
There is still much to do, but at the very least it can import files allowing the user to choose which protocols handle the diferent sources.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@14606 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"ETHERWATCH").
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13567 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
standard input. Opening it for random access isn't supported; we add a
new error for that.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13189 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12258 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
they have LF at the end of the line on UN*X and CR/LF on Windows;
hopefully this means that if a CR/LF version is checked in on Windows,
the CRs will be stripped so that they show up only when checked out on
Windows, not on UN*X.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11400 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
<fcntl.h> is included, as <fcntl.h> doesn't define it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11276 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
other #include related cleanups
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11272 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
on Windows.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10717 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10038 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
The MediaType field seems to be 0 for the Ethernet captures; however,
the MediaSubType field is different.
The fields in the header are different - we can't use hard-coded offsets
for the fields, we have to process them as a sequence of tag/value
items.
Rename some routines to use the same naming convention as the V9 open
routine rather than the same convention as the V5/V6/V7 read and
seek/read routines.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9990 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9852 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
file format (AiroPeek 2.x).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9144 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9126 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
files.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8900 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
capture files.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8840 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"hcidump -w" traces.
Note that Jesper Peterson contributed support for reading Endace ERF
files.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8824 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
0 means "there is no FCS in the packet data", 4 means "there is an FCS
in the packet data", -1 means "I don't know whether there's an FCS in
the packet data, guess based on the packet size".
Assume that Ethernet encapsulated inside other protocols has no FCS, by
having the "eth" dissector assume that (and not check for an Ethernet
pseudo-header).
Have "ethertype()" take an argument giving the FCS size; pass 0 when
appropriate.
Fix up Wiretap routines to set the pseudo-header. This means we no
longer use the "generic" seek-and-read routine, so get rid of it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8574 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8272 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
a not-yet-ready-for-prime-time project of mine (fast random access to
gzipped files, plus an mechanism to allow support for other forms of
compression).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8221 f5534014-38df-0310-8fa8-9805f1628bb7
|