aboutsummaryrefslogtreecommitdiffstats
path: root/wiretap
AgeCommit message (Collapse)AuthorFilesLines
2007-08-17At least some LAPB Windows Sniffer captures have 4 bytes of extra stuffguy1-0/+23
at the ends of packets. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22540 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-17(http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1717)sake5-1/+502
This patch adds support for the Juniper NetScreen snoop output format. It takes a text-dump op the captured packets and parses the headers and hex-data. Since the snoop files on a Junpiper NetScreen can be saved to a tftp-server, this patch makes it quite easy to use the snoop function of the Juniper NetScreen firewalls. /* XXX TODO: * * o Create a wiki-page with instruction on how to make tracefiles * on Juniper NetScreen devices. Also put a few examples up * on the wiki (Done: wiki-page added 2007-08-03) * * o Use the interface names to properly detect the encapsulation * type (ie adsl packets are now not properly dissected) * (Done: adsl packets are now correctly seen as PPP, 2007-08-03) * * o Pass the interface names and the traffic direction to either * the frame-structure, a pseudo-header or use PPI. This needs * to be discussed on the dev-list first * (Posted a message to wireshark-dev abou this 2007-08-03) * */ git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22533 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-09Parenthesize macro arguments.guy1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22480 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-09Fix for bug 1659:jake1-1/+1
Changed eth_dir_get_name(dirent) macro git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22478 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-09Fix for bug 1704:jake2-2/+6
libm required if C library is not libc (like uclibc) git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22475 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-06From: Shaun Jackmanlego1-4/+5
This patch adds MPEG PES (packetized elementary stream) to the list of magic types in wiretap/mpeg.c. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22460 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-04One quote mark sufficeth.guy1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22451 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-041989 was quite a while ago. We use function prototypes extensively;guy1-1/+1
don't worry about YY_PROTO, which isn't defined with the newer shinier versions of Flex. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22450 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-04runlex.sh is in tools, not the top-level directory.guy1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22449 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-04Sigh, crufty old shells. The Solaris test(1) manual says thatguy1-1/+1
1) "-e" isn't supported by good old /bin/sh, so we use "-r" instead; 2) "The algorithm for determining the precedence of the operators and the return value that will be generated is based on the number of arguments presented to test", so we explicitly parenthesize. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22448 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-04Oops, forgot to check in the script for running Flex/Lex.guy1-0/+159
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22447 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-04Add a script as a front-end for Flex, to work around various problems,guy5-5/+18
such as the fact that Flex strips all but the last component of the "-o" argument, and that it doesn't generate a header file to declare routines the generated lexical analyzer defines. Use that script when building lexical analyzers, and, for each lexical analyzer, include the generated header file in the generated analyzer. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22446 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-01Add a Makefile.nmake.inc file, to hold rules etc. used by multipleguy1-7/+1
Makefile.nmake files; currently, it has the (F)lex-to-C rule and a .SUFFIXES pseudo-rule to add .l to the list of suffixes. Have Makefile.nmake files with .l.c rules include Makefile.nmake.inc to get that rule. The names Makefile.am.inc and Makefile.nmake.inc aren't necessarily the right names for the files in question. Use $(PACKAGE) in the Mate plugin's Makefile, rather than "mate". git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22437 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-01Add a Makefile.am.inc file, to hold rules etc. used by multipleguy1-7/+2
Makefile.am files; currently, it has the (F)lex-to-C rule. Have Makefile.am files with .l.c rules include Makefile.am.inc to get that rule. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22436 f5534014-38df-0310-8fa8-9805f1628bb7
2007-08-01Use a common .l.c rule for running Flex on .l files, just as is done onguy1-5/+6
UN*X. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22434 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-31Add "igmp" -> "ip" mapping.martinm1-1/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22430 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-30Add comments to various %option items to explain what they're doing. guy3-11/+39
Move the %options to the beginning if they weren't already there, and put them in the same order in all files. Add "prefix=" options to .l files that don't already have them, so we don't have to pass a "-P" option. Add "never-interactive" and "noyywrap" options to our lexical analyzers, to remove extra isatty() checks and to eliminate the need for yywrap() from the Flex library. Get rid of %option nostdinit - that's the default. Add .l.c: rules to Makefile.am files, replacing the rules for specific .l files. Have those rules all check that $(LEX) is set. Update the address for the FSF. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22424 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-27I think the intent, at least, is to allow people to build Wireshark fromguy1-15/+0
a source release tarball without having Flex (think of a source release tarball being as much a platform-independent distribution format for people *not* interested in development, and who are on platforms for which there aren't binary packages, as a way of getting the source to do development). Don't check Flex's capabilities in the configure script (handling reentrant scanners would have to be done differently). git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22414 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-27Step 1 in adding support for reentrant Flex scanners if Flex supportsguy1-2/+14
them - check whether Flex supports them. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22410 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-24More space needed for wimax frames.martinm1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22395 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-14Fix another cast of the argument to a ctype.h macro.guy1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22305 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-13Fix more ctype.h calls - casting to "int" suppresses the warning, butguy1-10/+10
doesn't fix the problem, as the sign extension is still done; you have to cast to "guchar". git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22304 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-13"isdigit()" doesn't need to be cast to "int".guy1-1/+1
Its argument, however, needs to be cast to "guchar", so that if the high-order bit is set, it doesn't get sign-extended. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22303 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-13Worked out properly the silly way aal header is encoded!martinm1-8/+6
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22300 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-12From Jim Paris:jake1-1/+4
The encap_table_base in wcap.c is missing an entry. This causes e.g. "dumpcap -i usb3 -L" to output: Data link types (use option -y to set): USB_LINUX (MPEG) git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22292 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-09Check %l[doux] first, when looking for the format to use with 64-bitguy1-9/+12
integral data types, so we handle LP64 platforms if "gint64" is just a "long int". git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22281 f5534014-38df-0310-8fa8-9805f1628bb7
2007-07-06Now it really can read MP3 files, without SIGABRT.jake1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22261 f5534014-38df-0310-8fa8-9805f1628bb7
2007-06-29- Map gre -> IPmartinm1-0/+1
- Change a value string value to help an easily-frightened colleague git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22224 f5534014-38df-0310-8fa8-9805f1628bb7
2007-06-21Don't create & leak a hash table during unsuccessful open()martinm1-16/+15
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22150 f5534014-38df-0310-8fa8-9805f1628bb7
2007-06-13Add support for PPI (the Per-Packet Information header), described atgerald3-17/+23
http://www.cacetech.com/documents/PPI_Header_format_1.0.pdf . git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22094 f5534014-38df-0310-8fa8-9805f1628bb7
2007-06-13turns out that wtap_pkthdr was not exportable!lego1-1/+0
nm on my mac says it is there... git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22093 f5534014-38df-0310-8fa8-9805f1628bb7
2007-06-13Export all that's exportable from libwiretap.dlllego1-20/+27
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22092 f5534014-38df-0310-8fa8-9805f1628bb7
2007-06-13Fix coverity bug 244, [WS Bug 1649]lego1-30/+21
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22091 f5534014-38df-0310-8fa8-9805f1628bb7
2007-06-11Note invalidity of realtick for wmeier1-5/+7
captypes ETH_CAPTYPE_OTHERPOD2 and ETH_CAPTYPE_GIGPOD2 in comments for the associated TpS tables. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22074 f5534014-38df-0310-8fa8-9805f1628bb7
2007-06-08From Stephen Donnelly of Endace:guy5-38/+158
The code for reading ERF files has not been significantly updated since 2004. This patch brings it up to date with a number of changes. 1) Increase number of decodable ERF types from 7 to 12. This covers newer DAG card models and firmware updates. 2) Fix timestamp conversion. Was calculating only microsecond precision, now displaying with nanosecond resolution. Hardware precision is 7.5 to 30 ns depending on model. 3) Allow the user to specify HDLC encapsulation as 'chdlc', 'ppp_serial', 'frelay' or 'mtp2'. This is needed because the ERF HDLC capture formats do not include information on what protocol is used at the next level. This is currently done via an environment variable 'ERF_HDLC_ENCAP' and is analagous to the existing 'ERF_ATM_ENCAP' variable. If the user does not specify an HDLC encapsulation it tries to guess, and falls back to MTP2 for backwards compatibility with Florent's existing behaviour. I know environment variables are ugly, suggestions are welcome. 4) When reading HDLC captures as MTP2, use WTAP_ENCAP_MTP2_WITH_PHDR rather than WTAP_ENCAP_MTP2. This allows us to put the 'Multi-Channel ERF' record 'channel number' field into the MTP2 pseudo header > 'link_number' field. This is then displayed in Frame information, and can be filtered on. (Would be nice if it could be made a display column?) Because the ERF record does not specify whether Annex A is used or not, we pass MTP2_ANNEX_A_USED_UNKNOWN and allow the existing user preference to decide. Move the MTP2_ANNEX_A_ definitions into Wiretap, make the annex_a_used field a guint8, and change MTP2_ANNEX_A_USED_UNKNOWN to 2 so it fits in a guint8. (This means that if you can save an ERF MTP2 file as a libpcap file, the pseudo-header will have MTP2_ANNEX_A_USED_UNKNOWN in it.) git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22067 f5534014-38df-0310-8fa8-9805f1628bb7
2007-06-06Actually implement wtap_register_file_type() and have it returning the ID of ↵lego3-13/+40
the new file type. Add few functions to wiretap's exported API. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22060 f5534014-38df-0310-8fa8-9805f1628bb7
2007-06-05Note the version numbers in NetMon 3.0 files.guy1-2/+5
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22050 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-31Note realtick's invalidity for ETH_CAPTYPE_OTHERPOD in the comment forguy1-0/+4
TpS_otherpod[]. Ask about its validity for ETH_CAPTYPE_OTHERPOD2 and ETH_CAPTYPE_GIGPOD2. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22016 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-31My comment is redundant with Bill's more-detailed comment; remove it.guy1-3/+0
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22015 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-30Update Commentswmeier1-3/+9
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@22005 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-30Update a comment.guy1-2/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21998 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-29Give more detail on a captype of 6 for an Ethernet capture.guy1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21997 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-29It's pretty clear that hdr.captype's interpretation depends on theguy1-7/+10
network type; there's no "presumably" about it. Suggest that "realtick" might have the right time stamp in other cases (if not, a comment should explicitly indicate that, so that in all cases where we either know that realtick is wrong or have a lot of evidence to show that it's right, we note that fact). git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21996 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-29Update the big time unit comment to reflect Bill Meier's recent changes.guy1-20/+32
Fix some other comments. Add a suggestion for why the realtick values might correlate with packets having an FCS. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21993 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-29Work with isdn_l2.martinm1-7/+13
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21986 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-29(fix comment)wmeier1-2/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21983 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-29Another sniffer timestamp display fix; addresses bug 866 and other reports.wmeier2-18/+48
(Also: change variable name to correctly reflect usage). git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21982 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-29Print a gint64 the right way.guy1-1/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21976 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-29From David Howells :standel1-2/+2
Fix compilation failures when building wireshark-0.99.6-SVN-21916 on an x86_64-unknown-linux-gnu target with gcc version 4.1.2 20070403 (Red Hat 4.1.2-8). The failures fall into two categories: (1) Casts between pointers and 32-bit integers without an intermediary cast via 'long' or 'unsigned long'. This results in a compiler warning complaining about casts between a pointer and an integer of a different size. (2) Passing values to "%lld" or similar printf-style format options that the compiler thinks are a different size. Such values need to be cast to 'long long' or 'unsigned long long'. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21975 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-28Throw in some casts to suppress warnings.guy2-8/+8
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21971 f5534014-38df-0310-8fa8-9805f1628bb7
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-05 13:53:36 +0000