1998-09-16 02:39:15 +00:00
|
|
|
/* file.c
|
|
|
|
|
* File I/O routines
|
|
|
|
|
*
|
2004-07-08 07:45:46 +00:00
|
|
|
* $Id: file.c,v 1.387 2004/07/08 07:45:46 guy Exp $
|
1998-09-16 03:22:19 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* Ethereal - Network traffic analyzer
|
2001-05-27 21:33:16 +00:00
|
|
|
* By Gerald Combs <gerald@ethereal.com>
|
1998-09-16 02:39:15 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
2002-08-28 21:04:11 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
|
* of the License, or (at your option) any later version.
|
2002-08-28 21:04:11 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
2002-08-28 21:04:11 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
|
*/
|
|
|
|
|
|
2004-05-09 10:03:41 +00:00
|
|
|
/* With MSVC and a libethereal.dll this file needs to import some variables
|
|
|
|
|
in a special way. Therefore _NEED_VAR_IMPORT_ is defined. */
|
|
|
|
|
#define _NEED_VAR_IMPORT_
|
|
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
|
# include "config.h"
|
|
|
|
|
#endif
|
|
|
|
|
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_UNISTD_H
|
1998-09-16 02:39:15 +00:00
|
|
|
#include <unistd.h>
|
1999-07-13 02:53:26 +00:00
|
|
|
#endif
|
|
|
|
|
|
1999-08-22 07:19:28 +00:00
|
|
|
#include <time.h>
|
|
|
|
|
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_IO_H
|
|
|
|
|
#include <io.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
1999-07-28 20:39:42 +00:00
|
|
|
#include <stdlib.h>
|
2000-02-03 06:35:27 +00:00
|
|
|
#include <stdio.h>
|
1998-09-27 22:12:47 +00:00
|
|
|
#include <string.h>
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
#include <ctype.h>
|
1998-09-16 02:39:15 +00:00
|
|
|
#include <errno.h>
|
1999-09-30 07:15:19 +00:00
|
|
|
#include <signal.h>
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2000-08-11 13:37:21 +00:00
|
|
|
#ifdef HAVE_SYS_STAT_H
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_FCNTL_H
|
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
1998-10-10 03:32:20 +00:00
|
|
|
#ifdef NEED_SNPRINTF_H
|
|
|
|
|
# include "snprintf.h"
|
|
|
|
|
#endif
|
|
|
|
|
|
1999-06-14 21:46:36 +00:00
|
|
|
#ifdef NEED_STRERROR_H
|
|
|
|
|
#include "strerror.h"
|
|
|
|
|
#endif
|
|
|
|
|
|
2002-01-21 07:37:49 +00:00
|
|
|
#include <epan/epan.h>
|
|
|
|
|
#include <epan/filesystem.h>
|
2000-09-27 04:55:05 +00:00
|
|
|
|
2000-11-21 23:54:10 +00:00
|
|
|
#include "color.h"
|
1999-06-19 03:14:32 +00:00
|
|
|
#include "column.h"
|
2002-01-21 07:37:49 +00:00
|
|
|
#include <epan/packet.h>
|
2004-01-09 18:11:21 +00:00
|
|
|
#include "range.h"
|
1999-07-23 08:29:24 +00:00
|
|
|
#include "print.h"
|
1998-09-16 02:39:15 +00:00
|
|
|
#include "file.h"
|
2000-01-03 03:57:04 +00:00
|
|
|
#include "menu.h"
|
1998-09-16 02:39:15 +00:00
|
|
|
#include "util.h"
|
2004-02-11 01:23:25 +00:00
|
|
|
#include "alert_box.h"
|
2000-01-03 06:59:25 +00:00
|
|
|
#include "simple_dialog.h"
|
2001-03-24 02:07:22 +00:00
|
|
|
#include "progress_dlg.h"
|
1999-12-09 07:19:20 +00:00
|
|
|
#include "ui_util.h"
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
#include "statusbar.h"
|
2000-02-29 06:24:41 +00:00
|
|
|
#include "prefs.h"
|
2002-01-21 07:37:49 +00:00
|
|
|
#include <epan/dfilter/dfilter.h>
|
|
|
|
|
#include <epan/conversation.h>
|
1999-11-19 22:32:00 +00:00
|
|
|
#include "globals.h"
|
2002-01-21 07:37:49 +00:00
|
|
|
#include <epan/epan_dissect.h>
|
2002-09-04 22:15:39 +00:00
|
|
|
#include "tap.h"
|
2003-12-19 23:41:55 +00:00
|
|
|
#include "tap_dfilter_dlg.h"
|
2003-08-11 22:41:10 +00:00
|
|
|
#include "packet-data.h"
|
Generalize the "ip_src" and "ip_dst" members of the "packet_info"
structure to "dl_src"/"dl_dst", "net_src"/"net_dst", and "src"/"dst"
addresses, where an address is an address type, an address length in
bytes, and a pointer to that many bytes.
"dl_{src,dst}" are the link-layer source/destination; "net_{src,dst}"
are the network-layer source/destination; "{src,dst}" are the
source/destination from the highest of those two layers that we have in
the packet.
Add a port type to "packet_info" as well, specifying whether it's a TCP
or UDP port.
Don't set the address and port columns in the dissector functions; just
set the address and port members of the "packet_info" structure. Set
the columns in "fill_in_columns()"; this means that if we're showing
COL_{DEF,RES,UNRES}_SRC" or "COL_{DEF,RES,UNRES}_DST", we only generate
the string from "src" or "dst", we don't generate a string for the
link-layer address and then overwrite it with a string for the
network-layer address (generating those strings costs CPU).
Add support for "conversations", where a "conversation" is (at present)
a source and destination address and a source and destination port. (In
the future, we may support "conversations" above the transport layer,
e.g. a TFTP conversation, where the first packet goes from the client to
the TFTP server port, but the reply comes back from a different port,
and all subsequent packets go between the client address/port and the
server address/new port, or an NFS conversation, which might include
lock manager, status monitor, and mount packets, as well as NFS
packets.)
Currently, all we support is a call that takes the source and
destination address/port pairs, looks them up in a hash table, and:
if nothing is found, creates a new entry in the hash table, and
assigns it a unique 32-bit conversation ID, and returns that
conversation ID;
if an entry is found, returns its conversation ID.
Use that in the SMB and AFS code to keep track of individual SMB or AFS
conversations. We need to match up requests and replies, as, for
certain replies, the operation code for the request to which it's a
reply doesn't show up in the reply - you have to find the request with a
matching transaction ID. Transaction IDs are per-conversation, so the
hash table for requests should include a conversation ID and transaction
ID as the key.
This allows SMB and AFS decoders to handle IPv4 or IPv6 addresses
transparently (and should allow the SMB decoder to handle NetBIOS atop
other protocols as well, if the source and destination address and port
values in the "packet_info" structure are set appropriately).
In the "Follow TCP Connection" code, check to make sure that the
addresses are IPv4 addressses; ultimately, that code should be changed
to use the conversation code instead, which will let it handle IPv6
transparently.
svn path=/trunk/; revision=909
1999-10-22 07:18:23 +00:00
|
|
|
|
2004-06-30 06:58:59 +00:00
|
|
|
/* Win32 needs the O_BINARY flag for open() */
|
|
|
|
|
#ifndef O_BINARY
|
|
|
|
|
#define O_BINARY 0
|
|
|
|
|
#endif
|
|
|
|
|
|
2004-03-08 23:45:25 +00:00
|
|
|
#ifdef HAVE_LIBPCAP
|
2002-01-10 11:05:50 +00:00
|
|
|
gboolean auto_scroll_live;
|
2004-03-08 23:45:25 +00:00
|
|
|
#endif
|
2002-01-10 11:05:50 +00:00
|
|
|
|
1998-12-29 04:05:38 +00:00
|
|
|
static guint32 firstsec, firstusec;
|
1999-08-14 04:23:22 +00:00
|
|
|
static guint32 prevsec, prevusec;
|
2004-01-31 04:10:05 +00:00
|
|
|
static guint32 cum_bytes = 0;
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2001-10-04 08:30:36 +00:00
|
|
|
static void read_packet(capture_file *cf, long offset);
|
1998-11-15 05:29:17 +00:00
|
|
|
|
2002-08-28 10:07:37 +00:00
|
|
|
static void rescan_packets(capture_file *cf, const char *action, const char *action_item,
|
2000-08-24 06:45:37 +00:00
|
|
|
gboolean refilter, gboolean redissect);
|
2000-07-09 03:29:42 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean match_protocol_tree(capture_file *cf, frame_data *fdata,
|
|
|
|
|
void *criterion);
|
2003-12-04 10:59:34 +00:00
|
|
|
static void match_subtree_text(proto_node *node, gpointer data);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean match_summary_line(capture_file *cf, frame_data *fdata,
|
|
|
|
|
void *criterion);
|
|
|
|
|
static gboolean match_ascii_and_unicode(capture_file *cf, frame_data *fdata,
|
|
|
|
|
void *criterion);
|
|
|
|
|
static gboolean match_ascii(capture_file *cf, frame_data *fdata,
|
|
|
|
|
void *criterion);
|
|
|
|
|
static gboolean match_unicode(capture_file *cf, frame_data *fdata,
|
|
|
|
|
void *criterion);
|
|
|
|
|
static gboolean match_binary(capture_file *cf, frame_data *fdata,
|
|
|
|
|
void *criterion);
|
|
|
|
|
static gboolean match_dfilter(capture_file *cf, frame_data *fdata,
|
|
|
|
|
void *criterion);
|
|
|
|
|
static gboolean find_packet(capture_file *cf,
|
|
|
|
|
gboolean (*match_function)(capture_file *, frame_data *, void *),
|
|
|
|
|
void *criterion);
|
|
|
|
|
|
2004-02-11 02:02:38 +00:00
|
|
|
static void cf_open_failure_alert_box(const char *filename, int err,
|
|
|
|
|
gchar *err_info, gboolean for_writing,
|
|
|
|
|
int file_type);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
static char *file_rename_error_message(int err);
|
2004-02-11 02:02:38 +00:00
|
|
|
static void cf_write_failure_alert_box(const char *filename, int err);
|
|
|
|
|
static void cf_close_failure_alert_box(const char *filename, int err);
|
2003-12-29 20:05:59 +00:00
|
|
|
static gboolean copy_binary_file(char *from_filename, char *to_filename);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
1999-08-28 01:51:58 +00:00
|
|
|
/* Update the progress bar this many times when reading a file. */
|
|
|
|
|
#define N_PROGBAR_UPDATES 100
|
1999-08-05 16:46:04 +00:00
|
|
|
|
2000-04-03 22:28:51 +00:00
|
|
|
/* Number of "frame_data" structures per memory chunk.
|
|
|
|
|
XXX - is this the right number? */
|
|
|
|
|
#define FRAME_DATA_CHUNK_SIZE 1024
|
|
|
|
|
|
2003-08-11 22:41:10 +00:00
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
int
|
2003-09-15 22:48:42 +00:00
|
|
|
cf_open(char *fname, gboolean is_tempfile, capture_file *cf)
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
{
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
wtap *wth;
|
1999-08-15 06:59:13 +00:00
|
|
|
int err;
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
gchar *err_info;
|
1999-09-23 04:39:01 +00:00
|
|
|
int fd;
|
|
|
|
|
struct stat cf_stat;
|
1998-09-16 02:39:15 +00:00
|
|
|
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
wth = wtap_open_offline(fname, &err, &err_info, TRUE);
|
1999-08-15 06:59:13 +00:00
|
|
|
if (wth == NULL)
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
goto fail;
|
1998-09-16 02:39:15 +00:00
|
|
|
|
1999-08-15 06:59:13 +00:00
|
|
|
/* Find the size of the file. */
|
1999-09-23 04:39:01 +00:00
|
|
|
fd = wtap_fd(wth);
|
|
|
|
|
if (fstat(fd, &cf_stat) < 0) {
|
|
|
|
|
err = errno;
|
|
|
|
|
wtap_close(wth);
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
1998-09-16 02:39:15 +00:00
|
|
|
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
/* The open succeeded. Close whatever capture file we had open,
|
|
|
|
|
and fill in the information for this file. */
|
2003-09-15 22:48:42 +00:00
|
|
|
cf_close(cf);
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
|
2002-02-24 06:45:14 +00:00
|
|
|
/* Initialize all data structures used for dissection. */
|
|
|
|
|
init_dissection();
|
2001-06-08 06:27:16 +00:00
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We're about to start reading the file. */
|
|
|
|
|
cf->state = FILE_READ_IN_PROGRESS;
|
|
|
|
|
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
cf->wth = wth;
|
1999-09-23 04:39:01 +00:00
|
|
|
cf->filed = fd;
|
|
|
|
|
cf->f_len = cf_stat.st_size;
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* Set the file name because we need it to set the follow stream filter.
|
|
|
|
|
XXX - is that still true? We need it for other reasons, though,
|
|
|
|
|
in any case. */
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
cf->filename = g_strdup(fname);
|
|
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* Indicate whether it's a permanent or temporary file. */
|
|
|
|
|
cf->is_tempfile = is_tempfile;
|
|
|
|
|
|
|
|
|
|
/* If it's a temporary capture buffer file, mark it as not saved. */
|
|
|
|
|
cf->user_saved = !is_tempfile;
|
|
|
|
|
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
cf->cd_t = wtap_file_type(cf->wth);
|
|
|
|
|
cf->count = 0;
|
2004-02-03 00:16:59 +00:00
|
|
|
cf->displayed_count = 0;
|
2001-12-06 02:21:26 +00:00
|
|
|
cf->marked_count = 0;
|
2001-02-11 09:28:17 +00:00
|
|
|
cf->drops_known = FALSE;
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
cf->drops = 0;
|
|
|
|
|
cf->esec = 0;
|
|
|
|
|
cf->eusec = 0;
|
|
|
|
|
cf->snap = wtap_snapshot_length(cf->wth);
|
Have Wiretap set the snapshot length to 0 if it can't be derived from
reading the capture file. Have callers of "wtap_snapshot_length()"
treat a value of 0 as "unknown", and default to WTAP_MAX_PACKET_SIZE (so
that, when writing a capture file in a format that *does* store the
snapshot length, we can at least put *something* in the file).
If we don't know the snapshot length of the current capture file, don't
display a value in the summary window.
Don't use "cfile.snap" as the snapshot length option when capturing -
doing so causes Ethereal to default, when capturing, to the snapshot
length of the last capture file that you read in, rather than to the
snapshot length of the last capture you did (or the initial default of
"no snapshot length").
Redo the "Capture Options" dialog box to group options into sections
with frames around them, and add units to the snapshot length, maximum
file size, and capture duration options, as per a suggestion by Ulf
Lamping. Also add units to the capture count option.
Make the snapshot length, capture count, maximum file size, and capture
duration options into a combination of a check box and a spin button.
If the check box is not checked, the limit in question is inactive
(snapshot length of 65535, no max packet count, no max file size, no max
capture duration); if it's checked, the spinbox specifies the limit.
Default all of the check boxes to "not checked" and all of the spin
boxes to small values.
Use "gtk_toggle_button_get_active()" rather than directly fetching the
state of a check box.
svn path=/trunk/; revision=4709
2002-02-08 10:07:41 +00:00
|
|
|
if (cf->snap == 0) {
|
|
|
|
|
/* Snapshot length not known. */
|
|
|
|
|
cf->has_snap = FALSE;
|
|
|
|
|
cf->snap = WTAP_MAX_PACKET_SIZE;
|
|
|
|
|
} else
|
|
|
|
|
cf->has_snap = TRUE;
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
firstsec = 0, firstusec = 0;
|
|
|
|
|
prevsec = 0, prevusec = 0;
|
2002-08-28 21:04:11 +00:00
|
|
|
|
2000-04-04 05:14:48 +00:00
|
|
|
cf->plist_chunk = g_mem_chunk_new("frame_data_chunk",
|
|
|
|
|
sizeof(frame_data),
|
|
|
|
|
FRAME_DATA_CHUNK_SIZE * sizeof(frame_data),
|
|
|
|
|
G_ALLOC_AND_FREE);
|
2000-06-27 04:36:03 +00:00
|
|
|
g_assert(cf->plist_chunk);
|
2000-04-04 05:14:48 +00:00
|
|
|
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
return (0);
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
|
|
|
|
|
fail:
|
2004-02-11 02:02:38 +00:00
|
|
|
cf_open_failure_alert_box(fname, err, err_info, FALSE, 0);
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
return (err);
|
1998-09-16 02:39:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Reset everything to a pristine state */
|
|
|
|
|
void
|
2003-09-15 22:48:42 +00:00
|
|
|
cf_close(capture_file *cf)
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
{
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* Die if we're in the middle of reading a file. */
|
|
|
|
|
g_assert(cf->state != FILE_READ_IN_PROGRESS);
|
|
|
|
|
|
2004-01-10 17:29:26 +00:00
|
|
|
/* Destroy all windows, which refer to the
|
2000-02-29 06:24:41 +00:00
|
|
|
capture file we're closing. */
|
2004-01-10 17:29:26 +00:00
|
|
|
destroy_cfile_wins();
|
2000-02-29 06:24:41 +00:00
|
|
|
|
1998-11-12 00:06:47 +00:00
|
|
|
if (cf->wth) {
|
1999-06-19 01:14:51 +00:00
|
|
|
wtap_close(cf->wth);
|
|
|
|
|
cf->wth = NULL;
|
|
|
|
|
}
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* We have no file open... */
|
|
|
|
|
if (cf->filename != NULL) {
|
|
|
|
|
/* If it's a temporary file, remove it. */
|
|
|
|
|
if (cf->is_tempfile)
|
|
|
|
|
unlink(cf->filename);
|
|
|
|
|
g_free(cf->filename);
|
|
|
|
|
cf->filename = NULL;
|
|
|
|
|
}
|
|
|
|
|
/* ...which means we have nothing to save. */
|
|
|
|
|
cf->user_saved = FALSE;
|
|
|
|
|
|
2000-04-06 06:04:24 +00:00
|
|
|
if (cf->plist_chunk != NULL) {
|
2000-04-03 08:42:45 +00:00
|
|
|
g_mem_chunk_destroy(cf->plist_chunk);
|
2000-04-06 06:04:24 +00:00
|
|
|
cf->plist_chunk = NULL;
|
|
|
|
|
}
|
1999-08-15 19:18:46 +00:00
|
|
|
if (cf->rfcode != NULL) {
|
2001-02-01 20:21:25 +00:00
|
|
|
dfilter_free(cf->rfcode);
|
1999-08-15 19:18:46 +00:00
|
|
|
cf->rfcode = NULL;
|
|
|
|
|
}
|
1999-08-10 04:13:37 +00:00
|
|
|
cf->plist = NULL;
|
|
|
|
|
cf->plist_end = NULL;
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
unselect_packet(cf); /* nothing to select */
|
2000-01-25 01:05:06 +00:00
|
|
|
cf->first_displayed = NULL;
|
|
|
|
|
cf->last_displayed = NULL;
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2003-09-24 00:47:37 +00:00
|
|
|
/* No frame selected, no field in that frame selected. */
|
|
|
|
|
cf->current_frame = NULL;
|
|
|
|
|
cf->finfo_selected = NULL;
|
|
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* Clear the packet list. */
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_freeze();
|
|
|
|
|
packet_list_clear();
|
|
|
|
|
packet_list_thaw();
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2004-02-03 00:16:59 +00:00
|
|
|
cf->f_len = 0;
|
|
|
|
|
cf->count = 0;
|
|
|
|
|
cf->esec = 0;
|
|
|
|
|
cf->eusec = 0;
|
|
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* Clear any file-related status bar messages.
|
|
|
|
|
XXX - should be "clear *ALL* file-related status bar messages;
|
|
|
|
|
will there ever be more than one on the stack? */
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
statusbar_pop_file_msg();
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
|
1999-12-09 07:19:20 +00:00
|
|
|
/* Restore the standard title bar message. */
|
|
|
|
|
set_main_window_name("The Ethereal Network Analyzer");
|
|
|
|
|
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
/* Disable all menu items that make sense only if you have a capture. */
|
2000-01-03 03:57:04 +00:00
|
|
|
set_menus_for_capture_file(FALSE);
|
|
|
|
|
set_menus_for_unsaved_capture_file(FALSE);
|
|
|
|
|
set_menus_for_captured_packets(FALSE);
|
2003-09-24 02:36:35 +00:00
|
|
|
set_menus_for_selected_packet(cf);
|
2000-01-27 09:53:50 +00:00
|
|
|
set_menus_for_capture_in_progress(FALSE);
|
2003-09-24 02:36:35 +00:00
|
|
|
set_menus_for_selected_tree_row(cf);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
2004-05-02 15:04:14 +00:00
|
|
|
reset_tap_listeners();
|
|
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We have no file open. */
|
|
|
|
|
cf->state = FILE_CLOSED;
|
1998-09-16 02:39:15 +00:00
|
|
|
}
|
|
|
|
|
|
1999-12-09 07:19:20 +00:00
|
|
|
/* Set the file name in the status line, in the name for the main window,
|
|
|
|
|
and in the name for the main window's icon. */
|
1999-11-29 01:54:01 +00:00
|
|
|
static void
|
1999-12-09 07:19:20 +00:00
|
|
|
set_display_filename(capture_file *cf)
|
1999-11-29 01:54:01 +00:00
|
|
|
{
|
2003-09-15 22:16:08 +00:00
|
|
|
gchar *name_ptr;
|
1999-11-29 01:54:01 +00:00
|
|
|
size_t msg_len;
|
2004-02-03 00:16:59 +00:00
|
|
|
static const gchar done_fmt_nodrops[] = " File: %s %s %02u:%02u:%02u";
|
|
|
|
|
static const gchar done_fmt_drops[] = " File: %s %s %02u:%02u:%02u Drops: %u";
|
1999-11-29 01:54:01 +00:00
|
|
|
gchar *done_msg;
|
1999-12-09 07:19:20 +00:00
|
|
|
gchar *win_name_fmt = "%s - Ethereal";
|
|
|
|
|
gchar *win_name;
|
2004-02-03 00:16:59 +00:00
|
|
|
gchar *size_str;
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2003-09-15 22:16:08 +00:00
|
|
|
name_ptr = cf_get_display_name(cf);
|
2003-12-13 18:01:30 +00:00
|
|
|
|
|
|
|
|
if (!cf->is_tempfile) {
|
|
|
|
|
/* Add this filename to the list of recent files in the "Recent Files" submenu */
|
|
|
|
|
add_menu_recent_capture_file(cf->filename);
|
|
|
|
|
}
|
|
|
|
|
|
2004-02-03 00:16:59 +00:00
|
|
|
if (cf->f_len/1024/1024 > 10) {
|
2004-02-03 00:30:50 +00:00
|
|
|
size_str = g_strdup_printf("%ld MB", cf->f_len/1024/1024);
|
2004-02-03 00:16:59 +00:00
|
|
|
} else if (cf->f_len/1024 > 10) {
|
2004-02-03 00:30:50 +00:00
|
|
|
size_str = g_strdup_printf("%ld KB", cf->f_len/1024);
|
2004-02-03 00:16:59 +00:00
|
|
|
} else {
|
2004-02-03 00:30:50 +00:00
|
|
|
size_str = g_strdup_printf("%ld bytes", cf->f_len);
|
2004-02-03 00:16:59 +00:00
|
|
|
}
|
|
|
|
|
|
2001-02-11 09:28:17 +00:00
|
|
|
if (cf->drops_known) {
|
2004-02-03 00:16:59 +00:00
|
|
|
done_msg = g_strdup_printf(done_fmt_drops, name_ptr, size_str,
|
|
|
|
|
cf->esec/3600, cf->esec%3600/60, cf->esec%60, cf->drops);
|
2001-02-11 09:28:17 +00:00
|
|
|
} else {
|
2004-02-03 00:16:59 +00:00
|
|
|
done_msg = g_strdup_printf(done_fmt_nodrops, name_ptr, size_str,
|
|
|
|
|
cf->esec/3600, cf->esec%3600/60, cf->esec%60);
|
2001-02-11 09:28:17 +00:00
|
|
|
}
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
statusbar_push_file_msg(done_msg);
|
1999-11-29 01:54:01 +00:00
|
|
|
g_free(done_msg);
|
1999-12-09 07:19:20 +00:00
|
|
|
|
2003-09-15 22:16:08 +00:00
|
|
|
msg_len = strlen(name_ptr) + strlen(win_name_fmt) + 1;
|
1999-12-09 07:19:20 +00:00
|
|
|
win_name = g_malloc(msg_len);
|
2003-09-15 22:16:08 +00:00
|
|
|
snprintf(win_name, msg_len, win_name_fmt, name_ptr);
|
1999-12-09 07:19:20 +00:00
|
|
|
set_main_window_name(win_name);
|
|
|
|
|
g_free(win_name);
|
1999-11-29 01:54:01 +00:00
|
|
|
}
|
|
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
read_status_t
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
cf_read(capture_file *cf)
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
{
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
int err;
|
|
|
|
|
gchar *err_info;
|
2003-09-15 22:16:08 +00:00
|
|
|
gchar *name_ptr, *load_msg, *load_fmt = "%s";
|
2002-04-24 05:48:43 +00:00
|
|
|
char *errmsg;
|
|
|
|
|
char errmsg_errno[1024+1];
|
|
|
|
|
gchar err_str[2048+1];
|
|
|
|
|
long data_offset;
|
2002-07-30 10:13:16 +00:00
|
|
|
progdlg_t *progbar = NULL;
|
2002-04-24 05:48:43 +00:00
|
|
|
gboolean stop_flag;
|
2002-08-28 10:07:37 +00:00
|
|
|
/*
|
|
|
|
|
* XXX - should be "off_t", but Wiretap would need more work to handle
|
|
|
|
|
* the full size of "off_t" on platforms where it's more than a "long"
|
|
|
|
|
* as well.
|
|
|
|
|
*/
|
|
|
|
|
long file_pos;
|
2002-04-24 05:48:43 +00:00
|
|
|
float prog_val;
|
|
|
|
|
int fd;
|
|
|
|
|
struct stat cf_stat;
|
2002-07-30 10:13:16 +00:00
|
|
|
GTimeVal start_time;
|
2002-08-28 10:07:37 +00:00
|
|
|
gchar status_str[100];
|
2004-01-09 21:38:21 +00:00
|
|
|
int progbar_nextstep;
|
|
|
|
|
int progbar_quantum;
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2004-01-31 04:10:05 +00:00
|
|
|
cum_bytes=0;
|
2002-09-04 22:15:39 +00:00
|
|
|
reset_tap_listeners();
|
2003-12-19 23:41:55 +00:00
|
|
|
tap_dfilter_dlg_update();
|
2003-09-15 22:16:08 +00:00
|
|
|
name_ptr = get_basename(cf->filename);
|
1999-08-07 01:25:04 +00:00
|
|
|
|
2004-02-03 00:16:59 +00:00
|
|
|
load_msg = g_strdup_printf(" Loading: %s", name_ptr);
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
statusbar_push_file_msg(load_msg);
|
2004-02-03 00:16:59 +00:00
|
|
|
g_free(load_msg);
|
|
|
|
|
|
|
|
|
|
load_msg = g_strdup_printf(load_fmt, name_ptr);
|
1999-08-28 01:51:58 +00:00
|
|
|
|
|
|
|
|
/* Update the progress bar when it gets to this value. */
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_nextstep = 0;
|
1999-08-28 01:51:58 +00:00
|
|
|
/* When we reach the value that triggers a progress bar update,
|
|
|
|
|
bump that value by this amount. */
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_quantum = cf->f_len/N_PROGBAR_UPDATES;
|
1999-08-10 07:16:47 +00:00
|
|
|
|
2003-12-09 06:48:40 +00:00
|
|
|
packet_list_freeze();
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
2000-07-03 08:36:52 +00:00
|
|
|
stop_flag = FALSE;
|
2002-07-30 10:13:16 +00:00
|
|
|
g_get_current_time(&start_time);
|
2000-07-03 08:36:52 +00:00
|
|
|
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
while ((wtap_read(cf->wth, &err, &err_info, &data_offset))) {
|
2000-07-03 08:36:52 +00:00
|
|
|
/* Update the progress bar, but do it only N_PROGBAR_UPDATES times;
|
|
|
|
|
when we update it, we have to run the GTK+ main loop to get it
|
|
|
|
|
to repaint what's pending, and doing so may involve an "ioctl()"
|
|
|
|
|
to see if there's any pending input from an X server, and doing
|
|
|
|
|
that for every packet can be costly, especially on a big file. */
|
2004-01-09 21:38:21 +00:00
|
|
|
if (data_offset >= progbar_nextstep) {
|
2000-07-03 08:36:52 +00:00
|
|
|
file_pos = lseek(cf->filed, 0, SEEK_CUR);
|
|
|
|
|
prog_val = (gfloat) file_pos / (gfloat) cf->f_len;
|
2002-04-24 05:48:43 +00:00
|
|
|
if (prog_val > 1.0) {
|
|
|
|
|
/* The file probably grew while we were reading it.
|
|
|
|
|
Update "cf->f_len", and try again. */
|
|
|
|
|
fd = wtap_fd(cf->wth);
|
|
|
|
|
if (fstat(fd, &cf_stat) >= 0) {
|
|
|
|
|
cf->f_len = cf_stat.st_size;
|
|
|
|
|
prog_val = (gfloat) file_pos / (gfloat) cf->f_len;
|
|
|
|
|
}
|
|
|
|
|
/* If it's still > 1, either the "fstat()" failed (in which
|
|
|
|
|
case there's not much we can do about it), or the file
|
|
|
|
|
*shrank* (in which case there's not much we can do about
|
|
|
|
|
it); just clip the progress value at 1.0. */
|
|
|
|
|
if (prog_val > 1.0)
|
|
|
|
|
prog_val = 1.0;
|
|
|
|
|
}
|
2002-07-30 10:13:16 +00:00
|
|
|
if (progbar == NULL) {
|
|
|
|
|
/* Create the progress bar if necessary */
|
2004-01-21 22:00:28 +00:00
|
|
|
progbar = delayed_create_progress_dlg("Loading", load_msg,
|
2002-07-30 10:13:16 +00:00
|
|
|
&stop_flag, &start_time, prog_val);
|
|
|
|
|
if (progbar != NULL)
|
|
|
|
|
g_free(load_msg);
|
|
|
|
|
}
|
2002-08-28 10:07:37 +00:00
|
|
|
if (progbar != NULL) {
|
2002-08-28 21:04:11 +00:00
|
|
|
g_snprintf(status_str, sizeof(status_str),
|
2002-08-28 10:07:37 +00:00
|
|
|
"%luKB of %luKB", file_pos / 1024, cf->f_len / 1024);
|
|
|
|
|
update_progress_dlg(progbar, prog_val, status_str);
|
|
|
|
|
}
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_nextstep += progbar_quantum;
|
2000-07-03 08:36:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (stop_flag) {
|
2000-07-07 23:09:15 +00:00
|
|
|
/* Well, the user decided to abort the read. Destroy the progress
|
|
|
|
|
bar, close the capture file, and return READ_ABORTED so our caller
|
|
|
|
|
can do whatever is appropriate when that happens. */
|
|
|
|
|
destroy_progress_dlg(progbar);
|
2000-07-03 08:36:52 +00:00
|
|
|
cf->state = FILE_READ_ABORTED; /* so that we're allowed to close it */
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_thaw(); /* undo our freeze */
|
2003-09-15 22:48:42 +00:00
|
|
|
cf_close(cf);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
return (READ_ABORTED);
|
|
|
|
|
}
|
2000-06-27 09:26:10 +00:00
|
|
|
read_packet(cf, data_offset);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
}
|
|
|
|
|
|
2002-07-30 10:13:16 +00:00
|
|
|
/* We're done reading the file; destroy the progress bar if it was created. */
|
|
|
|
|
if (progbar == NULL)
|
|
|
|
|
g_free(load_msg);
|
|
|
|
|
else
|
|
|
|
|
destroy_progress_dlg(progbar);
|
2000-07-03 08:36:52 +00:00
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We're done reading sequentially through the file. */
|
|
|
|
|
cf->state = FILE_READ_DONE;
|
|
|
|
|
|
|
|
|
|
/* Close the sequential I/O side, to free up memory it requires. */
|
|
|
|
|
wtap_sequential_close(cf->wth);
|
|
|
|
|
|
2002-01-05 04:12:17 +00:00
|
|
|
/* Allow the protocol dissectors to free up memory that they
|
|
|
|
|
* don't need after the sequential run-through of the packets. */
|
|
|
|
|
postseq_cleanup_all_protocols();
|
|
|
|
|
|
1999-12-04 11:32:25 +00:00
|
|
|
/* Set the file encapsulation type now; we don't know what it is until
|
|
|
|
|
we've looked at all the packets, as we don't know until then whether
|
|
|
|
|
there's more than one type (and thus whether it's
|
|
|
|
|
WTAP_ENCAP_PER_PACKET). */
|
|
|
|
|
cf->lnk_t = wtap_file_encap(cf->wth);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
1999-11-06 06:28:07 +00:00
|
|
|
cf->current_frame = cf->first_displayed;
|
2003-12-09 06:48:40 +00:00
|
|
|
packet_list_thaw();
|
1999-09-23 04:39:01 +00:00
|
|
|
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
statusbar_pop_file_msg();
|
1999-12-09 07:19:20 +00:00
|
|
|
set_display_filename(cf);
|
1999-08-10 07:16:47 +00:00
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* Enable menu items that make sense if you have a capture file you've
|
|
|
|
|
finished reading. */
|
2000-01-03 03:57:04 +00:00
|
|
|
set_menus_for_capture_file(TRUE);
|
|
|
|
|
set_menus_for_unsaved_capture_file(!cf->user_saved);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
|
|
|
|
/* Enable menu items that make sense if you have some captured packets. */
|
2000-01-03 03:57:04 +00:00
|
|
|
set_menus_for_captured_packets(TRUE);
|
1999-08-10 07:16:47 +00:00
|
|
|
|
2000-01-25 01:05:06 +00:00
|
|
|
/* If we have any displayed packets to select, select the first of those
|
|
|
|
|
packets by making the first row the selected row. */
|
|
|
|
|
if (cf->first_displayed != NULL)
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_select_row(0);
|
2000-01-18 08:38:18 +00:00
|
|
|
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
if (err != 0) {
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
/* Put up a message box noting that the read failed somewhere along
|
|
|
|
|
the line. Don't throw out the stuff we managed to read, though,
|
|
|
|
|
if any. */
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
switch (err) {
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
|
2000-02-19 08:00:08 +00:00
|
|
|
case WTAP_ERR_UNSUPPORTED_ENCAP:
|
2004-07-08 07:45:46 +00:00
|
|
|
snprintf(errmsg_errno, sizeof(errmsg_errno),
|
|
|
|
|
"The capture file has a packet with a network type that Ethereal doesn't support.\n(%s)",
|
|
|
|
|
err_info);
|
|
|
|
|
errmsg = errmsg_errno;
|
2000-02-19 08:00:08 +00:00
|
|
|
break;
|
|
|
|
|
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
case WTAP_ERR_CANT_READ:
|
|
|
|
|
errmsg = "An attempt to read from the file failed for"
|
|
|
|
|
" some unknown reason.";
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case WTAP_ERR_SHORT_READ:
|
|
|
|
|
errmsg = "The capture file appears to have been cut short"
|
|
|
|
|
" in the middle of a packet.";
|
|
|
|
|
break;
|
|
|
|
|
|
DLT_NULL, from "libpcap", means different things on different platforms
and in different capture files; throw in some heuristics to try to
figure out whether the 4-byte header is:
1) PPP-over-HDLC (some version of ISDN4BSD?);
2) big-endian AF_ value (BSD on big-endian platforms);
3) little-endian AF_ value (BSD on little-endian platforms);
4) two octets of 0 followed by an Ethernet type (Linux, at least
on little-endian platforms, as mutated by "libpcap").
Make a separate Wiretap encapsulation type, WTAP_ENCAP_NULL,
corresponding to DLT_NULL.
Have the PPP code dissect the frame if it's PPP-over-HDLC, and have
"ethertype()" dissect the Ethernet type and the rest of the packet if
it's a Linux-style header; dissect it ourselves only if it's an AF_
value.
Have Wiretap impose a maximum packet size of 65535 bytes, so that it
fails more gracefully when handed a corrupt "libpcap" capture file
(other capture file formats with more than a 16-bit capture length
field, if any, will have that check added later), and put that size in
"wtap.h" and have Ethereal use it as its notion of a maximum packet
size.
Have Ethereal put up a "this file appears to be damaged or corrupt"
message box if Wiretap returns a WTAP_ERR_BAD_RECORD error when opening
or reading a capture file.
Include loopback interfaces in the list of interfaces offered by the
"Capture" dialog box, but put them at the end of the list so that it
doesn't default to a loopback interface unless there are no other
interfaces. Also, don't require that an interface in the list have an
IP address associated with it, and only put one entry in the list for a
given interface (SIOCGIFCONF returns one entry per interface *address*,
not per *interface* - and even if you were to use only IP addresses, an
interface could conceivably have more than one IP address).
Exclusively use Wiretap encapsulation types internally, even when
capturing; don't use DLT_ types.
svn path=/trunk/; revision=540
1999-08-22 00:47:56 +00:00
|
|
|
case WTAP_ERR_BAD_RECORD:
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
snprintf(errmsg_errno, sizeof(errmsg_errno),
|
|
|
|
|
"The capture file appears to be damaged or corrupt.\n(%s)",
|
|
|
|
|
err_info);
|
|
|
|
|
errmsg = errmsg_errno;
|
DLT_NULL, from "libpcap", means different things on different platforms
and in different capture files; throw in some heuristics to try to
figure out whether the 4-byte header is:
1) PPP-over-HDLC (some version of ISDN4BSD?);
2) big-endian AF_ value (BSD on big-endian platforms);
3) little-endian AF_ value (BSD on little-endian platforms);
4) two octets of 0 followed by an Ethernet type (Linux, at least
on little-endian platforms, as mutated by "libpcap").
Make a separate Wiretap encapsulation type, WTAP_ENCAP_NULL,
corresponding to DLT_NULL.
Have the PPP code dissect the frame if it's PPP-over-HDLC, and have
"ethertype()" dissect the Ethernet type and the rest of the packet if
it's a Linux-style header; dissect it ourselves only if it's an AF_
value.
Have Wiretap impose a maximum packet size of 65535 bytes, so that it
fails more gracefully when handed a corrupt "libpcap" capture file
(other capture file formats with more than a 16-bit capture length
field, if any, will have that check added later), and put that size in
"wtap.h" and have Ethereal use it as its notion of a maximum packet
size.
Have Ethereal put up a "this file appears to be damaged or corrupt"
message box if Wiretap returns a WTAP_ERR_BAD_RECORD error when opening
or reading a capture file.
Include loopback interfaces in the list of interfaces offered by the
"Capture" dialog box, but put them at the end of the list so that it
doesn't default to a loopback interface unless there are no other
interfaces. Also, don't require that an interface in the list have an
IP address associated with it, and only put one entry in the list for a
given interface (SIOCGIFCONF returns one entry per interface *address*,
not per *interface* - and even if you were to use only IP addresses, an
interface could conceivably have more than one IP address).
Exclusively use Wiretap encapsulation types internally, even when
capturing; don't use DLT_ types.
svn path=/trunk/; revision=540
1999-08-22 00:47:56 +00:00
|
|
|
break;
|
|
|
|
|
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
default:
|
2000-08-19 18:20:59 +00:00
|
|
|
snprintf(errmsg_errno, sizeof(errmsg_errno),
|
|
|
|
|
"An error occurred while reading the"
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
" capture file: %s.", wtap_strerror(err));
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
errmsg = errmsg_errno;
|
|
|
|
|
break;
|
|
|
|
|
}
|
1999-08-22 07:19:28 +00:00
|
|
|
snprintf(err_str, sizeof err_str, errmsg);
|
2004-01-31 03:22:42 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, err_str);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
return (READ_ERROR);
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
} else
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
return (READ_SUCCESS);
|
1998-09-16 02:39:15 +00:00
|
|
|
}
|
|
|
|
|
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_LIBPCAP
|
1999-05-11 18:51:10 +00:00
|
|
|
int
|
2003-09-15 22:48:42 +00:00
|
|
|
cf_start_tail(char *fname, gboolean is_tempfile, capture_file *cf)
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
{
|
1999-05-11 18:51:10 +00:00
|
|
|
int err;
|
2004-04-13 18:01:40 +00:00
|
|
|
gchar *capture_msg;
|
1999-05-11 18:51:10 +00:00
|
|
|
|
2003-09-15 22:48:42 +00:00
|
|
|
err = cf_open(fname, is_tempfile, cf);
|
1999-11-29 01:54:01 +00:00
|
|
|
if (err == 0) {
|
2000-01-03 03:57:04 +00:00
|
|
|
/* Disable menu items that make no sense if you're currently running
|
|
|
|
|
a capture. */
|
|
|
|
|
set_menus_for_capture_in_progress(TRUE);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
|
|
|
|
/* Enable menu items that make sense if you have some captured
|
|
|
|
|
packets (yes, I know, we don't have any *yet*). */
|
2000-01-03 03:57:04 +00:00
|
|
|
set_menus_for_captured_packets(TRUE);
|
1999-07-11 08:40:52 +00:00
|
|
|
|
2004-04-13 18:01:40 +00:00
|
|
|
capture_msg = g_strdup_printf(" %s: <live capture in progress>", cf->iface);
|
|
|
|
|
|
|
|
|
|
statusbar_push_file_msg(capture_msg);
|
2004-04-14 05:46:34 +00:00
|
|
|
|
|
|
|
|
g_free(capture_msg);
|
1999-05-11 18:51:10 +00:00
|
|
|
}
|
1999-11-29 01:54:01 +00:00
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
read_status_t
|
2003-09-15 22:48:42 +00:00
|
|
|
cf_continue_tail(capture_file *cf, int to_read, int *err)
|
1999-11-29 01:54:01 +00:00
|
|
|
{
|
2001-10-04 08:30:36 +00:00
|
|
|
long data_offset = 0;
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
gchar *err_info;
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2002-10-14 19:59:51 +00:00
|
|
|
*err = 0;
|
|
|
|
|
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_freeze();
|
1999-11-29 01:54:01 +00:00
|
|
|
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
while (to_read != 0 && (wtap_read(cf->wth, err, &err_info, &data_offset))) {
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
if (cf->state == FILE_READ_ABORTED) {
|
|
|
|
|
/* Well, the user decided to exit Ethereal. Break out of the
|
|
|
|
|
loop, and let the code below (which is called even if there
|
|
|
|
|
aren't any packets left to read) exit. */
|
|
|
|
|
break;
|
|
|
|
|
}
|
2000-06-27 09:26:10 +00:00
|
|
|
read_packet(cf, data_offset);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
to_read--;
|
|
|
|
|
}
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_thaw();
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
|
|
|
|
|
/* XXX - this cheats and looks inside the packet list to find the final
|
|
|
|
|
row number. */
|
2002-01-10 11:05:50 +00:00
|
|
|
if (auto_scroll_live && cf->plist_end != NULL)
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_moveto_end();
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
|
|
|
|
if (cf->state == FILE_READ_ABORTED) {
|
|
|
|
|
/* Well, the user decided to exit Ethereal. Return READ_ABORTED
|
|
|
|
|
so that our caller can kill off the capture child process;
|
|
|
|
|
this will cause an EOF on the pipe from the child, so
|
2003-09-15 22:48:42 +00:00
|
|
|
"cf_finish_tail()" will be called, and it will clean up
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
and exit. */
|
|
|
|
|
return READ_ABORTED;
|
2000-09-17 07:58:39 +00:00
|
|
|
} else if (*err != 0) {
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We got an error reading the capture file.
|
|
|
|
|
XXX - pop up a dialog box? */
|
|
|
|
|
return (READ_ERROR);
|
|
|
|
|
} else
|
|
|
|
|
return (READ_SUCCESS);
|
1999-11-29 01:54:01 +00:00
|
|
|
}
|
|
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
read_status_t
|
2003-09-15 22:48:42 +00:00
|
|
|
cf_finish_tail(capture_file *cf, int *err)
|
1999-11-29 01:54:01 +00:00
|
|
|
{
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
gchar *err_info;
|
2001-10-04 08:30:36 +00:00
|
|
|
long data_offset;
|
2004-02-03 00:16:59 +00:00
|
|
|
int fd;
|
|
|
|
|
struct stat cf_stat;
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_freeze();
|
1999-11-29 01:54:01 +00:00
|
|
|
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
while ((wtap_read(cf->wth, err, &err_info, &data_offset))) {
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
if (cf->state == FILE_READ_ABORTED) {
|
|
|
|
|
/* Well, the user decided to abort the read. Break out of the
|
|
|
|
|
loop, and let the code below (which is called even if there
|
|
|
|
|
aren't any packets left to read) exit. */
|
|
|
|
|
break;
|
|
|
|
|
}
|
2000-06-27 09:26:10 +00:00
|
|
|
read_packet(cf, data_offset);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (cf->state == FILE_READ_ABORTED) {
|
|
|
|
|
/* Well, the user decided to abort the read. We're only called
|
|
|
|
|
when the child capture process closes the pipe to us (meaning
|
|
|
|
|
it's probably exited), so we can just close the capture
|
|
|
|
|
file; we return READ_ABORTED so our caller can do whatever
|
|
|
|
|
is appropriate when that happens. */
|
2003-09-15 22:48:42 +00:00
|
|
|
cf_close(cf);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
return READ_ABORTED;
|
|
|
|
|
}
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2003-12-09 06:48:40 +00:00
|
|
|
packet_list_thaw();
|
2002-01-10 11:05:50 +00:00
|
|
|
if (auto_scroll_live && cf->plist_end != NULL)
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
/* XXX - this cheats and looks inside the packet list to find the final
|
|
|
|
|
row number. */
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_moveto_end();
|
1999-11-29 01:54:01 +00:00
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We're done reading sequentially through the file. */
|
|
|
|
|
cf->state = FILE_READ_DONE;
|
|
|
|
|
|
2004-02-03 00:16:59 +00:00
|
|
|
/* we have to update the f_len field */
|
|
|
|
|
/* Find the size of the file. */
|
|
|
|
|
fd = wtap_fd(cf->wth);
|
|
|
|
|
if (fstat(fd, &cf_stat) >= 0) {
|
|
|
|
|
cf->f_len = cf_stat.st_size;
|
|
|
|
|
}
|
|
|
|
|
|
2000-05-18 09:09:50 +00:00
|
|
|
/* We're done reading sequentially through the file; close the
|
|
|
|
|
sequential I/O side, to free up memory it requires. */
|
|
|
|
|
wtap_sequential_close(cf->wth);
|
|
|
|
|
|
2002-01-05 04:12:17 +00:00
|
|
|
/* Allow the protocol dissectors to free up memory that they
|
|
|
|
|
* don't need after the sequential run-through of the packets. */
|
|
|
|
|
postseq_cleanup_all_protocols();
|
|
|
|
|
|
1999-12-04 11:32:25 +00:00
|
|
|
/* Set the file encapsulation type now; we don't know what it is until
|
|
|
|
|
we've looked at all the packets, as we don't know until then whether
|
|
|
|
|
there's more than one type (and thus whether it's
|
|
|
|
|
WTAP_ENCAP_PER_PACKET). */
|
|
|
|
|
cf->lnk_t = wtap_file_encap(cf->wth);
|
|
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* Pop the "<live capture in progress>" message off the status bar. */
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
statusbar_pop_file_msg();
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
1999-12-09 07:19:20 +00:00
|
|
|
set_display_filename(cf);
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2000-01-03 03:57:04 +00:00
|
|
|
/* Enable menu items that make sense if you're not currently running
|
|
|
|
|
a capture. */
|
|
|
|
|
set_menus_for_capture_in_progress(FALSE);
|
1999-11-29 01:54:01 +00:00
|
|
|
|
|
|
|
|
/* Enable menu items that make sense if you have a capture file
|
|
|
|
|
you've finished reading. */
|
2000-01-03 03:57:04 +00:00
|
|
|
set_menus_for_capture_file(TRUE);
|
|
|
|
|
set_menus_for_unsaved_capture_file(!cf->user_saved);
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2000-09-17 07:58:39 +00:00
|
|
|
if (*err != 0) {
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We got an error reading the capture file.
|
|
|
|
|
XXX - pop up a dialog box? */
|
|
|
|
|
return (READ_ERROR);
|
2004-02-03 17:59:01 +00:00
|
|
|
} else {
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
return (READ_SUCCESS);
|
2004-02-03 17:59:01 +00:00
|
|
|
}
|
1999-05-11 18:51:10 +00:00
|
|
|
}
|
1999-09-19 15:54:54 +00:00
|
|
|
#endif /* HAVE_LIBPCAP */
|
1999-05-11 18:51:10 +00:00
|
|
|
|
2003-09-15 22:16:08 +00:00
|
|
|
gchar *
|
|
|
|
|
cf_get_display_name(capture_file *cf)
|
|
|
|
|
{
|
|
|
|
|
gchar *displayname;
|
|
|
|
|
|
|
|
|
|
/* Return a name to use in displays */
|
2003-09-15 23:28:07 +00:00
|
|
|
if (!cf->is_tempfile) {
|
2003-09-15 22:16:08 +00:00
|
|
|
/* Get the last component of the file name, and use that. */
|
2003-10-26 03:09:03 +00:00
|
|
|
if (cf->filename){
|
|
|
|
|
displayname = get_basename(cf->filename);
|
2003-12-13 18:01:30 +00:00
|
|
|
|
|
|
|
|
/* Add this filename to the list of recent files in the "Recent Files" submenu */
|
|
|
|
|
add_menu_recent_capture_file(cf->filename);
|
2003-10-26 03:09:03 +00:00
|
|
|
} else {
|
2004-02-03 00:16:59 +00:00
|
|
|
displayname="(No file)";
|
2003-10-26 03:09:03 +00:00
|
|
|
}
|
2003-09-15 22:16:08 +00:00
|
|
|
} else {
|
|
|
|
|
/* The file we read is a temporary file from a live capture;
|
2003-09-15 23:28:07 +00:00
|
|
|
we don't mention its name. */
|
2004-02-03 00:16:59 +00:00
|
|
|
displayname = "(Untitled)";
|
2003-09-15 22:16:08 +00:00
|
|
|
}
|
|
|
|
|
return displayname;
|
|
|
|
|
}
|
|
|
|
|
|
1999-12-19 09:22:19 +00:00
|
|
|
typedef struct {
|
|
|
|
|
color_filter_t *colorf;
|
2001-02-03 06:25:17 +00:00
|
|
|
epan_dissect_t *edt;
|
1999-12-19 09:22:19 +00:00
|
|
|
} apply_color_filter_args;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If no color filter has been applied, apply this one.
|
|
|
|
|
* (The "if no color filter has been applied" is to handle the case where
|
|
|
|
|
* more than one color filter matches the packet.)
|
|
|
|
|
*/
|
|
|
|
|
static void
|
|
|
|
|
apply_color_filter(gpointer filter_arg, gpointer argp)
|
|
|
|
|
{
|
|
|
|
|
color_filter_t *colorf = filter_arg;
|
|
|
|
|
apply_color_filter_args *args = argp;
|
|
|
|
|
|
|
|
|
|
if (colorf->c_colorfilter != NULL && args->colorf == NULL) {
|
2001-02-03 06:25:17 +00:00
|
|
|
if (dfilter_apply_edt(colorf->c_colorfilter, args->edt))
|
1999-12-19 09:22:19 +00:00
|
|
|
args->colorf = colorf;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
static int
|
2000-05-18 09:09:50 +00:00
|
|
|
add_packet_to_packet_list(frame_data *fdata, capture_file *cf,
|
2002-08-02 23:36:07 +00:00
|
|
|
union wtap_pseudo_header *pseudo_header, const guchar *buf,
|
2000-07-09 03:29:42 +00:00
|
|
|
gboolean refilter)
|
1999-08-14 04:23:22 +00:00
|
|
|
{
|
1999-12-19 09:22:19 +00:00
|
|
|
apply_color_filter_args args;
|
2002-02-27 08:57:25 +00:00
|
|
|
gint row;
|
2001-12-06 04:25:09 +00:00
|
|
|
gboolean create_proto_tree = FALSE;
|
2000-10-06 10:11:40 +00:00
|
|
|
epan_dissect_t *edt;
|
1999-08-14 04:23:22 +00:00
|
|
|
|
2003-09-08 21:08:43 +00:00
|
|
|
/* just add some value here until we know if it is being displayed or not */
|
2004-01-31 04:10:05 +00:00
|
|
|
fdata->cum_bytes = cum_bytes + fdata->pkt_len;
|
2003-09-08 21:08:43 +00:00
|
|
|
|
1999-12-19 09:22:19 +00:00
|
|
|
/* We don't yet have a color filter to apply. */
|
|
|
|
|
args.colorf = NULL;
|
|
|
|
|
|
1999-08-14 04:23:22 +00:00
|
|
|
/* If we don't have the time stamp of the first packet in the
|
|
|
|
|
capture, it's because this is the first packet. Save the time
|
|
|
|
|
stamp of this packet as the time stamp of the first packet. */
|
1998-12-29 04:05:38 +00:00
|
|
|
if (!firstsec && !firstusec) {
|
|
|
|
|
firstsec = fdata->abs_secs;
|
|
|
|
|
firstusec = fdata->abs_usecs;
|
1998-09-16 02:39:15 +00:00
|
|
|
}
|
2003-09-12 02:48:23 +00:00
|
|
|
/* if this frames is marked as a reference time frame, reset
|
|
|
|
|
firstsec and firstusec to this frame */
|
|
|
|
|
if(fdata->flags.ref_time){
|
|
|
|
|
firstsec = fdata->abs_secs;
|
|
|
|
|
firstusec = fdata->abs_usecs;
|
|
|
|
|
}
|
2002-12-01 20:19:44 +00:00
|
|
|
|
2002-11-29 11:02:13 +00:00
|
|
|
/* If we don't have the time stamp of the previous displayed packet,
|
|
|
|
|
it's because this is the first displayed packet. Save the time
|
|
|
|
|
stamp of this packet as the time stamp of the previous displayed
|
|
|
|
|
packet. */
|
|
|
|
|
if (!prevsec && !prevusec) {
|
|
|
|
|
prevsec = fdata->abs_secs;
|
|
|
|
|
prevusec = fdata->abs_usecs;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Get the time elapsed between the first packet and this packet. */
|
|
|
|
|
compute_timestamp_diff(&fdata->rel_secs, &fdata->rel_usecs,
|
|
|
|
|
fdata->abs_secs, fdata->abs_usecs, firstsec, firstusec);
|
|
|
|
|
|
|
|
|
|
/* If it's greater than the current elapsed time, set the elapsed time
|
|
|
|
|
to it (we check for "greater than" so as not to be confused by
|
|
|
|
|
time moving backwards). */
|
|
|
|
|
if ((gint32)cf->esec < fdata->rel_secs
|
|
|
|
|
|| ((gint32)cf->esec == fdata->rel_secs && (gint32)cf->eusec < fdata->rel_usecs)) {
|
|
|
|
|
cf->esec = fdata->rel_secs;
|
|
|
|
|
cf->eusec = fdata->rel_usecs;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Get the time elapsed between the previous displayed packet and
|
|
|
|
|
this packet. */
|
|
|
|
|
compute_timestamp_diff(&fdata->del_secs, &fdata->del_usecs,
|
|
|
|
|
fdata->abs_secs, fdata->abs_usecs, prevsec, prevusec);
|
1998-09-27 22:12:47 +00:00
|
|
|
|
2000-07-09 03:29:42 +00:00
|
|
|
/* If either
|
|
|
|
|
|
|
|
|
|
we have a display filter and are re-applying it;
|
|
|
|
|
|
|
|
|
|
we have a list of color filters;
|
|
|
|
|
|
2002-10-17 02:11:20 +00:00
|
|
|
we have tap listeners;
|
|
|
|
|
|
2000-07-09 03:29:42 +00:00
|
|
|
allocate a protocol tree root node, so that we'll construct
|
|
|
|
|
a protocol tree against which a filter expression can be
|
|
|
|
|
evaluated. */
|
2002-10-17 02:11:20 +00:00
|
|
|
if ((cf->dfcode != NULL && refilter) || filter_list != NULL
|
|
|
|
|
|| num_tap_filters != 0)
|
2001-12-06 04:25:09 +00:00
|
|
|
create_proto_tree = TRUE;
|
1999-12-19 09:22:19 +00:00
|
|
|
|
2000-07-09 03:29:42 +00:00
|
|
|
/* Dissect the frame. */
|
2001-12-18 19:09:08 +00:00
|
|
|
edt = epan_dissect_new(create_proto_tree, FALSE);
|
|
|
|
|
|
2002-04-20 01:54:27 +00:00
|
|
|
if (cf->dfcode != NULL && refilter) {
|
2001-12-18 19:09:08 +00:00
|
|
|
epan_dissect_prime_dfilter(edt, cf->dfcode);
|
|
|
|
|
}
|
|
|
|
|
if (filter_list) {
|
|
|
|
|
filter_list_prime_edt(edt);
|
|
|
|
|
}
|
2002-10-17 02:11:20 +00:00
|
|
|
tap_queue_init(edt);
|
2001-12-18 19:09:08 +00:00
|
|
|
epan_dissect_run(edt, pseudo_header, buf, fdata, &cf->cinfo);
|
2002-10-17 02:11:20 +00:00
|
|
|
tap_push_tapped_queue(edt);
|
2000-07-09 03:29:42 +00:00
|
|
|
|
|
|
|
|
/* If we have a display filter, apply it if we're refiltering, otherwise
|
|
|
|
|
leave the "passed_dfilter" flag alone.
|
|
|
|
|
|
|
|
|
|
If we don't have a display filter, set "passed_dfilter" to 1. */
|
|
|
|
|
if (cf->dfcode != NULL) {
|
|
|
|
|
if (refilter) {
|
|
|
|
|
if (cf->dfcode != NULL)
|
2001-02-03 06:25:17 +00:00
|
|
|
fdata->flags.passed_dfilter = dfilter_apply_edt(cf->dfcode, edt) ? 1 : 0;
|
2000-07-09 03:29:42 +00:00
|
|
|
else
|
|
|
|
|
fdata->flags.passed_dfilter = 1;
|
|
|
|
|
}
|
|
|
|
|
} else
|
|
|
|
|
fdata->flags.passed_dfilter = 1;
|
|
|
|
|
|
|
|
|
|
/* If we have color filters, and the frame is to be displayed, apply
|
|
|
|
|
the color filters. */
|
|
|
|
|
if (fdata->flags.passed_dfilter) {
|
1999-12-19 09:22:19 +00:00
|
|
|
if (filter_list != NULL) {
|
2001-02-03 06:25:17 +00:00
|
|
|
args.edt = edt;
|
1999-12-19 09:22:19 +00:00
|
|
|
g_slist_foreach(filter_list, apply_color_filter, &args);
|
|
|
|
|
}
|
1999-07-11 08:40:52 +00:00
|
|
|
}
|
2000-01-03 22:53:34 +00:00
|
|
|
|
2000-10-06 10:11:40 +00:00
|
|
|
|
2003-09-12 02:48:23 +00:00
|
|
|
if( (fdata->flags.passed_dfilter)
|
|
|
|
|
|| (edt->pi.fd->flags.ref_time) ){
|
|
|
|
|
/* This frame either passed the display filter list or is marked as
|
|
|
|
|
a time reference frame. All time reference frames are displayed
|
|
|
|
|
even if they dont pass the display filter */
|
2003-11-13 08:22:48 +00:00
|
|
|
/* if this was a TIME REF frame we should reset the cul bytes field */
|
|
|
|
|
if(edt->pi.fd->flags.ref_time){
|
2004-01-31 04:10:05 +00:00
|
|
|
cum_bytes = fdata->pkt_len;
|
|
|
|
|
fdata->cum_bytes = cum_bytes;
|
2003-11-13 08:22:48 +00:00
|
|
|
}
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
|
2004-01-31 04:10:05 +00:00
|
|
|
/* increase cum_bytes with this packets length */
|
|
|
|
|
cum_bytes += fdata->pkt_len;
|
2003-09-08 21:08:43 +00:00
|
|
|
|
2001-12-18 19:09:08 +00:00
|
|
|
epan_dissect_fill_in_columns(edt);
|
1999-08-14 04:23:22 +00:00
|
|
|
|
2000-03-12 03:13:58 +00:00
|
|
|
/* If we haven't yet seen the first frame, this is it.
|
1999-08-14 04:23:22 +00:00
|
|
|
|
2000-03-12 03:13:58 +00:00
|
|
|
XXX - we must do this before we add the row to the display,
|
|
|
|
|
as, if the display's GtkCList's selection mode is
|
|
|
|
|
GTK_SELECTION_BROWSE, when the first entry is added to it,
|
|
|
|
|
"select_packet()" will be called, and it will fetch the row
|
|
|
|
|
data for the 0th row, and will get a null pointer rather than
|
|
|
|
|
"fdata", as "gtk_clist_append()" won't yet have returned and
|
|
|
|
|
thus "gtk_clist_set_row_data()" won't yet have been called.
|
1999-08-24 16:27:23 +00:00
|
|
|
|
2000-03-12 03:13:58 +00:00
|
|
|
We thus need to leave behind bread crumbs so that
|
|
|
|
|
"select_packet()" can find this frame. See the comment
|
|
|
|
|
in "select_packet()". */
|
1999-11-06 06:28:07 +00:00
|
|
|
if (cf->first_displayed == NULL)
|
|
|
|
|
cf->first_displayed = fdata;
|
|
|
|
|
|
|
|
|
|
/* This is the last frame we've seen so far. */
|
|
|
|
|
cf->last_displayed = fdata;
|
|
|
|
|
|
2002-09-21 11:36:30 +00:00
|
|
|
row = packet_list_append(cf->cinfo.col_data, fdata);
|
2000-03-12 03:13:58 +00:00
|
|
|
|
2004-01-09 02:57:54 +00:00
|
|
|
/* If the packet matches a color filter,
|
|
|
|
|
* store matching color_filter_t object in frame data. */
|
|
|
|
|
if (filter_list != NULL && (args.colorf != NULL)) {
|
|
|
|
|
/* add the matching colorfilter to the frame data */
|
|
|
|
|
fdata->color_filter = args.colorf;
|
|
|
|
|
/* If packet is marked, use colors from preferences */
|
|
|
|
|
if (fdata->flags.marked) {
|
|
|
|
|
packet_list_set_colors(row, &prefs.gui_marked_fg, &prefs.gui_marked_bg);
|
|
|
|
|
} else /* if (filter_list != NULL && (args.colorf != NULL)) */ {
|
|
|
|
|
packet_list_set_colors(row, &(args.colorf->fg_color),
|
|
|
|
|
&(args.colorf->bg_color));
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
/* No color filter match */
|
|
|
|
|
fdata->color_filter = NULL;
|
|
|
|
|
if (fdata->flags.marked) {
|
|
|
|
|
packet_list_set_colors(row, &prefs.gui_marked_fg, &prefs.gui_marked_bg);
|
|
|
|
|
}
|
2000-03-12 03:13:58 +00:00
|
|
|
}
|
2002-12-01 20:19:44 +00:00
|
|
|
|
|
|
|
|
/* Set the time of the previous displayed frame to the time of this
|
|
|
|
|
frame. */
|
|
|
|
|
prevsec = fdata->abs_secs;
|
|
|
|
|
prevusec = fdata->abs_usecs;
|
2004-02-03 00:16:59 +00:00
|
|
|
|
|
|
|
|
cf->displayed_count++;
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
} else {
|
|
|
|
|
/* This frame didn't pass the display filter, so it's not being added
|
|
|
|
|
to the clist, and thus has no row. */
|
|
|
|
|
row = -1;
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
}
|
2001-11-21 23:16:26 +00:00
|
|
|
epan_dissect_free(edt);
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
return row;
|
1999-06-19 01:14:51 +00:00
|
|
|
}
|
1998-09-27 22:12:47 +00:00
|
|
|
|
1999-06-19 01:14:51 +00:00
|
|
|
static void
|
2001-10-04 08:30:36 +00:00
|
|
|
read_packet(capture_file *cf, long offset)
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
{
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
const struct wtap_pkthdr *phdr = wtap_phdr(cf->wth);
|
|
|
|
|
union wtap_pseudo_header *pseudo_header = wtap_pseudoheader(cf->wth);
|
2002-08-02 23:36:07 +00:00
|
|
|
const guchar *buf = wtap_buf_ptr(cf->wth);
|
1999-06-19 01:14:51 +00:00
|
|
|
frame_data *fdata;
|
1999-08-10 04:13:37 +00:00
|
|
|
int passed;
|
|
|
|
|
frame_data *plist_end;
|
2000-10-06 10:11:40 +00:00
|
|
|
epan_dissect_t *edt;
|
1999-09-23 04:39:01 +00:00
|
|
|
|
1999-06-19 01:14:51 +00:00
|
|
|
/* Allocate the next list entry, and add it to the list. */
|
2000-04-03 08:42:45 +00:00
|
|
|
fdata = g_mem_chunk_alloc(cf->plist_chunk);
|
1999-06-19 01:14:51 +00:00
|
|
|
|
1999-08-10 06:54:12 +00:00
|
|
|
fdata->next = NULL;
|
1999-11-06 06:28:07 +00:00
|
|
|
fdata->prev = NULL;
|
2000-03-26 07:03:52 +00:00
|
|
|
fdata->pfd = NULL;
|
1999-06-19 01:14:51 +00:00
|
|
|
fdata->pkt_len = phdr->len;
|
|
|
|
|
fdata->cap_len = phdr->caplen;
|
|
|
|
|
fdata->file_off = offset;
|
|
|
|
|
fdata->lnk_t = phdr->pkt_encap;
|
|
|
|
|
fdata->abs_secs = phdr->ts.tv_sec;
|
|
|
|
|
fdata->abs_usecs = phdr->ts.tv_usec;
|
2000-04-13 20:39:38 +00:00
|
|
|
fdata->flags.encoding = CHAR_ASCII;
|
|
|
|
|
fdata->flags.visited = 0;
|
2000-08-21 15:45:33 +00:00
|
|
|
fdata->flags.marked = 0;
|
2003-09-19 04:52:16 +00:00
|
|
|
fdata->flags.ref_time = 0;
|
1999-06-19 01:14:51 +00:00
|
|
|
|
1999-08-08 01:29:24 +00:00
|
|
|
passed = TRUE;
|
1999-08-15 19:18:46 +00:00
|
|
|
if (cf->rfcode) {
|
2001-12-18 19:09:08 +00:00
|
|
|
edt = epan_dissect_new(TRUE, FALSE);
|
|
|
|
|
epan_dissect_prime_dfilter(edt, cf->rfcode);
|
|
|
|
|
epan_dissect_run(edt, pseudo_header, buf, fdata, NULL);
|
2001-02-03 06:25:17 +00:00
|
|
|
passed = dfilter_apply_edt(cf->rfcode, edt);
|
2000-10-06 10:11:40 +00:00
|
|
|
epan_dissect_free(edt);
|
2002-08-28 21:04:11 +00:00
|
|
|
}
|
1999-08-08 01:29:24 +00:00
|
|
|
if (passed) {
|
1999-08-10 04:13:37 +00:00
|
|
|
plist_end = cf->plist_end;
|
1999-11-06 06:28:07 +00:00
|
|
|
fdata->prev = plist_end;
|
1999-08-10 04:13:37 +00:00
|
|
|
if (plist_end != NULL)
|
|
|
|
|
plist_end->next = fdata;
|
|
|
|
|
else
|
|
|
|
|
cf->plist = fdata;
|
|
|
|
|
cf->plist_end = fdata;
|
1999-08-08 01:29:24 +00:00
|
|
|
|
|
|
|
|
cf->count++;
|
2000-01-13 00:53:09 +00:00
|
|
|
fdata->num = cf->count;
|
2000-07-09 03:29:42 +00:00
|
|
|
add_packet_to_packet_list(fdata, cf, pseudo_header, buf, TRUE);
|
2000-04-03 08:42:45 +00:00
|
|
|
} else {
|
|
|
|
|
/* XXX - if we didn't have read filters, or if we could avoid
|
|
|
|
|
allocating the "frame_data" structure until we knew whether
|
|
|
|
|
the frame passed the read filter, we could use a G_ALLOC_ONLY
|
2000-04-03 08:57:17 +00:00
|
|
|
memory chunk...
|
|
|
|
|
|
|
|
|
|
...but, at least in one test I did, where I just made the chunk
|
|
|
|
|
a G_ALLOC_ONLY chunk and read in a huge capture file, it didn't
|
|
|
|
|
seem to save a noticeable amount of time or space. */
|
2000-04-03 08:42:45 +00:00
|
|
|
g_mem_chunk_free(cf->plist_chunk, fdata);
|
|
|
|
|
}
|
1999-07-11 08:40:52 +00:00
|
|
|
}
|
|
|
|
|
|
2004-02-23 22:48:52 +00:00
|
|
|
gboolean
|
|
|
|
|
filter_packets(capture_file *cf, gchar *dftext, gboolean force)
|
1999-07-11 08:40:52 +00:00
|
|
|
{
|
2001-02-01 20:21:25 +00:00
|
|
|
dfilter_t *dfcode;
|
2004-01-26 06:43:00 +00:00
|
|
|
char *filter_new = dftext ? dftext : "";
|
|
|
|
|
char *filter_old = cf->dfilter ? cf->dfilter : "";
|
|
|
|
|
|
2004-02-23 22:48:52 +00:00
|
|
|
/* if new filter equals old one, do nothing unless told to do so */
|
|
|
|
|
if (!force && strcmp(filter_new, filter_old) == 0) {
|
|
|
|
|
return TRUE;
|
2004-01-26 06:43:00 +00:00
|
|
|
}
|
1999-08-05 16:46:04 +00:00
|
|
|
|
1999-10-11 06:39:26 +00:00
|
|
|
if (dftext == NULL) {
|
|
|
|
|
/* The new filter is an empty filter (i.e., display all packets). */
|
|
|
|
|
dfcode = NULL;
|
|
|
|
|
} else {
|
1999-07-11 08:40:52 +00:00
|
|
|
/*
|
Clean up the handling of filter strings:
have "filter_packets()" make a copy of the filter string handed
to it, as it may save the filter string in the "capture_file"
structure, and the caller of "filter_packets()" shouldn't have
to worry about the string it passed to "filter_packets()" being
stashed away somewhere so that it can't just free that string or
change it;
have callers of "filter_packets()" free up the string they
handed to it, if the string was allocated and they're done with
it;
plug some memory leaks in "match_selected_cb_do()".
Check for an illegal "action" argument being passed to
"match_selected_cb_do()".
Move some keys out of "keys.h" into "gtk/main.c", as they're only used
in "gtk/main.c".
Make the pointer to the filter list a data item for the combo box, as
it's a copy of the list of strings for the combo box, rather than
attaching it to the widgets that activate the filter (a pointer to the
combo box *itself* is a data item for those widgets).
In "filter_activate_cb()", make a copy of the text from the text entry
field as soon as we fetch it, and use that copy. Free that copy if
we didn't add the filter to the filter list.
Don't make a copy of the entire filter list and use that to set the
combo box's list of items - just use the list itself. Also, when the
list is changed, make the new value the data for the combo box (the list
pointer will actually not be changed, because we happen to be using
"g_list_append()", but let's not rely on that).
svn path=/trunk/; revision=5368
2002-05-03 03:24:47 +00:00
|
|
|
* We have a filter; make a copy of it (as we'll be saving it),
|
|
|
|
|
* and try to compile it.
|
1999-07-11 08:40:52 +00:00
|
|
|
*/
|
Clean up the handling of filter strings:
have "filter_packets()" make a copy of the filter string handed
to it, as it may save the filter string in the "capture_file"
structure, and the caller of "filter_packets()" shouldn't have
to worry about the string it passed to "filter_packets()" being
stashed away somewhere so that it can't just free that string or
change it;
have callers of "filter_packets()" free up the string they
handed to it, if the string was allocated and they're done with
it;
plug some memory leaks in "match_selected_cb_do()".
Check for an illegal "action" argument being passed to
"match_selected_cb_do()".
Move some keys out of "keys.h" into "gtk/main.c", as they're only used
in "gtk/main.c".
Make the pointer to the filter list a data item for the combo box, as
it's a copy of the list of strings for the combo box, rather than
attaching it to the widgets that activate the filter (a pointer to the
combo box *itself* is a data item for those widgets).
In "filter_activate_cb()", make a copy of the text from the text entry
field as soon as we fetch it, and use that copy. Free that copy if
we didn't add the filter to the filter list.
Don't make a copy of the entire filter list and use that to set the
combo box's list of items - just use the list itself. Also, when the
list is changed, make the new value the data for the combo box (the list
pointer will actually not be changed, because we happen to be using
"g_list_append()", but let's not rely on that).
svn path=/trunk/; revision=5368
2002-05-03 03:24:47 +00:00
|
|
|
dftext = g_strdup(dftext);
|
2001-02-01 20:21:25 +00:00
|
|
|
if (!dfilter_compile(dftext, &dfcode)) {
|
1999-10-12 05:01:07 +00:00
|
|
|
/* The attempt failed; report an error. */
|
2004-05-01 22:55:22 +00:00
|
|
|
gchar *safe_dftext = simple_dialog_format_message(dftext);
|
|
|
|
|
gchar *safe_dfilter_error_msg = simple_dialog_format_message(
|
|
|
|
|
dfilter_error_msg);
|
2004-02-03 17:59:01 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
2004-02-11 00:55:28 +00:00
|
|
|
"%s%s%s\n"
|
2004-02-03 17:59:01 +00:00
|
|
|
"\n"
|
2004-05-01 22:55:22 +00:00
|
|
|
"The following display filter is not a valid display filter:\n%s\n"
|
2004-02-11 00:55:28 +00:00
|
|
|
"See the help for a description of the display filter syntax.",
|
2004-05-01 22:55:22 +00:00
|
|
|
simple_dialog_primary_start(), safe_dfilter_error_msg,
|
|
|
|
|
simple_dialog_primary_end(), safe_dftext);
|
|
|
|
|
g_free(safe_dfilter_error_msg);
|
|
|
|
|
g_free(safe_dftext);
|
2004-01-26 06:43:00 +00:00
|
|
|
g_free(dftext);
|
2004-02-23 22:48:52 +00:00
|
|
|
return FALSE;
|
1999-07-11 08:40:52 +00:00
|
|
|
}
|
1999-10-11 06:39:26 +00:00
|
|
|
|
|
|
|
|
/* Was it empty? */
|
1999-10-12 05:01:07 +00:00
|
|
|
if (dfcode == NULL) {
|
|
|
|
|
/* Yes - free the filter text, and set it to null. */
|
1999-10-11 06:39:26 +00:00
|
|
|
g_free(dftext);
|
|
|
|
|
dftext = NULL;
|
|
|
|
|
}
|
1999-07-07 22:52:57 +00:00
|
|
|
}
|
1999-06-22 03:39:07 +00:00
|
|
|
|
1999-10-11 06:39:26 +00:00
|
|
|
/* We have a valid filter. Replace the current filter. */
|
|
|
|
|
if (cf->dfilter != NULL)
|
|
|
|
|
g_free(cf->dfilter);
|
|
|
|
|
cf->dfilter = dftext;
|
|
|
|
|
if (cf->dfcode != NULL)
|
2001-02-01 20:21:25 +00:00
|
|
|
dfilter_free(cf->dfcode);
|
1999-10-11 06:39:26 +00:00
|
|
|
cf->dfcode = dfcode;
|
|
|
|
|
|
2000-08-24 06:45:37 +00:00
|
|
|
/* Now rescan the packet list, applying the new filter, but not
|
|
|
|
|
throwing away information constructed on a previous pass. */
|
2002-08-28 10:07:37 +00:00
|
|
|
if (dftext == NULL) {
|
|
|
|
|
rescan_packets(cf, "Resetting", "Filter", TRUE, FALSE);
|
|
|
|
|
} else {
|
|
|
|
|
rescan_packets(cf, "Filtering", dftext, TRUE, FALSE);
|
|
|
|
|
}
|
2004-02-23 22:48:52 +00:00
|
|
|
return TRUE;
|
1999-10-11 06:39:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
colorize_packets(capture_file *cf)
|
2000-07-09 03:29:42 +00:00
|
|
|
{
|
2004-01-09 02:57:54 +00:00
|
|
|
rescan_packets(cf, "Colorizing", "all packets", FALSE, FALSE);
|
2000-07-09 03:29:42 +00:00
|
|
|
}
|
|
|
|
|
|
2003-09-12 02:48:23 +00:00
|
|
|
void
|
|
|
|
|
reftime_packets(capture_file *cf)
|
|
|
|
|
{
|
2004-01-09 02:57:54 +00:00
|
|
|
rescan_packets(cf, "Updating Reftime", "all packets", FALSE, FALSE);
|
2003-09-12 02:48:23 +00:00
|
|
|
}
|
|
|
|
|
|
2000-07-09 03:29:42 +00:00
|
|
|
void
|
|
|
|
|
redissect_packets(capture_file *cf)
|
|
|
|
|
{
|
2004-01-09 02:57:54 +00:00
|
|
|
rescan_packets(cf, "Reprocessing", "all packets", TRUE, TRUE);
|
2000-07-09 03:29:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Rescan the list of packets, reconstructing the CList.
|
|
|
|
|
|
|
|
|
|
"action" describes why we're doing this; it's used in the progress
|
|
|
|
|
dialog box.
|
|
|
|
|
|
2002-08-28 10:07:37 +00:00
|
|
|
"action_item" describes what we're doing; it's used in the progress
|
|
|
|
|
dialog box.
|
|
|
|
|
|
2000-08-24 06:45:37 +00:00
|
|
|
"refilter" is TRUE if we need to re-evaluate the filter expression.
|
|
|
|
|
|
|
|
|
|
"redissect" is TRUE if we need to make the dissectors reconstruct
|
|
|
|
|
any state information they have (because a preference that affects
|
|
|
|
|
some dissector has changed, meaning some dissector might construct
|
|
|
|
|
its state differently from the way it was constructed the last time). */
|
2000-07-09 03:29:42 +00:00
|
|
|
static void
|
2002-08-28 10:07:37 +00:00
|
|
|
rescan_packets(capture_file *cf, const char *action, const char *action_item,
|
|
|
|
|
gboolean refilter, gboolean redissect)
|
1999-10-11 06:39:26 +00:00
|
|
|
{
|
2000-05-12 22:03:59 +00:00
|
|
|
frame_data *fdata;
|
2002-07-30 10:13:16 +00:00
|
|
|
progdlg_t *progbar = NULL;
|
|
|
|
|
gboolean stop_flag;
|
2002-08-28 10:07:37 +00:00
|
|
|
int count;
|
2002-07-30 10:13:16 +00:00
|
|
|
int err;
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
gchar *err_info;
|
2003-09-25 08:20:01 +00:00
|
|
|
frame_data *selected_frame, *preceding_frame, *following_frame, *prev_frame;
|
|
|
|
|
int selected_row, prev_row, preceding_row, following_row;
|
|
|
|
|
gboolean selected_frame_seen;
|
2002-07-30 10:13:16 +00:00
|
|
|
int row;
|
|
|
|
|
float prog_val;
|
|
|
|
|
GTimeVal start_time;
|
2002-08-28 10:07:37 +00:00
|
|
|
gchar status_str[100];
|
2004-01-09 21:38:21 +00:00
|
|
|
int progbar_nextstep;
|
|
|
|
|
int progbar_quantum;
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
|
2004-01-31 04:10:05 +00:00
|
|
|
cum_bytes=0;
|
2002-09-04 22:15:39 +00:00
|
|
|
reset_tap_listeners();
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
/* Which frame, if any, is the currently selected frame?
|
|
|
|
|
XXX - should the selected frame or the focus frame be the "current"
|
|
|
|
|
frame, that frame being the one from which "Find Frame" searches
|
|
|
|
|
start? */
|
|
|
|
|
selected_frame = cf->current_frame;
|
|
|
|
|
|
|
|
|
|
/* We don't yet know what row that frame will be on, if any, after we
|
|
|
|
|
rebuild the clist, however. */
|
|
|
|
|
selected_row = -1;
|
1999-10-11 06:39:26 +00:00
|
|
|
|
2000-08-24 06:45:37 +00:00
|
|
|
if (redissect) {
|
|
|
|
|
/* We need to re-initialize all the state information that protocols
|
|
|
|
|
keep, because some preference that controls a dissector has changed,
|
|
|
|
|
which might cause the state information to be constructed differently
|
|
|
|
|
by that dissector. */
|
|
|
|
|
|
2002-02-24 06:45:14 +00:00
|
|
|
/* Initialize all data structures used for dissection. */
|
|
|
|
|
init_dissection();
|
2000-08-24 06:45:37 +00:00
|
|
|
}
|
|
|
|
|
|
1999-07-11 08:40:52 +00:00
|
|
|
/* Freeze the packet list while we redo it, so we don't get any
|
|
|
|
|
screen updates while it happens. */
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_freeze();
|
1999-07-11 08:40:52 +00:00
|
|
|
|
|
|
|
|
/* Clear it out. */
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_clear();
|
1999-07-11 08:40:52 +00:00
|
|
|
|
1999-11-06 06:28:07 +00:00
|
|
|
/* We don't yet know which will be the first and last frames displayed. */
|
|
|
|
|
cf->first_displayed = NULL;
|
|
|
|
|
cf->last_displayed = NULL;
|
|
|
|
|
|
2004-02-03 00:16:59 +00:00
|
|
|
/* We currently don't display any packets */
|
|
|
|
|
cf->displayed_count = 0;
|
|
|
|
|
|
2000-07-09 03:29:42 +00:00
|
|
|
/* Iterate through the list of frames. Call a routine for each frame
|
|
|
|
|
to check whether it should be displayed and, if so, add it to
|
|
|
|
|
the display list. */
|
1999-07-11 08:40:52 +00:00
|
|
|
firstsec = 0;
|
|
|
|
|
firstusec = 0;
|
1999-08-14 04:23:22 +00:00
|
|
|
prevsec = 0;
|
|
|
|
|
prevusec = 0;
|
1999-08-05 16:46:04 +00:00
|
|
|
|
1999-08-28 01:51:58 +00:00
|
|
|
/* Update the progress bar when it gets to this value. */
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_nextstep = 0;
|
1999-08-28 01:51:58 +00:00
|
|
|
/* When we reach the value that triggers a progress bar update,
|
|
|
|
|
bump that value by this amount. */
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_quantum = cf->count/N_PROGBAR_UPDATES;
|
2000-01-08 23:49:33 +00:00
|
|
|
/* Count of packets at which we've looked. */
|
|
|
|
|
count = 0;
|
|
|
|
|
|
2000-07-03 08:36:52 +00:00
|
|
|
stop_flag = FALSE;
|
2002-07-30 10:13:16 +00:00
|
|
|
g_get_current_time(&start_time);
|
1999-08-28 01:51:58 +00:00
|
|
|
|
2003-09-25 08:20:01 +00:00
|
|
|
row = -1; /* no previous row yet */
|
|
|
|
|
prev_row = -1;
|
|
|
|
|
prev_frame = NULL;
|
|
|
|
|
|
|
|
|
|
preceding_row = -1;
|
|
|
|
|
preceding_frame = NULL;
|
|
|
|
|
following_row = -1;
|
|
|
|
|
following_frame = NULL;
|
|
|
|
|
|
|
|
|
|
selected_frame_seen = FALSE;
|
|
|
|
|
|
2000-05-12 22:03:59 +00:00
|
|
|
for (fdata = cf->plist; fdata != NULL; fdata = fdata->next) {
|
1999-08-28 01:51:58 +00:00
|
|
|
/* Update the progress bar, but do it only N_PROGBAR_UPDATES times;
|
|
|
|
|
when we update it, we have to run the GTK+ main loop to get it
|
|
|
|
|
to repaint what's pending, and doing so may involve an "ioctl()"
|
|
|
|
|
to see if there's any pending input from an X server, and doing
|
|
|
|
|
that for every packet can be costly, especially on a big file. */
|
2004-01-09 21:38:21 +00:00
|
|
|
if (count >= progbar_nextstep) {
|
1999-08-28 01:51:58 +00:00
|
|
|
/* let's not divide by zero. I should never be started
|
2000-01-08 23:49:33 +00:00
|
|
|
* with count == 0, so let's assert that
|
1999-08-28 01:51:58 +00:00
|
|
|
*/
|
2000-01-08 23:49:33 +00:00
|
|
|
g_assert(cf->count > 0);
|
2002-07-30 10:13:16 +00:00
|
|
|
prog_val = (gfloat) count / cf->count;
|
1999-08-28 01:51:58 +00:00
|
|
|
|
2002-07-30 10:13:16 +00:00
|
|
|
if (progbar == NULL)
|
|
|
|
|
/* Create the progress bar if necessary */
|
2004-01-21 22:00:28 +00:00
|
|
|
progbar = delayed_create_progress_dlg(action, action_item, &stop_flag,
|
2002-07-30 10:13:16 +00:00
|
|
|
&start_time, prog_val);
|
1999-09-22 01:26:50 +00:00
|
|
|
|
2002-08-28 10:07:37 +00:00
|
|
|
if (progbar != NULL) {
|
|
|
|
|
g_snprintf(status_str, sizeof(status_str),
|
|
|
|
|
"%4u of %u frames", count, cf->count);
|
|
|
|
|
update_progress_dlg(progbar, prog_val, status_str);
|
|
|
|
|
}
|
2002-07-30 10:13:16 +00:00
|
|
|
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_nextstep += progbar_quantum;
|
2000-07-03 08:36:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (stop_flag) {
|
|
|
|
|
/* Well, the user decided to abort the filtering. Just stop.
|
|
|
|
|
|
|
|
|
|
XXX - go back to the previous filter? Users probably just
|
|
|
|
|
want not to wait for a filtering operation to finish;
|
|
|
|
|
unless we cancel by having no filter, reverting to the
|
|
|
|
|
previous filter will probably be even more expensive than
|
|
|
|
|
continuing the filtering, as it involves going back to the
|
|
|
|
|
beginning and filtering, and even with no filter we currently
|
|
|
|
|
have to re-generate the entire clist, which is also expensive.
|
|
|
|
|
|
|
|
|
|
I'm not sure what Network Monitor does, but it doesn't appear
|
|
|
|
|
to give you an unfiltered display if you cancel. */
|
|
|
|
|
break;
|
1999-08-28 01:51:58 +00:00
|
|
|
}
|
|
|
|
|
|
2000-01-08 23:49:33 +00:00
|
|
|
count++;
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2000-08-24 06:45:37 +00:00
|
|
|
if (redissect) {
|
|
|
|
|
/* Since all state for the frame was destroyed, mark the frame
|
2000-09-12 03:27:00 +00:00
|
|
|
* as not visited, free the GSList referring to the state
|
2000-08-24 09:16:39 +00:00
|
|
|
* data (the per-frame data itself was freed by
|
2002-02-24 06:45:14 +00:00
|
|
|
* "init_dissection()"), and null out the GSList pointer. */
|
2000-08-24 06:45:37 +00:00
|
|
|
fdata->flags.visited = 0;
|
2000-09-11 22:43:02 +00:00
|
|
|
if (fdata->pfd) {
|
|
|
|
|
g_slist_free(fdata->pfd);
|
2002-02-18 01:08:44 +00:00
|
|
|
fdata->pfd = NULL;
|
2000-09-11 22:43:02 +00:00
|
|
|
}
|
2000-09-11 07:33:56 +00:00
|
|
|
}
|
|
|
|
|
|
2003-09-03 23:15:40 +00:00
|
|
|
if (!wtap_seek_read (cf->wth, fdata->file_off, &cf->pseudo_header,
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
cf->pd, fdata->cap_len, &err, &err_info)) {
|
2004-01-31 03:22:42 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
cf_read_error_message(err, err_info), cf->filename);
|
2003-09-03 23:15:40 +00:00
|
|
|
break;
|
|
|
|
|
}
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2003-09-25 08:20:01 +00:00
|
|
|
/* If the previous frame is displayed, and we haven't yet seen the
|
|
|
|
|
selected frame, remember that frame - it's the closest one we've
|
|
|
|
|
yet seen before the selected frame. */
|
|
|
|
|
if (prev_row != -1 && !selected_frame_seen) {
|
|
|
|
|
preceding_row = prev_row;
|
|
|
|
|
preceding_frame = prev_frame;
|
|
|
|
|
}
|
2000-07-09 03:29:42 +00:00
|
|
|
row = add_packet_to_packet_list(fdata, cf, &cf->pseudo_header, cf->pd,
|
|
|
|
|
refilter);
|
2003-09-25 08:20:01 +00:00
|
|
|
|
|
|
|
|
/* If this frame is displayed, and this is the first frame we've
|
|
|
|
|
seen displayed after the selected frame, remember this frame -
|
|
|
|
|
it's the closest one we've yet seen at or after the selected
|
|
|
|
|
frame. */
|
|
|
|
|
if (row != -1 && selected_frame_seen && following_row == -1) {
|
|
|
|
|
following_row = row;
|
|
|
|
|
following_frame = fdata;
|
|
|
|
|
}
|
|
|
|
|
if (fdata == selected_frame) {
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
selected_row = row;
|
2003-09-25 08:20:01 +00:00
|
|
|
selected_frame_seen = TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Remember this row/frame - it'll be the previous row/frame
|
|
|
|
|
on the next pass through the loop. */
|
|
|
|
|
prev_row = row;
|
|
|
|
|
prev_frame = fdata;
|
1999-08-10 04:13:37 +00:00
|
|
|
}
|
2002-08-28 21:04:11 +00:00
|
|
|
|
2000-08-24 09:16:39 +00:00
|
|
|
if (redissect) {
|
|
|
|
|
/* Clear out what remains of the visited flags and per-frame data
|
|
|
|
|
pointers.
|
|
|
|
|
|
|
|
|
|
XXX - that may cause various forms of bogosity when dissecting
|
|
|
|
|
these frames, as they won't have been seen by this sequential
|
|
|
|
|
pass, but the only alternative I see is to keep scanning them
|
|
|
|
|
even though the user requested that the scan stop, and that
|
|
|
|
|
would leave the user stuck with an Ethereal grinding on
|
|
|
|
|
until it finishes. Should we just stick them with that? */
|
|
|
|
|
for (; fdata != NULL; fdata = fdata->next) {
|
|
|
|
|
fdata->flags.visited = 0;
|
2000-09-12 03:27:00 +00:00
|
|
|
if (fdata->pfd) {
|
|
|
|
|
g_slist_free(fdata->pfd);
|
2002-02-18 01:08:44 +00:00
|
|
|
fdata->pfd = NULL;
|
2000-09-12 03:27:00 +00:00
|
|
|
}
|
2000-08-24 09:16:39 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2002-07-30 10:13:16 +00:00
|
|
|
/* We're done filtering the packets; destroy the progress bar if it
|
|
|
|
|
was created. */
|
|
|
|
|
if (progbar != NULL)
|
|
|
|
|
destroy_progress_dlg(progbar);
|
1999-07-11 08:40:52 +00:00
|
|
|
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
/* Unfreeze the packet list. */
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_thaw();
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
|
2003-09-25 08:20:01 +00:00
|
|
|
if (selected_row == -1) {
|
|
|
|
|
/* The selected frame didn't pass the filter. */
|
|
|
|
|
if (selected_frame == NULL) {
|
|
|
|
|
/* That's because there *was* no selected frame. Make the first
|
|
|
|
|
displayed frame the current frame. */
|
|
|
|
|
selected_row = 0;
|
|
|
|
|
} else {
|
|
|
|
|
/* Find the nearest displayed frame to the selected frame (whether
|
|
|
|
|
it's before or after that frame) and make that the current frame.
|
|
|
|
|
If the next and previous displayed frames are equidistant from the
|
|
|
|
|
selected frame, choose the next one. */
|
|
|
|
|
g_assert(following_frame == NULL ||
|
|
|
|
|
following_frame->num >= selected_frame->num);
|
|
|
|
|
g_assert(preceding_frame == NULL ||
|
|
|
|
|
preceding_frame->num <= selected_frame->num);
|
2003-09-25 08:31:52 +00:00
|
|
|
if (following_frame == NULL) {
|
|
|
|
|
/* No frame after the selected frame passed the filter, so we
|
|
|
|
|
have to select the last displayed frame before the selected
|
|
|
|
|
frame. */
|
|
|
|
|
selected_row = preceding_row;
|
|
|
|
|
} else if (preceding_frame == NULL) {
|
|
|
|
|
/* No frame before the selected frame passed the filter, so we
|
|
|
|
|
have to select the first displayed frame after the selected
|
|
|
|
|
frame. */
|
|
|
|
|
selected_row = following_row;
|
|
|
|
|
} else {
|
|
|
|
|
/* Choose the closer of the last displayed frame before the
|
|
|
|
|
selected frame and the first displayed frame after the
|
|
|
|
|
selected frame; in case of a tie, choose the first displayed
|
|
|
|
|
frame after the selected frame. */
|
|
|
|
|
if (following_frame->num - selected_frame->num <=
|
|
|
|
|
selected_frame->num - preceding_frame->num) {
|
2003-09-25 08:20:01 +00:00
|
|
|
selected_row = following_row;
|
|
|
|
|
} else {
|
|
|
|
|
/* The previous frame is closer to the selected frame than the
|
|
|
|
|
next frame. */
|
|
|
|
|
selected_row = preceding_row;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2003-09-24 00:47:37 +00:00
|
|
|
|
2003-09-25 08:20:01 +00:00
|
|
|
if (selected_row == -1) {
|
|
|
|
|
/* There are no frames displayed at all. */
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
unselect_packet(cf);
|
2003-09-25 08:20:01 +00:00
|
|
|
} else {
|
|
|
|
|
/* Either the frame that was selected passed the filter, or we've
|
|
|
|
|
found the nearest displayed frame to that frame. Select it, make
|
|
|
|
|
it the focus row, and make it visible. */
|
|
|
|
|
packet_list_set_selected_row(selected_row);
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
}
|
1999-06-22 03:39:07 +00:00
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
typedef enum {
|
|
|
|
|
PSP_FINISHED,
|
|
|
|
|
PSP_STOPPED,
|
|
|
|
|
PSP_FAILED
|
|
|
|
|
} psp_return_t;
|
|
|
|
|
|
|
|
|
|
psp_return_t
|
|
|
|
|
process_specified_packets(capture_file *cf, packet_range_t *range,
|
2004-01-21 22:00:28 +00:00
|
|
|
const char *string1, const char *string2,
|
2004-01-09 22:56:59 +00:00
|
|
|
gboolean (*callback)(capture_file *, frame_data *,
|
|
|
|
|
union wtap_pseudo_header *, const guint8 *, void *),
|
|
|
|
|
void *callback_args)
|
1999-07-23 08:29:24 +00:00
|
|
|
{
|
2000-05-12 22:03:59 +00:00
|
|
|
frame_data *fdata;
|
2002-03-05 05:58:41 +00:00
|
|
|
int err;
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
gchar *err_info;
|
2004-01-09 22:56:59 +00:00
|
|
|
union wtap_pseudo_header pseudo_header;
|
|
|
|
|
guint8 pd[WTAP_MAX_PACKET_SIZE+1];
|
|
|
|
|
psp_return_t ret = PSP_FINISHED;
|
|
|
|
|
|
|
|
|
|
progdlg_t *progbar = NULL;
|
|
|
|
|
int progbar_count;
|
|
|
|
|
float progbar_val;
|
|
|
|
|
gboolean progbar_stop_flag;
|
|
|
|
|
GTimeVal progbar_start_time;
|
|
|
|
|
gchar progbar_status_str[100];
|
2004-01-09 21:38:21 +00:00
|
|
|
int progbar_nextstep;
|
|
|
|
|
int progbar_quantum;
|
2004-01-09 18:11:21 +00:00
|
|
|
range_process_e process_this;
|
1999-08-10 04:13:37 +00:00
|
|
|
|
1999-09-13 23:45:22 +00:00
|
|
|
/* Update the progress bar when it gets to this value. */
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_nextstep = 0;
|
1999-09-13 23:45:22 +00:00
|
|
|
/* When we reach the value that triggers a progress bar update,
|
|
|
|
|
bump that value by this amount. */
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_quantum = cf->count/N_PROGBAR_UPDATES;
|
2000-01-08 23:49:33 +00:00
|
|
|
/* Count of packets at which we've looked. */
|
2004-01-09 22:56:59 +00:00
|
|
|
progbar_count = 0;
|
1999-09-13 23:45:22 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
progbar_stop_flag = FALSE;
|
|
|
|
|
g_get_current_time(&progbar_start_time);
|
2000-01-08 23:49:33 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
packet_range_process_init(range);
|
2004-01-09 18:11:21 +00:00
|
|
|
|
1999-09-12 06:11:51 +00:00
|
|
|
/* Iterate through the list of packets, printing the packets that
|
|
|
|
|
were selected by the current display filter. */
|
2000-05-12 22:03:59 +00:00
|
|
|
for (fdata = cf->plist; fdata != NULL; fdata = fdata->next) {
|
1999-09-13 23:45:22 +00:00
|
|
|
/* Update the progress bar, but do it only N_PROGBAR_UPDATES times;
|
|
|
|
|
when we update it, we have to run the GTK+ main loop to get it
|
|
|
|
|
to repaint what's pending, and doing so may involve an "ioctl()"
|
|
|
|
|
to see if there's any pending input from an X server, and doing
|
|
|
|
|
that for every packet can be costly, especially on a big file. */
|
2004-01-09 22:56:59 +00:00
|
|
|
if (progbar_count >= progbar_nextstep) {
|
1999-09-13 23:45:22 +00:00
|
|
|
/* let's not divide by zero. I should never be started
|
2000-01-08 23:49:33 +00:00
|
|
|
* with count == 0, so let's assert that
|
1999-09-13 23:45:22 +00:00
|
|
|
*/
|
2000-01-08 23:49:33 +00:00
|
|
|
g_assert(cf->count > 0);
|
2004-01-09 22:56:59 +00:00
|
|
|
progbar_val = (gfloat) progbar_count / cf->count;
|
1999-09-13 23:45:22 +00:00
|
|
|
|
2002-07-30 10:13:16 +00:00
|
|
|
if (progbar == NULL)
|
|
|
|
|
/* Create the progress bar if necessary */
|
2004-01-09 22:56:59 +00:00
|
|
|
progbar = delayed_create_progress_dlg(string1, string2,
|
|
|
|
|
&progbar_stop_flag,
|
|
|
|
|
&progbar_start_time,
|
|
|
|
|
progbar_val);
|
2000-07-03 08:36:52 +00:00
|
|
|
|
2002-08-28 10:07:37 +00:00
|
|
|
if (progbar != NULL) {
|
2004-01-09 22:56:59 +00:00
|
|
|
g_snprintf(progbar_status_str, sizeof(progbar_status_str),
|
|
|
|
|
"%4u of %u packets", progbar_count, cf->count);
|
|
|
|
|
update_progress_dlg(progbar, progbar_val, progbar_status_str);
|
2002-08-28 10:07:37 +00:00
|
|
|
}
|
2002-07-30 10:13:16 +00:00
|
|
|
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_nextstep += progbar_quantum;
|
1999-09-13 23:45:22 +00:00
|
|
|
}
|
2000-07-03 08:36:52 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
if (progbar_stop_flag) {
|
|
|
|
|
/* Well, the user decided to abort the operation. Just stop,
|
|
|
|
|
and arrange to return TRUE to our caller, so they know it
|
|
|
|
|
was stopped explicitly. */
|
|
|
|
|
ret = PSP_STOPPED;
|
2000-07-03 08:36:52 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
progbar_count++;
|
2004-01-09 18:11:21 +00:00
|
|
|
|
|
|
|
|
/* do we have to process this packet? */
|
2004-01-09 22:56:59 +00:00
|
|
|
process_this = packet_range_process_packet(range, fdata);
|
2004-01-09 18:11:21 +00:00
|
|
|
if (process_this == range_process_next) {
|
|
|
|
|
/* this packet uninteresting, continue with next one */
|
|
|
|
|
continue;
|
|
|
|
|
} else if (process_this == range_processing_finished) {
|
|
|
|
|
/* all interesting packets processed, stop the loop */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Get the packet */
|
|
|
|
|
if (!wtap_seek_read(cf->wth, fdata->file_off, &pseudo_header,
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
pd, fdata->cap_len, &err, &err_info)) {
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Attempt to get the packet failed. */
|
2004-01-31 03:22:42 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
cf_read_error_message(err, err_info), cf->filename);
|
2004-01-09 22:56:59 +00:00
|
|
|
ret = PSP_FAILED;
|
|
|
|
|
break;
|
2004-01-09 18:11:21 +00:00
|
|
|
}
|
2004-05-27 21:48:10 +00:00
|
|
|
/* Process the packet */
|
2004-01-09 22:56:59 +00:00
|
|
|
if (!callback(cf, fdata, &pseudo_header, pd, callback_args)) {
|
|
|
|
|
/* Callback failed. We assume it reported the error appropriately. */
|
|
|
|
|
ret = PSP_FAILED;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2000-02-21 08:18:00 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* We're done printing the packets; destroy the progress bar if
|
|
|
|
|
it was created. */
|
|
|
|
|
if (progbar != NULL)
|
|
|
|
|
destroy_progress_dlg(progbar);
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
return ret;
|
|
|
|
|
}
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2004-01-13 22:34:10 +00:00
|
|
|
static gboolean
|
|
|
|
|
retap_packet(capture_file *cf _U_, frame_data *fdata,
|
|
|
|
|
union wtap_pseudo_header *pseudo_header, const guint8 *pd,
|
|
|
|
|
void *argsp _U_)
|
|
|
|
|
{
|
|
|
|
|
epan_dissect_t *edt;
|
|
|
|
|
|
|
|
|
|
/* If we have tap listeners, allocate a protocol tree root node, so that
|
|
|
|
|
we'll construct a protocol tree against which a filter expression can
|
|
|
|
|
be evaluated. */
|
|
|
|
|
edt = epan_dissect_new(num_tap_filters != 0, FALSE);
|
|
|
|
|
tap_queue_init(edt);
|
|
|
|
|
epan_dissect_run(edt, pseudo_header, pd, fdata, NULL);
|
|
|
|
|
tap_push_tapped_queue(edt);
|
|
|
|
|
epan_dissect_free(edt);
|
|
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
retap_packets(capture_file *cf)
|
|
|
|
|
{
|
|
|
|
|
packet_range_t range;
|
|
|
|
|
|
2004-01-16 19:35:32 +00:00
|
|
|
/* Reset the tap listeners. */
|
|
|
|
|
reset_tap_listeners();
|
|
|
|
|
|
2004-01-13 22:34:10 +00:00
|
|
|
/* Iterate through the list of packets, dissecting all packets and
|
|
|
|
|
re-running the taps. */
|
|
|
|
|
packet_range_init(&range);
|
|
|
|
|
packet_range_process_init(&range);
|
|
|
|
|
switch (process_specified_packets(cf, &range, "Refiltering statistics on",
|
2004-01-21 22:00:28 +00:00
|
|
|
"all packets", retap_packet,
|
2004-01-13 22:34:10 +00:00
|
|
|
NULL)) {
|
|
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* Well, the user decided to abort the refiltering.
|
|
|
|
|
Return FALSE so our caller knows they did that. */
|
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
|
|
case PSP_FAILED:
|
|
|
|
|
/* Error while retapping. */
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
typedef struct {
|
|
|
|
|
print_args_t *print_args;
|
2004-01-25 00:58:13 +00:00
|
|
|
FILE *print_fh;
|
2004-04-16 20:20:54 +00:00
|
|
|
gboolean print_header_line;
|
|
|
|
|
char *header_line_buf;
|
|
|
|
|
int header_line_buf_len;
|
2004-04-22 17:03:21 +00:00
|
|
|
gboolean print_formfeed;
|
2004-01-09 22:56:59 +00:00
|
|
|
gboolean print_separator;
|
|
|
|
|
char *line_buf;
|
|
|
|
|
int line_buf_len;
|
|
|
|
|
gint *col_widths;
|
|
|
|
|
} print_callback_args_t;
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
static gboolean
|
|
|
|
|
print_packet(capture_file *cf, frame_data *fdata,
|
|
|
|
|
union wtap_pseudo_header *pseudo_header, const guint8 *pd,
|
|
|
|
|
void *argsp)
|
|
|
|
|
{
|
|
|
|
|
print_callback_args_t *args = argsp;
|
|
|
|
|
epan_dissect_t *edt;
|
|
|
|
|
int i;
|
|
|
|
|
char *cp;
|
|
|
|
|
int line_len;
|
|
|
|
|
int column_len;
|
|
|
|
|
int cp_off;
|
2004-04-16 18:17:48 +00:00
|
|
|
gboolean proto_tree_needed;
|
|
|
|
|
|
|
|
|
|
proto_tree_needed =
|
|
|
|
|
args->print_args->print_dissections != print_dissections_none || args->print_args->print_hex;
|
|
|
|
|
|
|
|
|
|
/* Fill in the column information, but don't bother creating
|
|
|
|
|
the logical protocol tree. */
|
|
|
|
|
edt = epan_dissect_new(proto_tree_needed, proto_tree_needed);
|
|
|
|
|
epan_dissect_run(edt, pseudo_header, pd, fdata, &cf->cinfo);
|
|
|
|
|
epan_dissect_fill_in_columns(edt);
|
|
|
|
|
|
2004-04-22 17:03:21 +00:00
|
|
|
if (args->print_formfeed) {
|
|
|
|
|
print_formfeed(args->print_fh, args->print_args->format);
|
|
|
|
|
} else {
|
|
|
|
|
if (args->print_separator)
|
|
|
|
|
print_line(args->print_fh, 0, args->print_args->format, "");
|
|
|
|
|
}
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2004-04-22 17:03:21 +00:00
|
|
|
if (args->print_args->print_summary || args->print_args->format == PR_FMT_PS) {
|
2004-04-16 20:20:54 +00:00
|
|
|
if (args->print_header_line) {
|
|
|
|
|
print_line(args->print_fh, 0, args->print_args->format,
|
|
|
|
|
args->header_line_buf);
|
|
|
|
|
args->print_header_line = FALSE; /* we might not need to print any more */
|
|
|
|
|
}
|
2004-01-09 22:56:59 +00:00
|
|
|
cp = &args->line_buf[0];
|
|
|
|
|
line_len = 0;
|
|
|
|
|
for (i = 0; i < cf->cinfo.num_cols; i++) {
|
|
|
|
|
/* Find the length of the string for this column. */
|
|
|
|
|
column_len = strlen(cf->cinfo.col_data[i]);
|
|
|
|
|
if (args->col_widths[i] > column_len)
|
|
|
|
|
column_len = args->col_widths[i];
|
1999-09-29 22:19:24 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Make sure there's room in the line buffer for the column; if not,
|
|
|
|
|
double its length. */
|
|
|
|
|
line_len += column_len + 1; /* "+1" for space */
|
|
|
|
|
if (line_len > args->line_buf_len) {
|
|
|
|
|
cp_off = cp - args->line_buf;
|
|
|
|
|
args->line_buf_len = 2 * line_len;
|
|
|
|
|
args->line_buf = g_realloc(args->line_buf, args->line_buf_len + 1);
|
|
|
|
|
cp = args->line_buf + cp_off;
|
|
|
|
|
}
|
1999-07-23 08:29:24 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Right-justify the packet number column. */
|
|
|
|
|
if (cf->cinfo.col_fmt[i] == COL_NUMBER)
|
|
|
|
|
sprintf(cp, "%*s", args->col_widths[i], cf->cinfo.col_data[i]);
|
|
|
|
|
else
|
|
|
|
|
sprintf(cp, "%-*s", args->col_widths[i], cf->cinfo.col_data[i]);
|
|
|
|
|
cp += column_len;
|
|
|
|
|
if (i != cf->cinfo.num_cols - 1)
|
|
|
|
|
*cp++ = ' ';
|
|
|
|
|
}
|
|
|
|
|
*cp = '\0';
|
2004-04-22 17:03:21 +00:00
|
|
|
|
|
|
|
|
print_packet_header(args->print_fh, args->print_args->format, fdata->num, args->line_buf);
|
|
|
|
|
|
|
|
|
|
if (args->print_args->print_summary) {
|
|
|
|
|
print_line(args->print_fh, 0, args->print_args->format, args->line_buf);
|
|
|
|
|
}
|
2004-04-16 18:17:48 +00:00
|
|
|
} /* if (print_summary) */
|
|
|
|
|
|
|
|
|
|
if (args->print_args->print_dissections != print_dissections_none) {
|
2004-04-16 20:20:54 +00:00
|
|
|
if (args->print_args->print_summary) {
|
|
|
|
|
/* Separate the summary line from the tree with a blank line. */
|
|
|
|
|
print_line(args->print_fh, 0, args->print_args->format, "");
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Print the information in that tree. */
|
2004-01-25 00:58:13 +00:00
|
|
|
proto_tree_print(args->print_args, edt, args->print_fh);
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2004-04-16 18:17:48 +00:00
|
|
|
/* Print a blank line if we print anything after this (aka more than one packet). */
|
|
|
|
|
args->print_separator = TRUE;
|
2004-04-16 20:20:54 +00:00
|
|
|
|
|
|
|
|
/* Print a header line if we print any more packet summaries */
|
|
|
|
|
args->print_header_line = TRUE;
|
2004-04-16 18:17:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (args->print_args->print_hex) {
|
|
|
|
|
/* Print the full packet data as hex. */
|
|
|
|
|
print_hex_data(args->print_fh, args->print_args->format, edt);
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2004-04-16 18:17:48 +00:00
|
|
|
/* Print a blank line if we print anything after this (aka more than one packet). */
|
2004-01-09 22:56:59 +00:00
|
|
|
args->print_separator = TRUE;
|
2004-04-16 20:20:54 +00:00
|
|
|
|
|
|
|
|
/* Print a header line if we print any more packet summaries */
|
|
|
|
|
args->print_header_line = TRUE;
|
2004-01-09 22:56:59 +00:00
|
|
|
} /* if (print_summary) */
|
2004-04-16 18:17:48 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
epan_dissect_free(edt);
|
|
|
|
|
|
2004-04-22 17:03:21 +00:00
|
|
|
/* do we want to have a formfeed between each packet from now on? */
|
|
|
|
|
if(args->print_args->print_formfeed) {
|
|
|
|
|
args->print_formfeed = TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-25 00:58:13 +00:00
|
|
|
return !ferror(args->print_fh);
|
2004-01-09 22:56:59 +00:00
|
|
|
}
|
|
|
|
|
|
2004-01-25 00:58:13 +00:00
|
|
|
pp_return_t
|
2004-01-09 22:56:59 +00:00
|
|
|
print_packets(capture_file *cf, print_args_t *print_args)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
print_callback_args_t callback_args;
|
|
|
|
|
gint data_width;
|
|
|
|
|
char *cp;
|
|
|
|
|
int cp_off;
|
|
|
|
|
int column_len;
|
|
|
|
|
int line_len;
|
2004-01-25 00:58:13 +00:00
|
|
|
psp_return_t ret;
|
2000-07-03 08:36:52 +00:00
|
|
|
|
2004-04-25 12:04:08 +00:00
|
|
|
if(print_args->to_file) {
|
|
|
|
|
callback_args.print_fh = open_print_dest(print_args->to_file,
|
|
|
|
|
print_args->file);
|
|
|
|
|
} else {
|
|
|
|
|
callback_args.print_fh = open_print_dest(print_args->to_file,
|
|
|
|
|
print_args->cmd);
|
|
|
|
|
}
|
2004-01-25 00:58:13 +00:00
|
|
|
if (callback_args.print_fh == NULL)
|
|
|
|
|
return PP_OPEN_ERROR; /* attempt to open destination failed */
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2004-04-20 22:34:08 +00:00
|
|
|
print_preamble(callback_args.print_fh, print_args->format, cf->filename);
|
2004-01-25 00:58:13 +00:00
|
|
|
if (ferror(callback_args.print_fh)) {
|
|
|
|
|
close_print_dest(print_args->to_file, callback_args.print_fh);
|
|
|
|
|
return PP_WRITE_ERROR;
|
|
|
|
|
}
|
2004-01-09 22:56:59 +00:00
|
|
|
|
|
|
|
|
callback_args.print_args = print_args;
|
2004-04-16 20:20:54 +00:00
|
|
|
callback_args.print_header_line = TRUE;
|
|
|
|
|
callback_args.header_line_buf = NULL;
|
|
|
|
|
callback_args.header_line_buf_len = 256;
|
2004-04-22 17:03:21 +00:00
|
|
|
callback_args.print_formfeed = FALSE;
|
2004-01-09 22:56:59 +00:00
|
|
|
callback_args.print_separator = FALSE;
|
|
|
|
|
callback_args.line_buf = NULL;
|
|
|
|
|
callback_args.line_buf_len = 256;
|
|
|
|
|
callback_args.col_widths = NULL;
|
2004-04-22 17:03:21 +00:00
|
|
|
if (print_args->print_summary || print_args->format == PR_FMT_PS) {
|
2004-04-16 20:20:54 +00:00
|
|
|
/* We're printing packet summaries. Allocate the header line buffer
|
|
|
|
|
and get the column widths. */
|
|
|
|
|
callback_args.header_line_buf = g_malloc(callback_args.header_line_buf_len + 1);
|
2004-01-09 22:56:59 +00:00
|
|
|
|
|
|
|
|
/* Find the widths for each of the columns - maximum of the
|
2004-04-16 20:20:54 +00:00
|
|
|
width of the title and the width of the data - and construct
|
|
|
|
|
a buffer with a line containing the column titles. */
|
2004-01-09 22:56:59 +00:00
|
|
|
callback_args.col_widths = (gint *) g_malloc(sizeof(gint) * cf->cinfo.num_cols);
|
2004-04-16 20:20:54 +00:00
|
|
|
cp = &callback_args.header_line_buf[0];
|
2004-01-09 22:56:59 +00:00
|
|
|
line_len = 0;
|
|
|
|
|
for (i = 0; i < cf->cinfo.num_cols; i++) {
|
|
|
|
|
/* Don't pad the last column. */
|
|
|
|
|
if (i == cf->cinfo.num_cols - 1)
|
|
|
|
|
callback_args.col_widths[i] = 0;
|
|
|
|
|
else {
|
|
|
|
|
callback_args.col_widths[i] = strlen(cf->cinfo.col_title[i]);
|
|
|
|
|
data_width = get_column_char_width(get_column_format(i));
|
|
|
|
|
if (data_width > callback_args.col_widths[i])
|
|
|
|
|
callback_args.col_widths[i] = data_width;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Find the length of the string for this column. */
|
|
|
|
|
column_len = strlen(cf->cinfo.col_title[i]);
|
|
|
|
|
if (callback_args.col_widths[i] > column_len)
|
|
|
|
|
column_len = callback_args.col_widths[i];
|
|
|
|
|
|
|
|
|
|
/* Make sure there's room in the line buffer for the column; if not,
|
|
|
|
|
double its length. */
|
|
|
|
|
line_len += column_len + 1; /* "+1" for space */
|
2004-04-16 20:20:54 +00:00
|
|
|
if (line_len > callback_args.header_line_buf_len) {
|
|
|
|
|
cp_off = cp - callback_args.header_line_buf;
|
|
|
|
|
callback_args.header_line_buf_len = 2 * line_len;
|
|
|
|
|
callback_args.header_line_buf = g_realloc(callback_args.header_line_buf,
|
|
|
|
|
callback_args.header_line_buf_len + 1);
|
|
|
|
|
cp = callback_args.header_line_buf + cp_off;
|
2004-01-09 22:56:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Right-justify the packet number column. */
|
2004-04-20 22:34:08 +00:00
|
|
|
/* if (cf->cinfo.col_fmt[i] == COL_NUMBER)
|
2004-01-09 22:56:59 +00:00
|
|
|
sprintf(cp, "%*s", callback_args.col_widths[i], cf->cinfo.col_title[i]);
|
2004-04-20 22:34:08 +00:00
|
|
|
else*/
|
2004-01-09 22:56:59 +00:00
|
|
|
sprintf(cp, "%-*s", callback_args.col_widths[i], cf->cinfo.col_title[i]);
|
|
|
|
|
cp += column_len;
|
|
|
|
|
if (i != cf->cinfo.num_cols - 1)
|
|
|
|
|
*cp++ = ' ';
|
|
|
|
|
}
|
|
|
|
|
*cp = '\0';
|
2004-04-16 20:20:54 +00:00
|
|
|
|
|
|
|
|
/* Now start out the main line buffer with the same length as the
|
|
|
|
|
header line buffer. */
|
|
|
|
|
callback_args.line_buf_len = callback_args.header_line_buf_len;
|
|
|
|
|
callback_args.line_buf = g_malloc(callback_args.line_buf_len + 1);
|
2004-01-09 22:56:59 +00:00
|
|
|
} /* if (print_summary) */
|
|
|
|
|
|
|
|
|
|
/* Iterate through the list of packets, printing the packets we were
|
|
|
|
|
told to print. */
|
2004-01-25 00:58:13 +00:00
|
|
|
ret = process_specified_packets(cf, &print_args->range, "Printing",
|
|
|
|
|
"selected packets", print_packet,
|
|
|
|
|
&callback_args);
|
|
|
|
|
|
2004-04-16 20:20:54 +00:00
|
|
|
if (callback_args.header_line_buf != NULL)
|
|
|
|
|
g_free(callback_args.header_line_buf);
|
2004-01-25 00:58:13 +00:00
|
|
|
if (callback_args.line_buf != NULL)
|
|
|
|
|
g_free(callback_args.line_buf);
|
2004-04-16 20:20:54 +00:00
|
|
|
if (callback_args.col_widths != NULL)
|
|
|
|
|
g_free(callback_args.col_widths);
|
2004-01-25 00:58:13 +00:00
|
|
|
|
|
|
|
|
switch (ret) {
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* Well, the user decided to abort the printing.
|
|
|
|
|
|
|
|
|
|
XXX - note that what got generated before they did that
|
2004-01-25 00:58:13 +00:00
|
|
|
will get printed if we're piping to a print program; we'd
|
2004-01-09 22:56:59 +00:00
|
|
|
have to write to a file and then hand that to the print
|
|
|
|
|
program to make it actually not print anything. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_FAILED:
|
2004-01-25 00:58:13 +00:00
|
|
|
/* Error while printing.
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2004-01-25 00:58:13 +00:00
|
|
|
XXX - note that what got generated before they did that
|
|
|
|
|
will get printed if we're piping to a print program; we'd
|
|
|
|
|
have to write to a file and then hand that to the print
|
|
|
|
|
program to make it actually not print anything. */
|
|
|
|
|
close_print_dest(print_args->to_file, callback_args.print_fh);
|
|
|
|
|
return PP_WRITE_ERROR;
|
|
|
|
|
}
|
1999-07-23 21:09:25 +00:00
|
|
|
|
2004-01-25 00:58:13 +00:00
|
|
|
print_finale(callback_args.print_fh, print_args->format);
|
|
|
|
|
if (ferror(callback_args.print_fh)) {
|
|
|
|
|
close_print_dest(print_args->to_file, callback_args.print_fh);
|
|
|
|
|
return PP_WRITE_ERROR;
|
|
|
|
|
}
|
2002-08-28 21:04:11 +00:00
|
|
|
|
2004-01-25 00:58:13 +00:00
|
|
|
close_print_dest(print_args->to_file, callback_args.print_fh);
|
2000-05-18 08:35:01 +00:00
|
|
|
|
2004-01-25 00:58:13 +00:00
|
|
|
return PP_OK;
|
1999-07-23 08:29:24 +00:00
|
|
|
}
|
|
|
|
|
|
1999-06-22 03:39:07 +00:00
|
|
|
/* Scan through the packet list and change all columns that use the
|
|
|
|
|
"command-line-specified" time stamp format to use the current
|
|
|
|
|
value of that format. */
|
|
|
|
|
void
|
|
|
|
|
change_time_formats(capture_file *cf)
|
|
|
|
|
{
|
2000-05-12 22:03:59 +00:00
|
|
|
frame_data *fdata;
|
2002-07-30 10:13:16 +00:00
|
|
|
progdlg_t *progbar = NULL;
|
|
|
|
|
gboolean stop_flag;
|
2002-08-28 10:07:37 +00:00
|
|
|
int count;
|
2002-07-30 10:13:16 +00:00
|
|
|
int row;
|
|
|
|
|
int i;
|
|
|
|
|
float prog_val;
|
|
|
|
|
GTimeVal start_time;
|
2002-08-28 10:07:37 +00:00
|
|
|
gchar status_str[100];
|
2004-01-09 21:38:21 +00:00
|
|
|
int progbar_nextstep;
|
|
|
|
|
int progbar_quantum;
|
2003-12-02 23:14:32 +00:00
|
|
|
int first, last;
|
2003-12-06 04:05:02 +00:00
|
|
|
gboolean sorted_by_frame_column;
|
1999-06-22 03:39:07 +00:00
|
|
|
|
2002-01-03 22:27:44 +00:00
|
|
|
/* Are there any columns with time stamps in the "command-line-specified"
|
|
|
|
|
format?
|
|
|
|
|
|
|
|
|
|
XXX - we have to force the "column is writable" flag on, as it
|
|
|
|
|
might be off from the last frame that was dissected. */
|
|
|
|
|
col_set_writable(&cf->cinfo, TRUE);
|
|
|
|
|
if (!check_col(&cf->cinfo, COL_CLS_TIME)) {
|
|
|
|
|
/* No, there aren't any columns in that format, so we have no work
|
|
|
|
|
to do. */
|
|
|
|
|
return;
|
|
|
|
|
}
|
2003-12-02 23:14:32 +00:00
|
|
|
first = cf->cinfo.col_first[COL_CLS_TIME];
|
|
|
|
|
g_assert(first >= 0);
|
|
|
|
|
last = cf->cinfo.col_last[COL_CLS_TIME];
|
2002-01-03 22:27:44 +00:00
|
|
|
|
1999-06-22 03:39:07 +00:00
|
|
|
/* Freeze the packet list while we redo it, so we don't get any
|
|
|
|
|
screen updates while it happens. */
|
2003-12-09 06:48:40 +00:00
|
|
|
packet_list_freeze();
|
1999-06-22 03:39:07 +00:00
|
|
|
|
2000-07-09 23:22:33 +00:00
|
|
|
/* Update the progress bar when it gets to this value. */
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_nextstep = 0;
|
2000-07-09 23:22:33 +00:00
|
|
|
/* When we reach the value that triggers a progress bar update,
|
|
|
|
|
bump that value by this amount. */
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_quantum = cf->count/N_PROGBAR_UPDATES;
|
2000-07-09 23:22:33 +00:00
|
|
|
/* Count of packets at which we've looked. */
|
|
|
|
|
count = 0;
|
|
|
|
|
|
2003-12-06 04:05:02 +00:00
|
|
|
/* If the rows are currently sorted by the frame column then we know
|
|
|
|
|
* the row number of each packet: it's the row number of the previously
|
|
|
|
|
* displayed packet + 1.
|
|
|
|
|
*
|
|
|
|
|
* Otherwise, if the display is sorted by a different column then we have
|
|
|
|
|
* to use the O(N) packet_list_find_row_from_data() (thus making the job
|
|
|
|
|
* of changing the time display format O(N**2)).
|
|
|
|
|
*
|
|
|
|
|
* (XXX - In fact it's still O(N**2) because gtk_clist_set_text() takes
|
|
|
|
|
* the row number and walks that many elements down the clist to find
|
|
|
|
|
* the appropriate element.)
|
|
|
|
|
*/
|
|
|
|
|
sorted_by_frame_column = FALSE;
|
|
|
|
|
for (i = 0; i < cf->cinfo.num_cols; i++) {
|
|
|
|
|
if (cf->cinfo.col_fmt[i] == COL_NUMBER)
|
|
|
|
|
{
|
|
|
|
|
sorted_by_frame_column = (i == packet_list_get_sort_column());
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2000-07-09 23:22:33 +00:00
|
|
|
stop_flag = FALSE;
|
2002-07-30 10:13:16 +00:00
|
|
|
g_get_current_time(&start_time);
|
2000-07-09 23:22:33 +00:00
|
|
|
|
1999-08-14 03:36:30 +00:00
|
|
|
/* Iterate through the list of packets, checking whether the packet
|
|
|
|
|
is in a row of the summary list and, if so, whether there are
|
|
|
|
|
any columns that show the time in the "command-line-specified"
|
|
|
|
|
format and, if so, update that row. */
|
2003-12-06 04:05:02 +00:00
|
|
|
for (fdata = cf->plist, row = -1; fdata != NULL; fdata = fdata->next) {
|
2000-07-09 23:22:33 +00:00
|
|
|
/* Update the progress bar, but do it only N_PROGBAR_UPDATES times;
|
|
|
|
|
when we update it, we have to run the GTK+ main loop to get it
|
|
|
|
|
to repaint what's pending, and doing so may involve an "ioctl()"
|
|
|
|
|
to see if there's any pending input from an X server, and doing
|
|
|
|
|
that for every packet can be costly, especially on a big file. */
|
2004-01-09 21:38:21 +00:00
|
|
|
if (count >= progbar_nextstep) {
|
2000-07-09 23:22:33 +00:00
|
|
|
/* let's not divide by zero. I should never be started
|
|
|
|
|
* with count == 0, so let's assert that
|
|
|
|
|
*/
|
|
|
|
|
g_assert(cf->count > 0);
|
|
|
|
|
|
2002-07-30 10:13:16 +00:00
|
|
|
prog_val = (gfloat) count / cf->count;
|
|
|
|
|
|
|
|
|
|
if (progbar == NULL)
|
|
|
|
|
/* Create the progress bar if necessary */
|
2004-01-21 22:00:28 +00:00
|
|
|
progbar = delayed_create_progress_dlg("Changing", "time display",
|
2002-07-30 10:13:16 +00:00
|
|
|
&stop_flag, &start_time, prog_val);
|
|
|
|
|
|
2002-08-28 10:07:37 +00:00
|
|
|
if (progbar != NULL) {
|
|
|
|
|
g_snprintf(status_str, sizeof(status_str),
|
2004-01-09 02:57:54 +00:00
|
|
|
"%4u of %u packets", count, cf->count);
|
2002-08-28 10:07:37 +00:00
|
|
|
update_progress_dlg(progbar, prog_val, status_str);
|
|
|
|
|
}
|
2000-07-09 23:22:33 +00:00
|
|
|
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_nextstep += progbar_quantum;
|
2000-07-09 23:22:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (stop_flag) {
|
|
|
|
|
/* Well, the user decided to abort the redisplay. Just stop.
|
|
|
|
|
|
|
|
|
|
XXX - this leaves the time field in the old format in
|
|
|
|
|
frames we haven't yet processed. So it goes; should we
|
|
|
|
|
simply not offer them the option of stopping? */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
count++;
|
|
|
|
|
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
/* Find what row this packet is in. */
|
2003-12-06 04:05:02 +00:00
|
|
|
if (!sorted_by_frame_column) {
|
|
|
|
|
/* This function is O(N), so we try to avoid using it... */
|
|
|
|
|
row = packet_list_find_row_from_data(fdata);
|
|
|
|
|
} else {
|
|
|
|
|
/* ...which we do by maintaining a count of packets that are
|
|
|
|
|
being displayed (i.e., that have passed the display filter),
|
|
|
|
|
and using the current value of that count as the row number
|
|
|
|
|
(which is why we can only do it when the display is sorted
|
|
|
|
|
by the frame number). */
|
|
|
|
|
if (fdata->flags.passed_dfilter)
|
|
|
|
|
row++;
|
|
|
|
|
else
|
|
|
|
|
continue;
|
|
|
|
|
}
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
|
|
|
|
|
if (row != -1) {
|
|
|
|
|
/* This packet is in the summary list, on row "row". */
|
1999-08-14 03:36:30 +00:00
|
|
|
|
2003-12-02 23:14:32 +00:00
|
|
|
for (i = first; i <= last; i++) {
|
2002-01-03 22:27:44 +00:00
|
|
|
if (cf->cinfo.fmt_matx[i][COL_CLS_TIME]) {
|
|
|
|
|
/* This is one of the columns that shows the time in
|
|
|
|
|
"command-line-specified" format; update it. */
|
|
|
|
|
cf->cinfo.col_buf[i][0] = '\0';
|
|
|
|
|
col_set_cls_time(fdata, &cf->cinfo, i);
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_set_text(row, i, cf->cinfo.col_data[i]);
|
1999-08-10 04:13:37 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
1999-06-22 03:39:07 +00:00
|
|
|
|
2002-07-30 10:13:16 +00:00
|
|
|
/* We're done redisplaying the packets; destroy the progress bar if it
|
|
|
|
|
was created. */
|
|
|
|
|
if (progbar != NULL)
|
|
|
|
|
destroy_progress_dlg(progbar);
|
2000-07-09 23:22:33 +00:00
|
|
|
|
1999-06-22 03:39:07 +00:00
|
|
|
/* Set the column widths of those columns that show the time in
|
|
|
|
|
"command-line-specified" format. */
|
2003-12-02 23:14:32 +00:00
|
|
|
for (i = first; i <= last; i++) {
|
1999-06-22 03:39:07 +00:00
|
|
|
if (cf->cinfo.fmt_matx[i][COL_CLS_TIME]) {
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_set_cls_time_width(i);
|
1999-06-22 03:39:07 +00:00
|
|
|
}
|
|
|
|
|
}
|
1999-06-19 03:14:32 +00:00
|
|
|
|
1999-06-19 01:14:51 +00:00
|
|
|
/* Unfreeze the packet list. */
|
2003-12-09 06:48:40 +00:00
|
|
|
packet_list_thaw();
|
1998-09-16 02:39:15 +00:00
|
|
|
}
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
typedef struct {
|
|
|
|
|
const char *string;
|
|
|
|
|
size_t string_len;
|
|
|
|
|
capture_file *cf;
|
|
|
|
|
gboolean frame_matched;
|
|
|
|
|
} match_data;
|
2003-07-22 23:08:48 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
gboolean
|
|
|
|
|
find_packet_protocol_tree(capture_file *cf, const char *string)
|
2003-08-11 22:41:10 +00:00
|
|
|
{
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
match_data mdata;
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
mdata.string = string;
|
|
|
|
|
mdata.string_len = strlen(string);
|
|
|
|
|
return find_packet(cf, match_protocol_tree, &mdata);
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean
|
|
|
|
|
match_protocol_tree(capture_file *cf, frame_data *fdata, void *criterion)
|
2003-08-11 22:41:10 +00:00
|
|
|
{
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
match_data *mdata = criterion;
|
|
|
|
|
epan_dissect_t *edt;
|
|
|
|
|
|
|
|
|
|
/* Construct the protocol tree, including the displayed text */
|
|
|
|
|
edt = epan_dissect_new(TRUE, TRUE);
|
|
|
|
|
/* We don't need the column information */
|
|
|
|
|
epan_dissect_run(edt, &cf->pseudo_header, cf->pd, fdata, NULL);
|
|
|
|
|
|
|
|
|
|
/* Iterate through all the nodes, seeing if they have text that matches. */
|
|
|
|
|
mdata->cf = cf;
|
|
|
|
|
mdata->frame_matched = FALSE;
|
2003-12-04 10:59:34 +00:00
|
|
|
proto_tree_children_foreach(edt->tree, match_subtree_text, mdata);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
epan_dissect_free(edt);
|
|
|
|
|
return mdata->frame_matched;
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static void
|
2003-12-04 10:59:34 +00:00
|
|
|
match_subtree_text(proto_node *node, gpointer data)
|
2003-08-11 22:41:10 +00:00
|
|
|
{
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
match_data *mdata = (match_data*) data;
|
|
|
|
|
const gchar *string = mdata->string;
|
|
|
|
|
size_t string_len = mdata->string_len;
|
|
|
|
|
capture_file *cf = mdata->cf;
|
|
|
|
|
field_info *fi = PITEM_FINFO(node);
|
|
|
|
|
gchar label_str[ITEM_LABEL_LENGTH];
|
|
|
|
|
gchar *label_ptr;
|
|
|
|
|
size_t label_len;
|
|
|
|
|
guint32 i;
|
|
|
|
|
guint8 c_char;
|
|
|
|
|
size_t c_match = 0;
|
|
|
|
|
|
|
|
|
|
if (mdata->frame_matched) {
|
|
|
|
|
/* We already had a match; don't bother doing any more work. */
|
|
|
|
|
return;
|
|
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* Don't match invisible entries. */
|
2004-05-01 15:15:08 +00:00
|
|
|
if (PROTO_ITEM_IS_HIDDEN(node))
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
return;
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* was a free format label produced? */
|
2003-11-25 14:07:45 +00:00
|
|
|
if (fi->rep) {
|
|
|
|
|
label_ptr = fi->rep->representation;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
} else {
|
|
|
|
|
/* no, make a generic label */
|
|
|
|
|
label_ptr = label_str;
|
|
|
|
|
proto_item_fill_label(fi, label_str);
|
|
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* Does that label match? */
|
|
|
|
|
label_len = strlen(label_ptr);
|
|
|
|
|
for (i = 0; i < label_len; i++) {
|
|
|
|
|
c_char = label_ptr[i];
|
|
|
|
|
if (cf->case_type)
|
|
|
|
|
c_char = toupper(c_char);
|
|
|
|
|
if (c_char == string[c_match]) {
|
|
|
|
|
c_match++;
|
|
|
|
|
if (c_match == string_len) {
|
|
|
|
|
/* No need to look further; we have a match */
|
|
|
|
|
mdata->frame_matched = TRUE;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
} else
|
|
|
|
|
c_match = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Recurse into the subtree, if it exists */
|
2003-12-04 10:59:34 +00:00
|
|
|
if (node->first_child != NULL)
|
|
|
|
|
proto_tree_children_foreach(node, match_subtree_text, mdata);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
gboolean
|
|
|
|
|
find_packet_summary_line(capture_file *cf, const char *string)
|
|
|
|
|
{
|
|
|
|
|
match_data mdata;
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
mdata.string = string;
|
|
|
|
|
mdata.string_len = strlen(string);
|
|
|
|
|
return find_packet(cf, match_summary_line, &mdata);
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean
|
|
|
|
|
match_summary_line(capture_file *cf, frame_data *fdata, void *criterion)
|
2003-08-11 22:41:10 +00:00
|
|
|
{
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
match_data *mdata = criterion;
|
|
|
|
|
const gchar *string = mdata->string;
|
|
|
|
|
size_t string_len = mdata->string_len;
|
|
|
|
|
epan_dissect_t *edt;
|
|
|
|
|
const char *info_column;
|
|
|
|
|
size_t info_column_len;
|
|
|
|
|
gboolean frame_matched = FALSE;
|
|
|
|
|
gint colx;
|
|
|
|
|
guint32 i;
|
|
|
|
|
guint8 c_char;
|
|
|
|
|
size_t c_match = 0;
|
|
|
|
|
|
|
|
|
|
/* Don't bother constructing the protocol tree */
|
|
|
|
|
edt = epan_dissect_new(FALSE, FALSE);
|
|
|
|
|
/* Get the column information */
|
|
|
|
|
epan_dissect_run(edt, &cf->pseudo_header, cf->pd, fdata, &cf->cinfo);
|
|
|
|
|
|
|
|
|
|
/* Find the Info column */
|
|
|
|
|
for (colx = 0; colx < cf->cinfo.num_cols; colx++) {
|
|
|
|
|
if (cf->cinfo.fmt_matx[colx][COL_INFO]) {
|
|
|
|
|
/* Found it. See if we match. */
|
|
|
|
|
info_column = edt->pi.cinfo->col_data[colx];
|
|
|
|
|
info_column_len = strlen(info_column);
|
|
|
|
|
for (i = 0; i < info_column_len; i++) {
|
|
|
|
|
c_char = info_column[i];
|
|
|
|
|
if (cf->case_type)
|
|
|
|
|
c_char = toupper(c_char);
|
|
|
|
|
if (c_char == string[c_match]) {
|
|
|
|
|
c_match++;
|
|
|
|
|
if (c_match == string_len) {
|
|
|
|
|
frame_matched = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
} else
|
|
|
|
|
c_match = 0;
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
epan_dissect_free(edt);
|
|
|
|
|
return frame_matched;
|
|
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
typedef struct {
|
|
|
|
|
const guint8 *data;
|
|
|
|
|
size_t data_len;
|
|
|
|
|
} cbs_t; /* "Counted byte string" */
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
gboolean
|
|
|
|
|
find_packet_data(capture_file *cf, const guint8 *string, size_t string_size)
|
|
|
|
|
{
|
|
|
|
|
cbs_t info;
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
info.data = string;
|
|
|
|
|
info.data_len = string_size;
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* String or hex search? */
|
2004-04-15 23:28:11 +00:00
|
|
|
if (cf->string) {
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* String search - what type of string? */
|
|
|
|
|
switch (cf->scs_type) {
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
case SCS_ASCII_AND_UNICODE:
|
|
|
|
|
return find_packet(cf, match_ascii_and_unicode, &info);
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
case SCS_ASCII:
|
|
|
|
|
return find_packet(cf, match_ascii, &info);
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
case SCS_UNICODE:
|
|
|
|
|
return find_packet(cf, match_unicode, &info);
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
default:
|
|
|
|
|
g_assert_not_reached();
|
|
|
|
|
return FALSE;
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
} else
|
|
|
|
|
return find_packet(cf, match_binary, &info);
|
|
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean
|
|
|
|
|
match_ascii_and_unicode(capture_file *cf, frame_data *fdata, void *criterion)
|
|
|
|
|
{
|
|
|
|
|
cbs_t *info = criterion;
|
|
|
|
|
const char *ascii_text = info->data;
|
|
|
|
|
size_t textlen = info->data_len;
|
|
|
|
|
gboolean frame_matched;
|
|
|
|
|
guint32 buf_len;
|
|
|
|
|
guint32 i;
|
|
|
|
|
guint8 c_char;
|
|
|
|
|
size_t c_match = 0;
|
|
|
|
|
|
|
|
|
|
frame_matched = FALSE;
|
|
|
|
|
buf_len = fdata->pkt_len;
|
|
|
|
|
for (i = 0; i < buf_len; i++) {
|
|
|
|
|
c_char = cf->pd[i];
|
|
|
|
|
if (cf->case_type)
|
|
|
|
|
c_char = toupper(c_char);
|
|
|
|
|
if (c_char != 0) {
|
|
|
|
|
if (c_char == ascii_text[c_match]) {
|
|
|
|
|
c_match++;
|
|
|
|
|
if (c_match == textlen) {
|
|
|
|
|
frame_matched = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
} else
|
|
|
|
|
c_match = 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return frame_matched;
|
|
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean
|
|
|
|
|
match_ascii(capture_file *cf, frame_data *fdata, void *criterion)
|
|
|
|
|
{
|
|
|
|
|
cbs_t *info = criterion;
|
|
|
|
|
const char *ascii_text = info->data;
|
|
|
|
|
size_t textlen = info->data_len;
|
|
|
|
|
gboolean frame_matched;
|
|
|
|
|
guint32 buf_len;
|
|
|
|
|
guint32 i;
|
|
|
|
|
guint8 c_char;
|
|
|
|
|
size_t c_match = 0;
|
|
|
|
|
|
|
|
|
|
frame_matched = FALSE;
|
|
|
|
|
buf_len = fdata->pkt_len;
|
|
|
|
|
for (i = 0; i < buf_len; i++) {
|
|
|
|
|
c_char = cf->pd[i];
|
|
|
|
|
if (cf->case_type)
|
|
|
|
|
c_char = toupper(c_char);
|
|
|
|
|
if (c_char == ascii_text[c_match]) {
|
|
|
|
|
c_match++;
|
|
|
|
|
if (c_match == textlen) {
|
|
|
|
|
frame_matched = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
} else
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
c_match = 0;
|
|
|
|
|
}
|
|
|
|
|
return frame_matched;
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean
|
|
|
|
|
match_unicode(capture_file *cf, frame_data *fdata, void *criterion)
|
2003-07-22 23:08:48 +00:00
|
|
|
{
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
cbs_t *info = criterion;
|
|
|
|
|
const char *ascii_text = info->data;
|
|
|
|
|
size_t textlen = info->data_len;
|
|
|
|
|
gboolean frame_matched;
|
|
|
|
|
guint32 buf_len;
|
|
|
|
|
guint32 i;
|
|
|
|
|
guint8 c_char;
|
|
|
|
|
size_t c_match = 0;
|
|
|
|
|
|
|
|
|
|
frame_matched = FALSE;
|
|
|
|
|
buf_len = fdata->pkt_len;
|
|
|
|
|
for (i = 0; i < buf_len; i++) {
|
|
|
|
|
c_char = cf->pd[i];
|
|
|
|
|
if (cf->case_type)
|
|
|
|
|
c_char = toupper(c_char);
|
|
|
|
|
if (c_char == ascii_text[c_match]) {
|
|
|
|
|
c_match++;
|
|
|
|
|
i++;
|
|
|
|
|
if (c_match == textlen) {
|
|
|
|
|
frame_matched = TRUE;
|
|
|
|
|
break;
|
2003-08-05 00:01:27 +00:00
|
|
|
}
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
} else
|
|
|
|
|
c_match = 0;
|
|
|
|
|
}
|
|
|
|
|
return frame_matched;
|
|
|
|
|
}
|
2003-08-05 00:01:27 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean
|
|
|
|
|
match_binary(capture_file *cf, frame_data *fdata, void *criterion)
|
|
|
|
|
{
|
|
|
|
|
cbs_t *info = criterion;
|
|
|
|
|
const guint8 *binary_data = info->data;
|
|
|
|
|
size_t datalen = info->data_len;
|
|
|
|
|
gboolean frame_matched;
|
|
|
|
|
guint32 buf_len;
|
|
|
|
|
guint32 i;
|
|
|
|
|
size_t c_match = 0;
|
|
|
|
|
|
|
|
|
|
frame_matched = FALSE;
|
|
|
|
|
buf_len = fdata->pkt_len;
|
|
|
|
|
for (i = 0; i < buf_len; i++) {
|
|
|
|
|
if (cf->pd[i] == binary_data[c_match]) {
|
|
|
|
|
c_match++;
|
|
|
|
|
if (c_match == datalen) {
|
|
|
|
|
frame_matched = TRUE;
|
|
|
|
|
break;
|
2003-07-22 23:08:48 +00:00
|
|
|
}
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
} else
|
|
|
|
|
c_match = 0;
|
|
|
|
|
}
|
|
|
|
|
return frame_matched;
|
|
|
|
|
}
|
2003-07-22 23:08:48 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
gboolean
|
|
|
|
|
find_packet_dfilter(capture_file *cf, dfilter_t *sfcode)
|
|
|
|
|
{
|
|
|
|
|
return find_packet(cf, match_dfilter, sfcode);
|
|
|
|
|
}
|
2003-07-22 23:08:48 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean
|
|
|
|
|
match_dfilter(capture_file *cf, frame_data *fdata, void *criterion)
|
|
|
|
|
{
|
|
|
|
|
dfilter_t *sfcode = criterion;
|
|
|
|
|
epan_dissect_t *edt;
|
|
|
|
|
gboolean frame_matched;
|
2003-07-22 23:08:48 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
edt = epan_dissect_new(TRUE, FALSE);
|
|
|
|
|
epan_dissect_prime_dfilter(edt, sfcode);
|
|
|
|
|
epan_dissect_run(edt, &cf->pseudo_header, cf->pd, fdata, NULL);
|
|
|
|
|
frame_matched = dfilter_apply_edt(sfcode, edt);
|
|
|
|
|
epan_dissect_free(edt);
|
|
|
|
|
return frame_matched;
|
2003-07-22 23:08:48 +00:00
|
|
|
}
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean
|
|
|
|
|
find_packet(capture_file *cf,
|
|
|
|
|
gboolean (*match_function)(capture_file *, frame_data *, void *),
|
|
|
|
|
void *criterion)
|
1999-11-06 06:28:07 +00:00
|
|
|
{
|
|
|
|
|
frame_data *start_fd;
|
2000-05-12 22:03:59 +00:00
|
|
|
frame_data *fdata;
|
1999-11-06 06:28:07 +00:00
|
|
|
frame_data *new_fd = NULL;
|
2002-07-30 10:13:16 +00:00
|
|
|
progdlg_t *progbar = NULL;
|
|
|
|
|
gboolean stop_flag;
|
2002-08-28 10:07:37 +00:00
|
|
|
int count;
|
2002-07-30 10:13:16 +00:00
|
|
|
int err;
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
gchar *err_info;
|
2002-07-30 10:13:16 +00:00
|
|
|
int row;
|
|
|
|
|
float prog_val;
|
|
|
|
|
GTimeVal start_time;
|
2002-08-28 10:07:37 +00:00
|
|
|
gchar status_str[100];
|
2004-01-09 21:38:21 +00:00
|
|
|
int progbar_nextstep;
|
|
|
|
|
int progbar_quantum;
|
1999-11-06 06:28:07 +00:00
|
|
|
|
|
|
|
|
start_fd = cf->current_frame;
|
|
|
|
|
if (start_fd != NULL) {
|
|
|
|
|
/* Iterate through the list of packets, starting at the packet we've
|
|
|
|
|
picked, calling a routine to run the filter on the packet, see if
|
|
|
|
|
it matches, and stop if so. */
|
|
|
|
|
count = 0;
|
2000-05-12 22:03:59 +00:00
|
|
|
fdata = start_fd;
|
1999-11-06 06:28:07 +00:00
|
|
|
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_nextstep = 0;
|
1999-11-06 06:28:07 +00:00
|
|
|
/* When we reach the value that triggers a progress bar update,
|
2000-01-08 23:49:33 +00:00
|
|
|
bump that value by this amount. */
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_quantum = cf->count/N_PROGBAR_UPDATES;
|
2000-07-03 08:36:52 +00:00
|
|
|
|
|
|
|
|
stop_flag = FALSE;
|
2002-07-30 10:13:16 +00:00
|
|
|
g_get_current_time(&start_time);
|
1999-11-06 06:28:07 +00:00
|
|
|
|
2000-05-12 22:03:59 +00:00
|
|
|
fdata = start_fd;
|
1999-11-06 06:28:07 +00:00
|
|
|
for (;;) {
|
|
|
|
|
/* Update the progress bar, but do it only N_PROGBAR_UPDATES times;
|
|
|
|
|
when we update it, we have to run the GTK+ main loop to get it
|
|
|
|
|
to repaint what's pending, and doing so may involve an "ioctl()"
|
|
|
|
|
to see if there's any pending input from an X server, and doing
|
|
|
|
|
that for every packet can be costly, especially on a big file. */
|
2004-01-09 21:38:21 +00:00
|
|
|
if (count >= progbar_nextstep) {
|
1999-11-06 06:28:07 +00:00
|
|
|
/* let's not divide by zero. I should never be started
|
|
|
|
|
* with count == 0, so let's assert that
|
|
|
|
|
*/
|
|
|
|
|
g_assert(cf->count > 0);
|
|
|
|
|
|
2002-07-30 10:13:16 +00:00
|
|
|
prog_val = (gfloat) count / cf->count;
|
|
|
|
|
|
|
|
|
|
/* Create the progress bar if necessary */
|
2002-05-03 21:55:15 +00:00
|
|
|
if (progbar == NULL)
|
2004-01-21 22:00:28 +00:00
|
|
|
progbar = delayed_create_progress_dlg("Searching", cf->sfilter,
|
2002-07-30 10:13:16 +00:00
|
|
|
&stop_flag, &start_time, prog_val);
|
2002-08-28 21:04:11 +00:00
|
|
|
|
2002-08-28 10:07:37 +00:00
|
|
|
if (progbar != NULL) {
|
|
|
|
|
g_snprintf(status_str, sizeof(status_str),
|
2004-01-09 02:57:54 +00:00
|
|
|
"%4u of %u packets", count, cf->count);
|
2002-08-28 10:07:37 +00:00
|
|
|
update_progress_dlg(progbar, prog_val, status_str);
|
|
|
|
|
}
|
1999-11-06 06:28:07 +00:00
|
|
|
|
2004-01-09 21:38:21 +00:00
|
|
|
progbar_nextstep += progbar_quantum;
|
2000-07-03 08:36:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (stop_flag) {
|
|
|
|
|
/* Well, the user decided to abort the search. Go back to the
|
|
|
|
|
frame where we started. */
|
|
|
|
|
new_fd = start_fd;
|
|
|
|
|
break;
|
1999-11-06 06:28:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Go past the current frame. */
|
|
|
|
|
if (cf->sbackward) {
|
|
|
|
|
/* Go on to the previous frame. */
|
2000-05-12 22:03:59 +00:00
|
|
|
fdata = fdata->prev;
|
2004-02-22 22:22:47 +00:00
|
|
|
if (fdata == NULL) {
|
|
|
|
|
/*
|
|
|
|
|
* XXX - other apps have a bit more of a detailed message
|
|
|
|
|
* for this, and instead of offering "OK" and "Cancel",
|
|
|
|
|
* they offer things such as "Continue" and "Cancel";
|
|
|
|
|
* we need an API for popping up alert boxes with
|
|
|
|
|
* {Verb} and "Cancel".
|
|
|
|
|
*/
|
2004-02-28 22:04:28 +00:00
|
|
|
simple_dialog(ESD_TYPE_INFO, ESD_BTN_OK,
|
|
|
|
|
"%sBeginning of capture exceeded!%s\n\n"
|
|
|
|
|
"Search is continued from the end of the capture.",
|
|
|
|
|
simple_dialog_primary_start(), simple_dialog_primary_end());
|
2000-05-12 22:03:59 +00:00
|
|
|
fdata = cf->plist_end; /* wrap around */
|
2004-02-22 22:22:47 +00:00
|
|
|
}
|
1999-11-06 06:28:07 +00:00
|
|
|
} else {
|
|
|
|
|
/* Go on to the next frame. */
|
2000-05-12 22:03:59 +00:00
|
|
|
fdata = fdata->next;
|
2004-02-22 22:22:47 +00:00
|
|
|
if (fdata == NULL) {
|
2004-02-28 22:04:28 +00:00
|
|
|
simple_dialog(ESD_TYPE_INFO, ESD_BTN_OK,
|
|
|
|
|
"%sEnd of capture exceeded!%s\n\n"
|
|
|
|
|
"Search is continued from the start of the capture.",
|
|
|
|
|
simple_dialog_primary_start(), simple_dialog_primary_end());
|
2000-05-12 22:03:59 +00:00
|
|
|
fdata = cf->plist; /* wrap around */
|
2004-02-22 22:22:47 +00:00
|
|
|
}
|
1999-11-06 06:28:07 +00:00
|
|
|
}
|
|
|
|
|
|
2000-01-08 23:49:33 +00:00
|
|
|
count++;
|
|
|
|
|
|
1999-11-06 06:28:07 +00:00
|
|
|
/* Is this packet in the display? */
|
2000-05-12 22:03:59 +00:00
|
|
|
if (fdata->flags.passed_dfilter) {
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* Yes. Load its data. */
|
2003-09-03 23:15:40 +00:00
|
|
|
if (!wtap_seek_read(cf->wth, fdata->file_off, &cf->pseudo_header,
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
cf->pd, fdata->cap_len, &err, &err_info)) {
|
2003-09-03 23:40:06 +00:00
|
|
|
/* Read error. Report the error, and go back to the frame
|
|
|
|
|
where we started. */
|
2004-01-31 03:22:42 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
cf_read_error_message(err, err_info), cf->filename);
|
2003-09-03 23:40:06 +00:00
|
|
|
new_fd = start_fd;
|
2003-09-03 23:15:40 +00:00
|
|
|
break;
|
|
|
|
|
}
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
|
|
|
|
|
/* Does it match the search criterion? */
|
|
|
|
|
if ((*match_function)(cf, fdata, criterion)) {
|
2000-05-12 22:03:59 +00:00
|
|
|
new_fd = fdata;
|
1999-11-06 06:28:07 +00:00
|
|
|
break; /* found it! */
|
|
|
|
|
}
|
|
|
|
|
}
|
2000-04-07 08:00:34 +00:00
|
|
|
|
2000-05-12 22:03:59 +00:00
|
|
|
if (fdata == start_fd) {
|
2000-04-07 08:00:34 +00:00
|
|
|
/* We're back to the frame we were on originally, and that frame
|
|
|
|
|
doesn't match the search filter. The search failed. */
|
|
|
|
|
break;
|
|
|
|
|
}
|
1999-11-06 06:28:07 +00:00
|
|
|
}
|
|
|
|
|
|
2002-07-30 10:13:16 +00:00
|
|
|
/* We're done scanning the packets; destroy the progress bar if it
|
|
|
|
|
was created. */
|
2002-05-03 21:55:15 +00:00
|
|
|
if (progbar != NULL)
|
|
|
|
|
destroy_progress_dlg(progbar);
|
1999-11-06 06:28:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (new_fd != NULL) {
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
/* We found a frame. Find what row it's in. */
|
2002-09-21 11:36:30 +00:00
|
|
|
row = packet_list_find_row_from_data(new_fd);
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
g_assert(row != -1);
|
|
|
|
|
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
/* Select that row, make it the focus row, and make it visible. */
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_set_selected_row(row);
|
1999-11-06 06:54:24 +00:00
|
|
|
return TRUE; /* success */
|
|
|
|
|
} else
|
|
|
|
|
return FALSE; /* failure */
|
1999-11-06 06:28:07 +00:00
|
|
|
}
|
1999-08-15 07:28:23 +00:00
|
|
|
|
2003-03-02 22:07:25 +00:00
|
|
|
gboolean
|
1999-11-08 01:03:40 +00:00
|
|
|
goto_frame(capture_file *cf, guint fnumber)
|
|
|
|
|
{
|
2000-05-12 22:03:59 +00:00
|
|
|
frame_data *fdata;
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
int row;
|
1999-11-08 01:03:40 +00:00
|
|
|
|
2000-05-12 22:03:59 +00:00
|
|
|
for (fdata = cf->plist; fdata != NULL && fdata->num < fnumber; fdata = fdata->next)
|
1999-11-08 01:03:40 +00:00
|
|
|
;
|
|
|
|
|
|
2003-03-02 22:07:25 +00:00
|
|
|
if (fdata == NULL) {
|
2004-01-09 02:57:54 +00:00
|
|
|
/* we didn't find a packet with that packet number */
|
2004-01-31 03:22:42 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
2004-01-09 02:57:54 +00:00
|
|
|
"There is no packet with that packet number.");
|
|
|
|
|
return FALSE; /* we failed to go to that packet */
|
2003-03-02 22:07:25 +00:00
|
|
|
}
|
|
|
|
|
if (!fdata->flags.passed_dfilter) {
|
2004-01-09 02:57:54 +00:00
|
|
|
/* that packet currently isn't displayed */
|
|
|
|
|
/* XXX - add it to the set of displayed packets? */
|
2004-01-31 03:22:42 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
2004-01-09 02:57:54 +00:00
|
|
|
"That packet is not currently being displayed.");
|
|
|
|
|
return FALSE; /* we failed to go to that packet */
|
2003-03-02 22:07:25 +00:00
|
|
|
}
|
1999-11-30 07:27:37 +00:00
|
|
|
|
2004-01-09 02:57:54 +00:00
|
|
|
/* We found that packet, and it's currently being displayed.
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
Find what row it's in. */
|
2002-09-21 11:36:30 +00:00
|
|
|
row = packet_list_find_row_from_data(fdata);
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
g_assert(row != -1);
|
|
|
|
|
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
/* Select that row, make it the focus row, and make it visible. */
|
2002-09-21 11:36:30 +00:00
|
|
|
packet_list_set_selected_row(row);
|
2004-01-20 18:47:25 +00:00
|
|
|
return TRUE; /* we got to that packet */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
gboolean
|
|
|
|
|
goto_top_frame(capture_file *cf)
|
|
|
|
|
{
|
|
|
|
|
frame_data *fdata;
|
|
|
|
|
int row;
|
|
|
|
|
frame_data *lowest_fdata = NULL;
|
|
|
|
|
|
|
|
|
|
for (fdata = cf->plist; fdata != NULL; fdata = fdata->next) {
|
|
|
|
|
if (fdata->flags.passed_dfilter) {
|
|
|
|
|
lowest_fdata = fdata;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (lowest_fdata == NULL) {
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* We found that packet, and it's currently being displayed.
|
|
|
|
|
Find what row it's in. */
|
|
|
|
|
row = packet_list_find_row_from_data(lowest_fdata);
|
|
|
|
|
g_assert(row != -1);
|
|
|
|
|
|
|
|
|
|
/* Select that row, make it the focus row, and make it visible. */
|
|
|
|
|
packet_list_set_selected_row(row);
|
|
|
|
|
return TRUE; /* we got to that packet */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
gboolean
|
|
|
|
|
goto_bottom_frame(capture_file *cf)
|
|
|
|
|
{
|
|
|
|
|
frame_data *fdata;
|
|
|
|
|
int row;
|
|
|
|
|
frame_data *highest_fdata = NULL;
|
|
|
|
|
|
|
|
|
|
for (fdata = cf->plist; fdata != NULL; fdata = fdata->next) {
|
|
|
|
|
if (fdata->flags.passed_dfilter) {
|
|
|
|
|
highest_fdata = fdata;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (highest_fdata == NULL) {
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* We found that packet, and it's currently being displayed.
|
|
|
|
|
Find what row it's in. */
|
|
|
|
|
row = packet_list_find_row_from_data(highest_fdata);
|
|
|
|
|
g_assert(row != -1);
|
|
|
|
|
|
|
|
|
|
/* Select that row, make it the focus row, and make it visible. */
|
|
|
|
|
packet_list_set_selected_row(row);
|
2004-01-09 02:57:54 +00:00
|
|
|
return TRUE; /* we got to that packet */
|
1999-11-08 01:03:40 +00:00
|
|
|
}
|
|
|
|
|
|
1999-07-24 03:22:50 +00:00
|
|
|
/* Select the packet on a given row. */
|
|
|
|
|
void
|
|
|
|
|
select_packet(capture_file *cf, int row)
|
|
|
|
|
{
|
2000-05-12 22:03:59 +00:00
|
|
|
frame_data *fdata;
|
2002-03-05 05:58:41 +00:00
|
|
|
int err;
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
gchar *err_info;
|
2000-01-03 22:53:34 +00:00
|
|
|
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
/* Get the frame data struct pointer for this frame */
|
2002-09-21 11:36:30 +00:00
|
|
|
fdata = (frame_data *)packet_list_get_row_data(row);
|
1999-10-05 04:34:00 +00:00
|
|
|
|
2000-05-12 22:03:59 +00:00
|
|
|
if (fdata == NULL) {
|
2000-03-12 03:13:58 +00:00
|
|
|
/* XXX - if a GtkCList's selection mode is GTK_SELECTION_BROWSE, when
|
|
|
|
|
the first entry is added to it by "real_insert_row()", that row
|
|
|
|
|
is selected (see "real_insert_row()", in "gtk/gtkclist.c", in both
|
|
|
|
|
our version and the vanilla GTK+ version).
|
|
|
|
|
|
|
|
|
|
This means that a "select-row" signal is emitted; this causes
|
|
|
|
|
"packet_list_select_cb()" to be called, which causes "select_packet()"
|
|
|
|
|
to be called.
|
|
|
|
|
|
|
|
|
|
"select_packet()" fetches, above, the data associated with the
|
|
|
|
|
row that was selected; however, as "gtk_clist_append()", which
|
|
|
|
|
called "real_insert_row()", hasn't yet returned, we haven't yet
|
|
|
|
|
associated any data with that row, so we get back a null pointer.
|
|
|
|
|
|
|
|
|
|
We can't assume that there's only one frame in the frame list,
|
|
|
|
|
either, as we may be filtering the display.
|
|
|
|
|
|
|
|
|
|
We therefore assume that, if "row" is 0, i.e. the first row
|
|
|
|
|
is being selected, and "cf->first_displayed" equals
|
|
|
|
|
"cf->last_displayed", i.e. there's only one frame being
|
|
|
|
|
displayed, that frame is the frame we want.
|
|
|
|
|
|
|
|
|
|
This means we have to set "cf->first_displayed" and
|
|
|
|
|
"cf->last_displayed" before adding the row to the
|
|
|
|
|
GtkCList; see the comment in "add_packet_to_packet_list()". */
|
|
|
|
|
|
|
|
|
|
if (row == 0 && cf->first_displayed == cf->last_displayed)
|
2000-05-12 22:03:59 +00:00
|
|
|
fdata = cf->first_displayed;
|
2000-03-12 03:13:58 +00:00
|
|
|
}
|
|
|
|
|
|
2003-09-03 23:15:40 +00:00
|
|
|
/* Get the data in that frame. */
|
|
|
|
|
if (!wtap_seek_read (cf->wth, fdata->file_off, &cf->pseudo_header,
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
cf->pd, fdata->cap_len, &err, &err_info)) {
|
2004-01-31 03:22:42 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
cf_read_error_message(err, err_info), cf->filename);
|
2003-09-03 23:15:40 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
/* Record that this frame is the current frame. */
|
2000-05-12 22:03:59 +00:00
|
|
|
cf->current_frame = fdata;
|
1999-07-24 03:22:50 +00:00
|
|
|
|
|
|
|
|
/* Create the logical protocol tree. */
|
2001-05-27 21:33:16 +00:00
|
|
|
if (cf->edt != NULL) {
|
|
|
|
|
epan_dissect_free(cf->edt);
|
|
|
|
|
cf->edt = NULL;
|
|
|
|
|
}
|
2001-12-10 03:25:58 +00:00
|
|
|
/* We don't need the columns here. */
|
2001-12-18 19:09:08 +00:00
|
|
|
cf->edt = epan_dissect_new(TRUE, TRUE);
|
|
|
|
|
epan_dissect_run(cf->edt, &cf->pseudo_header, cf->pd, cf->current_frame,
|
|
|
|
|
NULL);
|
1999-07-24 03:22:50 +00:00
|
|
|
|
2001-11-20 10:37:16 +00:00
|
|
|
/* Display the GUI protocol tree and hex dump.
|
2002-02-19 03:43:43 +00:00
|
|
|
XXX - why do we dump core if we call "proto_tree_draw()"
|
|
|
|
|
before calling "add_byte_views()"? */
|
2002-09-21 11:36:30 +00:00
|
|
|
add_main_byte_views(cf->edt);
|
|
|
|
|
main_proto_tree_draw(cf->edt->tree);
|
2001-03-23 14:44:04 +00:00
|
|
|
|
2000-01-03 03:57:04 +00:00
|
|
|
/* A packet is selected. */
|
2003-09-24 02:36:35 +00:00
|
|
|
set_menus_for_selected_packet(cf);
|
1999-07-24 03:22:50 +00:00
|
|
|
}
|
|
|
|
|
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
/* Unselect the selected packet, if any. */
|
|
|
|
|
void
|
|
|
|
|
unselect_packet(capture_file *cf)
|
|
|
|
|
{
|
2001-12-06 04:25:09 +00:00
|
|
|
/* Destroy the epan_dissect_t for the unselected packet. */
|
2001-05-27 21:33:16 +00:00
|
|
|
if (cf->edt != NULL) {
|
2000-10-06 10:11:40 +00:00
|
|
|
epan_dissect_free(cf->edt);
|
2001-05-27 21:33:16 +00:00
|
|
|
cf->edt = NULL;
|
1999-07-24 03:22:50 +00:00
|
|
|
}
|
|
|
|
|
|
1999-08-05 00:23:07 +00:00
|
|
|
/* Clear out the display of that packet. */
|
|
|
|
|
clear_tree_and_hex_views();
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
|
2000-01-03 03:57:04 +00:00
|
|
|
/* No packet is selected. */
|
2003-09-24 02:36:35 +00:00
|
|
|
cf->current_frame = NULL;
|
|
|
|
|
set_menus_for_selected_packet(cf);
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
|
|
|
|
|
/* No protocol tree means no selected field. */
|
2003-09-24 00:47:37 +00:00
|
|
|
unselect_field(cf);
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
}
|
|
|
|
|
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
/* Unset the selected protocol tree field, if any. */
|
|
|
|
|
void
|
2003-09-24 00:47:37 +00:00
|
|
|
unselect_field(capture_file *cf)
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
{
|
|
|
|
|
statusbar_pop_field_msg();
|
2003-09-24 00:47:37 +00:00
|
|
|
cf->finfo_selected = NULL;
|
2003-09-24 02:36:35 +00:00
|
|
|
set_menus_for_selected_tree_row(cf);
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
}
|
|
|
|
|
|
2001-12-06 02:21:26 +00:00
|
|
|
/*
|
|
|
|
|
* Mark a particular frame.
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
mark_frame(capture_file *cf, frame_data *frame)
|
|
|
|
|
{
|
|
|
|
|
frame->flags.marked = TRUE;
|
|
|
|
|
cf->marked_count++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Unmark a particular frame.
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
unmark_frame(capture_file *cf, frame_data *frame)
|
|
|
|
|
{
|
|
|
|
|
frame->flags.marked = FALSE;
|
|
|
|
|
cf->marked_count--;
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
typedef struct {
|
|
|
|
|
wtap_dumper *pdh;
|
|
|
|
|
const char *fname;
|
|
|
|
|
} save_callback_args_t;
|
|
|
|
|
|
2002-05-23 07:46:58 +00:00
|
|
|
/*
|
|
|
|
|
* Save a capture to a file, in a particular format, saving either
|
|
|
|
|
* all packets, all currently-displayed packets, or all marked packets.
|
|
|
|
|
*
|
|
|
|
|
* Returns TRUE if it succeeds, FALSE otherwise; if it fails, it pops
|
|
|
|
|
* up a message box for the failure.
|
|
|
|
|
*/
|
2004-01-09 22:56:59 +00:00
|
|
|
static gboolean
|
|
|
|
|
save_packet(capture_file *cf _U_, frame_data *fdata,
|
|
|
|
|
union wtap_pseudo_header *pseudo_header, const guint8 *pd,
|
|
|
|
|
void *argsp)
|
|
|
|
|
{
|
|
|
|
|
save_callback_args_t *args = argsp;
|
|
|
|
|
struct wtap_pkthdr hdr;
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
/* init the wtap header for saving */
|
|
|
|
|
hdr.ts.tv_sec = fdata->abs_secs;
|
|
|
|
|
hdr.ts.tv_usec = fdata->abs_usecs;
|
|
|
|
|
hdr.caplen = fdata->cap_len;
|
|
|
|
|
hdr.len = fdata->pkt_len;
|
|
|
|
|
hdr.pkt_encap = fdata->lnk_t;
|
|
|
|
|
|
|
|
|
|
/* and save the packet */
|
|
|
|
|
if (!wtap_dump(args->pdh, &hdr, pseudo_header, pd, &err)) {
|
2004-02-11 02:02:38 +00:00
|
|
|
cf_write_failure_alert_box(args->fname, err);
|
2004-01-09 22:56:59 +00:00
|
|
|
return FALSE;
|
|
|
|
|
}
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2002-05-23 07:46:58 +00:00
|
|
|
gboolean
|
2003-12-29 20:05:59 +00:00
|
|
|
cf_save(char *fname, capture_file *cf, packet_range_t *range, guint save_format)
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
{
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
gchar *from_filename;
|
2003-09-15 22:16:08 +00:00
|
|
|
gchar *name_ptr, *save_msg, *save_fmt = " Saving: %s...";
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
size_t msg_len;
|
|
|
|
|
int err;
|
|
|
|
|
gboolean do_copy;
|
|
|
|
|
wtap_dumper *pdh;
|
2002-07-21 16:54:22 +00:00
|
|
|
struct stat infile, outfile;
|
2004-01-09 22:56:59 +00:00
|
|
|
save_callback_args_t callback_args;
|
2004-01-02 21:01:40 +00:00
|
|
|
|
2003-09-15 22:16:08 +00:00
|
|
|
name_ptr = get_basename(fname);
|
|
|
|
|
msg_len = strlen(name_ptr) + strlen(save_fmt) + 2;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
save_msg = g_malloc(msg_len);
|
2003-09-15 22:16:08 +00:00
|
|
|
snprintf(save_msg, msg_len, save_fmt, name_ptr);
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
statusbar_push_file_msg(save_msg);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
g_free(save_msg);
|
|
|
|
|
|
2002-08-28 21:04:11 +00:00
|
|
|
/*
|
|
|
|
|
* Check that the from file is not the same as to file
|
2002-07-15 05:14:26 +00:00
|
|
|
* We do it here so we catch all cases ...
|
2002-07-21 16:54:22 +00:00
|
|
|
* Unfortunately, the file requester gives us an absolute file
|
|
|
|
|
* name and the read file name may be relative (if supplied on
|
|
|
|
|
* the command line). From Joerg Mayer.
|
2004-02-17 17:48:44 +00:00
|
|
|
*
|
|
|
|
|
* This is a bit tricky on win32. The st_ino field is documented as:
|
|
|
|
|
* "The inode, and therefore st_ino, has no meaning in the FAT, ..."
|
|
|
|
|
* but it *is* set to zero if stat() returns without an error,
|
|
|
|
|
* so this is working, but maybe not quite the way expected. ULFL
|
2002-07-15 05:14:26 +00:00
|
|
|
*/
|
2002-07-21 16:54:22 +00:00
|
|
|
infile.st_ino = 1; /* These prevent us from getting equality */
|
|
|
|
|
outfile.st_ino = 2; /* If one or other of the files is not accessible */
|
|
|
|
|
stat(cf->filename, &infile);
|
|
|
|
|
stat(fname, &outfile);
|
|
|
|
|
if (infile.st_ino == outfile.st_ino) {
|
2004-01-31 03:22:42 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
2004-02-17 17:48:44 +00:00
|
|
|
"%sCapture file: \"%s\" already exists!%s\n\n"
|
|
|
|
|
"Please choose a different filename.",
|
|
|
|
|
simple_dialog_primary_start(), fname, simple_dialog_primary_end());
|
2002-07-15 05:14:26 +00:00
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-09 14:05:20 +00:00
|
|
|
packet_range_process_init(range);
|
|
|
|
|
|
2003-12-29 20:05:59 +00:00
|
|
|
/* Used to be :
|
|
|
|
|
* if (!save_filtered && !save_marked && !save_manual_range &&
|
|
|
|
|
* !save_marked_range && !save_curr && save_format == cf->cd_t) {
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
if (packet_range_process_all(range) && save_format == cf->cd_t) {
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* We're not filtering packets, and we're saving it in the format
|
|
|
|
|
it's already in, so we can just move or copy the raw data. */
|
|
|
|
|
|
|
|
|
|
if (cf->is_tempfile) {
|
|
|
|
|
/* The file being saved is a temporary file from a live
|
|
|
|
|
capture, so it doesn't need to stay around under that name;
|
|
|
|
|
first, try renaming the capture buffer file to the new name. */
|
2000-03-28 08:11:52 +00:00
|
|
|
#ifndef WIN32
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
if (rename(cf->filename, fname) == 0) {
|
|
|
|
|
/* That succeeded - there's no need to copy the source file. */
|
|
|
|
|
from_filename = NULL;
|
|
|
|
|
do_copy = FALSE;
|
|
|
|
|
} else {
|
|
|
|
|
if (errno == EXDEV) {
|
|
|
|
|
/* They're on different file systems, so we have to copy the
|
|
|
|
|
file. */
|
|
|
|
|
do_copy = TRUE;
|
|
|
|
|
from_filename = cf->filename;
|
|
|
|
|
} else {
|
|
|
|
|
/* The rename failed, but not because they're on different
|
|
|
|
|
file systems - put up an error message. (Or should we
|
|
|
|
|
just punt and try to copy? The only reason why I'd
|
|
|
|
|
expect the rename to fail and the copy to succeed would
|
|
|
|
|
be if we didn't have permission to remove the file from
|
|
|
|
|
the temporary directory, and that might be fixable - but
|
|
|
|
|
is it worth requiring the user to go off and fix it?) */
|
2004-01-31 03:22:42 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
2002-05-23 07:46:58 +00:00
|
|
|
file_rename_error_message(errno), fname);
|
2002-05-23 10:27:12 +00:00
|
|
|
goto fail;
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
}
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
2000-03-28 08:11:52 +00:00
|
|
|
#else
|
2000-05-06 05:19:42 +00:00
|
|
|
do_copy = TRUE;
|
|
|
|
|
from_filename = cf->filename;
|
2000-03-28 08:11:52 +00:00
|
|
|
#endif
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
} else {
|
|
|
|
|
/* It's a permanent file, so we should copy it, and not remove the
|
|
|
|
|
original. */
|
|
|
|
|
do_copy = TRUE;
|
|
|
|
|
from_filename = cf->filename;
|
|
|
|
|
}
|
2002-04-22 19:10:33 +00:00
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
if (do_copy) {
|
2002-05-23 06:10:56 +00:00
|
|
|
/* Copy the file, if we haven't moved it. */
|
2002-05-23 10:27:12 +00:00
|
|
|
if (!copy_binary_file(from_filename, fname))
|
|
|
|
|
goto fail;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
/* Either we're filtering packets, or we're saving in a different
|
|
|
|
|
format; we can't do that by copying or moving the capture file,
|
|
|
|
|
we have to do it by writing the packets out in Wiretap. */
|
|
|
|
|
pdh = wtap_dump_open(fname, save_format, cf->lnk_t, cf->snap, &err);
|
|
|
|
|
if (pdh == NULL) {
|
2004-02-11 02:02:38 +00:00
|
|
|
cf_open_failure_alert_box(fname, err, NULL, TRUE, save_format);
|
2002-05-23 10:27:12 +00:00
|
|
|
goto fail;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* XXX - we let the user save a subset of the packets.
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
|
|
|
|
If we do that, should we make that file the current file? If so,
|
|
|
|
|
it means we can no longer get at the other packets. What does
|
|
|
|
|
NetMon do? */
|
2004-01-02 21:01:40 +00:00
|
|
|
|
2004-02-17 17:48:44 +00:00
|
|
|
/* Iterate through the list of packets, processing the packets we were
|
|
|
|
|
told to process.
|
2004-01-09 22:56:59 +00:00
|
|
|
|
|
|
|
|
XXX - we've already called "packet_range_process_init(range)", but
|
|
|
|
|
"process_specified_packets()" will do it again. Fortunately,
|
|
|
|
|
that's harmless in this case, as we haven't done anything to
|
|
|
|
|
"range" since we initialized it. */
|
|
|
|
|
callback_args.pdh = pdh;
|
|
|
|
|
callback_args.fname = fname;
|
|
|
|
|
switch (process_specified_packets(cf, range, "Saving",
|
2004-01-21 22:00:28 +00:00
|
|
|
"selected packets", save_packet,
|
2004-01-09 22:56:59 +00:00
|
|
|
&callback_args)) {
|
|
|
|
|
|
|
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
2003-12-29 20:05:59 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* The user decided to abort the saving.
|
|
|
|
|
XXX - remove the output file? */
|
|
|
|
|
break;
|
2004-01-02 21:01:40 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
case PSP_FAILED:
|
|
|
|
|
/* Error while saving. */
|
|
|
|
|
wtap_dump_close(pdh, &err);
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
if (!wtap_dump_close(pdh, &err)) {
|
2004-02-11 02:02:38 +00:00
|
|
|
cf_close_failure_alert_box(fname, err);
|
2002-05-23 10:27:12 +00:00
|
|
|
goto fail;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
2004-01-09 22:56:59 +00:00
|
|
|
}
|
2004-01-02 21:01:40 +00:00
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* Pop the "Saving:" message off the status bar. */
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
statusbar_pop_file_msg();
|
2003-12-29 20:05:59 +00:00
|
|
|
|
|
|
|
|
if (packet_range_process_all(range)) {
|
2002-05-23 10:27:12 +00:00
|
|
|
/* We saved the entire capture, not just some packets from it.
|
|
|
|
|
Open and read the file we saved it to.
|
|
|
|
|
|
|
|
|
|
XXX - this is somewhat of a waste; we already have the
|
|
|
|
|
packets, all this gets us is updated file type information
|
|
|
|
|
(which we could just stuff into "cf"), and having the new
|
|
|
|
|
file be the one we have opened and from which we're reading
|
|
|
|
|
the data, and it means we have to spend time opening and
|
|
|
|
|
reading the file, which could be a significant amount of
|
|
|
|
|
time if the file is large. */
|
|
|
|
|
cf->user_saved = TRUE;
|
|
|
|
|
|
2003-09-15 22:48:42 +00:00
|
|
|
if ((err = cf_open(fname, FALSE, cf)) == 0) {
|
2002-05-23 10:27:12 +00:00
|
|
|
/* XXX - report errors if this fails?
|
|
|
|
|
What should we return if it fails or is aborted? */
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
switch (cf_read(cf)) {
|
2002-05-23 10:27:12 +00:00
|
|
|
|
|
|
|
|
case READ_SUCCESS:
|
|
|
|
|
case READ_ERROR:
|
|
|
|
|
/* Just because we got an error, that doesn't mean we were unable
|
|
|
|
|
to read any of the file; we handle what we could get from the
|
|
|
|
|
file. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case READ_ABORTED:
|
|
|
|
|
/* The user bailed out of re-reading the capture file; the
|
|
|
|
|
capture file has been closed - just return (without
|
2003-09-15 22:48:42 +00:00
|
|
|
changing any menu settings; "cf_close()" set them
|
2002-05-23 10:27:12 +00:00
|
|
|
correctly for the "no capture file open" state). */
|
|
|
|
|
break;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
2002-05-23 10:27:12 +00:00
|
|
|
set_menus_for_unsaved_capture_file(FALSE);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
|
|
|
|
}
|
2002-05-23 10:27:12 +00:00
|
|
|
return TRUE;
|
|
|
|
|
|
|
|
|
|
fail:
|
|
|
|
|
/* Pop the "Saving:" message off the status bar. */
|
|
|
|
|
statusbar_pop_file_msg();
|
|
|
|
|
return FALSE;
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
}
|
|
|
|
|
|
2004-02-11 02:02:38 +00:00
|
|
|
static void
|
|
|
|
|
cf_open_failure_alert_box(const char *filename, int err, gchar *err_info,
|
|
|
|
|
gboolean for_writing, int file_type)
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
{
|
2004-01-24 01:44:29 +00:00
|
|
|
if (err < 0) {
|
|
|
|
|
/* Wiretap error. */
|
|
|
|
|
switch (err) {
|
2002-06-07 07:47:58 +00:00
|
|
|
|
2004-01-24 02:01:44 +00:00
|
|
|
case WTAP_ERR_NOT_REGULAR_FILE:
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" is a \"special file\" or socket or other non-regular file.",
|
|
|
|
|
filename);
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
2002-07-16 07:15:09 +00:00
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
case WTAP_ERR_RANDOM_OPEN_PIPE:
|
|
|
|
|
/* Seen only when opening a capture file for reading. */
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" is a pipe or FIFO; Ethereal cannot read pipe or FIFO files.",
|
|
|
|
|
filename);
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
case WTAP_ERR_FILE_UNKNOWN_FORMAT:
|
|
|
|
|
/* Seen only when opening a capture file for reading. */
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" is not a capture file in a format Ethereal understands.",
|
|
|
|
|
filename);
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
case WTAP_ERR_UNSUPPORTED:
|
|
|
|
|
/* Seen only when opening a capture file for reading. */
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" is not a capture file in a format Ethereal understands.\n"
|
|
|
|
|
"(%s)",
|
|
|
|
|
filename, err_info);
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
g_free(err_info);
|
|
|
|
|
break;
|
|
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
case WTAP_ERR_CANT_WRITE_TO_PIPE:
|
|
|
|
|
/* Seen only when opening a capture file for writing. */
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" is a pipe, and %s capture files cannot be "
|
|
|
|
|
"written to a pipe.",
|
|
|
|
|
filename, wtap_file_type_string(file_type));
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
DLT_NULL, from "libpcap", means different things on different platforms
and in different capture files; throw in some heuristics to try to
figure out whether the 4-byte header is:
1) PPP-over-HDLC (some version of ISDN4BSD?);
2) big-endian AF_ value (BSD on big-endian platforms);
3) little-endian AF_ value (BSD on little-endian platforms);
4) two octets of 0 followed by an Ethernet type (Linux, at least
on little-endian platforms, as mutated by "libpcap").
Make a separate Wiretap encapsulation type, WTAP_ENCAP_NULL,
corresponding to DLT_NULL.
Have the PPP code dissect the frame if it's PPP-over-HDLC, and have
"ethertype()" dissect the Ethernet type and the rest of the packet if
it's a Linux-style header; dissect it ourselves only if it's an AF_
value.
Have Wiretap impose a maximum packet size of 65535 bytes, so that it
fails more gracefully when handed a corrupt "libpcap" capture file
(other capture file formats with more than a 16-bit capture length
field, if any, will have that check added later), and put that size in
"wtap.h" and have Ethereal use it as its notion of a maximum packet
size.
Have Ethereal put up a "this file appears to be damaged or corrupt"
message box if Wiretap returns a WTAP_ERR_BAD_RECORD error when opening
or reading a capture file.
Include loopback interfaces in the list of interfaces offered by the
"Capture" dialog box, but put them at the end of the list so that it
doesn't default to a loopback interface unless there are no other
interfaces. Also, don't require that an interface in the list have an
IP address associated with it, and only put one entry in the list for a
given interface (SIOCGIFCONF returns one entry per interface *address*,
not per *interface* - and even if you were to use only IP addresses, an
interface could conceivably have more than one IP address).
Exclusively use Wiretap encapsulation types internally, even when
capturing; don't use DLT_ types.
svn path=/trunk/; revision=540
1999-08-22 00:47:56 +00:00
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
case WTAP_ERR_UNSUPPORTED_FILE_TYPE:
|
|
|
|
|
/* Seen only when opening a capture file for writing. */
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"Ethereal does not support writing capture files in that format.");
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
case WTAP_ERR_UNSUPPORTED_ENCAP:
|
2004-02-11 02:02:38 +00:00
|
|
|
if (for_writing) {
|
|
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"Ethereal cannot save this capture in that format.");
|
|
|
|
|
} else {
|
|
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" is a capture for a network type that Ethereal doesn't support.\n"
|
|
|
|
|
"(%s)",
|
|
|
|
|
filename, err_info);
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
g_free(err_info);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
case WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED:
|
2004-02-11 02:02:38 +00:00
|
|
|
if (for_writing) {
|
|
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"Ethereal cannot save this capture in that format.");
|
|
|
|
|
} else {
|
|
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" is a capture for a network type that Ethereal doesn't support.",
|
|
|
|
|
filename);
|
|
|
|
|
}
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
case WTAP_ERR_BAD_RECORD:
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
/* Seen only when opening a capture file for reading. */
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" appears to be damaged or corrupt.\n"
|
|
|
|
|
"(%s)",
|
|
|
|
|
filename, err_info);
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
g_free(err_info);
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
case WTAP_ERR_CANT_OPEN:
|
2004-02-11 02:02:38 +00:00
|
|
|
if (for_writing) {
|
|
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" could not be created for some unknown reason.",
|
|
|
|
|
filename);
|
|
|
|
|
} else {
|
|
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" could not be opened for some unknown reason.",
|
|
|
|
|
filename);
|
|
|
|
|
}
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
case WTAP_ERR_SHORT_READ:
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" appears to have been cut short"
|
|
|
|
|
" in the middle of a packet or other data.",
|
|
|
|
|
filename);
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
case WTAP_ERR_SHORT_WRITE:
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"A full header couldn't be written to the file \"%s\".",
|
|
|
|
|
filename);
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
2000-07-20 05:10:02 +00:00
|
|
|
|
2004-01-24 01:44:29 +00:00
|
|
|
default:
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" could not be %s: %s.",
|
|
|
|
|
filename,
|
|
|
|
|
for_writing ? "created" : "opened",
|
|
|
|
|
wtap_strerror(err));
|
2004-01-24 01:44:29 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2004-02-11 02:02:38 +00:00
|
|
|
} else {
|
|
|
|
|
/* OS error. */
|
|
|
|
|
open_failure_alert_box(filename, err, for_writing);
|
|
|
|
|
}
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
}
|
|
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
static char *
|
|
|
|
|
file_rename_error_message(int err)
|
|
|
|
|
{
|
|
|
|
|
char *errmsg;
|
|
|
|
|
static char errmsg_errno[1024+1];
|
|
|
|
|
|
|
|
|
|
switch (err) {
|
|
|
|
|
|
|
|
|
|
case ENOENT:
|
|
|
|
|
errmsg = "The path to the file \"%s\" does not exist.";
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case EACCES:
|
|
|
|
|
errmsg = "You do not have permission to move the capture file to \"%s\".";
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
2000-08-03 12:02:15 +00:00
|
|
|
snprintf(errmsg_errno, sizeof(errmsg_errno),
|
|
|
|
|
"The file \"%%s\" could not be moved: %s.",
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
wtap_strerror(err));
|
|
|
|
|
errmsg = errmsg_errno;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
return errmsg;
|
|
|
|
|
}
|
|
|
|
|
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
char *
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
cf_read_error_message(int err, gchar *err_info)
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
{
|
|
|
|
|
static char errmsg_errno[1024+1];
|
|
|
|
|
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
switch (err) {
|
|
|
|
|
|
|
|
|
|
case WTAP_ERR_UNSUPPORTED_ENCAP:
|
2004-07-08 07:45:46 +00:00
|
|
|
snprintf(errmsg_errno, sizeof(errmsg_errno),
|
|
|
|
|
"The file \"%%s\" has a packet with a network type that Ethereal doesn't support.\n(%s)",
|
|
|
|
|
err_info);
|
|
|
|
|
break;
|
|
|
|
|
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
case WTAP_ERR_BAD_RECORD:
|
|
|
|
|
snprintf(errmsg_errno, sizeof(errmsg_errno),
|
|
|
|
|
"An error occurred while reading from the file \"%%s\": %s.\n(%s)",
|
|
|
|
|
wtap_strerror(err), err_info);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
snprintf(errmsg_errno, sizeof(errmsg_errno),
|
|
|
|
|
"An error occurred while reading from the file \"%%s\": %s.",
|
|
|
|
|
wtap_strerror(err));
|
|
|
|
|
break;
|
|
|
|
|
}
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
return errmsg_errno;
|
|
|
|
|
}
|
|
|
|
|
|
2004-02-11 02:02:38 +00:00
|
|
|
static void
|
|
|
|
|
cf_write_failure_alert_box(const char *filename, int err)
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
{
|
2004-01-24 02:01:44 +00:00
|
|
|
if (err < 0) {
|
|
|
|
|
/* Wiretap error. */
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"An error occurred while writing to the file \"%s\": %s.",
|
|
|
|
|
filename, wtap_strerror(err));
|
|
|
|
|
} else {
|
|
|
|
|
/* OS error. */
|
|
|
|
|
write_failure_alert_box(filename, err);
|
|
|
|
|
}
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
}
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
|
|
|
|
/* Check for write errors - if the file is being written to an NFS server,
|
|
|
|
|
a write error may not show up until the file is closed, as NFS clients
|
|
|
|
|
might not send writes to the server until the "write()" call finishes,
|
|
|
|
|
so that the write may fail on the server but the "write()" may succeed. */
|
2004-02-11 02:02:38 +00:00
|
|
|
static void
|
|
|
|
|
cf_close_failure_alert_box(const char *filename, int err)
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
{
|
2004-01-24 10:53:25 +00:00
|
|
|
if (err < 0) {
|
|
|
|
|
/* Wiretap error. */
|
|
|
|
|
switch (err) {
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2004-01-24 10:53:25 +00:00
|
|
|
case WTAP_ERR_CANT_CLOSE:
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"The file \"%s\" couldn't be closed for some unknown reason.",
|
|
|
|
|
filename);
|
2004-01-24 10:53:25 +00:00
|
|
|
break;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2004-01-24 10:53:25 +00:00
|
|
|
case WTAP_ERR_SHORT_WRITE:
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"Not all the packets could be written to the file \"%s\".",
|
|
|
|
|
filename);
|
2004-01-24 10:53:25 +00:00
|
|
|
break;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2004-01-24 10:53:25 +00:00
|
|
|
default:
|
2004-02-11 02:02:38 +00:00
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"An error occurred while closing the file \"%s\": %s.",
|
|
|
|
|
filename, wtap_strerror(err));
|
2004-01-24 10:53:25 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2004-02-11 02:02:38 +00:00
|
|
|
/* OS error.
|
|
|
|
|
We assume that a close error from the OS is really a write error. */
|
|
|
|
|
write_failure_alert_box(filename, err);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
|
|
|
|
}
|
2000-08-03 12:44:40 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Copies a file in binary mode, for those operating systems that care about
|
|
|
|
|
* such things.
|
|
|
|
|
* Returns TRUE on success, FALSE on failure. If a failure, it also
|
|
|
|
|
* displays a simple dialog window with the error message.
|
|
|
|
|
*/
|
2000-08-09 06:18:16 +00:00
|
|
|
static gboolean
|
2000-08-03 12:44:40 +00:00
|
|
|
copy_binary_file(char *from_filename, char *to_filename)
|
|
|
|
|
{
|
2003-09-15 22:48:42 +00:00
|
|
|
int from_fd, to_fd, nread, nwritten, err;
|
|
|
|
|
guint8 pd[65536];
|
2000-08-03 12:44:40 +00:00
|
|
|
|
2003-09-15 22:48:42 +00:00
|
|
|
/* Copy the raw bytes of the file. */
|
|
|
|
|
from_fd = open(from_filename, O_RDONLY | O_BINARY);
|
|
|
|
|
if (from_fd < 0) {
|
2004-02-11 01:23:25 +00:00
|
|
|
open_failure_alert_box(from_filename, errno, FALSE);
|
2003-09-15 22:48:42 +00:00
|
|
|
goto done;
|
|
|
|
|
}
|
2000-08-03 12:44:40 +00:00
|
|
|
|
2003-09-15 22:48:42 +00:00
|
|
|
/* Use open() instead of creat() so that we can pass the O_BINARY
|
|
|
|
|
flag, which is relevant on Win32; it appears that "creat()"
|
|
|
|
|
may open the file in text mode, not binary mode, but we want
|
|
|
|
|
to copy the raw bytes of the file, so we need the output file
|
|
|
|
|
to be open in binary mode. */
|
|
|
|
|
to_fd = open(to_filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
|
|
|
|
|
if (to_fd < 0) {
|
2004-02-11 01:23:25 +00:00
|
|
|
open_failure_alert_box(to_filename, errno, TRUE);
|
2003-09-15 22:48:42 +00:00
|
|
|
close(from_fd);
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
while ((nread = read(from_fd, pd, sizeof pd)) > 0) {
|
|
|
|
|
nwritten = write(to_fd, pd, nread);
|
|
|
|
|
if (nwritten < nread) {
|
|
|
|
|
if (nwritten < 0)
|
|
|
|
|
err = errno;
|
|
|
|
|
else
|
|
|
|
|
err = WTAP_ERR_SHORT_WRITE;
|
2004-02-11 01:37:13 +00:00
|
|
|
write_failure_alert_box(to_filename, err);
|
2000-08-03 12:44:40 +00:00
|
|
|
close(from_fd);
|
2003-09-15 22:48:42 +00:00
|
|
|
close(to_fd);
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (nread < 0) {
|
2004-02-21 12:58:42 +00:00
|
|
|
err = errno;
|
|
|
|
|
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
|
|
|
|
|
"An error occurred while reading from the file \"%s\": %s.",
|
|
|
|
|
from_filename, strerror(err));
|
2003-09-15 22:48:42 +00:00
|
|
|
close(from_fd);
|
|
|
|
|
close(to_fd);
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
close(from_fd);
|
|
|
|
|
if (close(to_fd) < 0) {
|
2004-02-11 01:37:13 +00:00
|
|
|
write_failure_alert_box(to_filename, errno);
|
2003-09-15 22:48:42 +00:00
|
|
|
goto done;
|
|
|
|
|
}
|
2000-08-03 12:44:40 +00:00
|
|
|
|
2003-09-15 22:48:42 +00:00
|
|
|
return TRUE;
|
2000-08-03 12:44:40 +00:00
|
|
|
|
2003-09-15 22:48:42 +00:00
|
|
|
done:
|
|
|
|
|
return FALSE;
|
2000-08-03 12:44:40 +00:00
|
|
|
}
|