forked from osmocom/wireshark
ethereal->wireshark
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18207 f5534014-38df-0310-8fa8-9805f1628bb7
This commit is contained in:
parent
60d39348a0
commit
151dcf1c94
|
@ -74,7 +74,7 @@ problem).
|
|||
I've also reworked the tcptrace display code slightly to properly handle
|
||||
the initial ack packet of a sequence;
|
||||
|
||||
As an example of the some of the fixes the Ethereal tcptrace style graph
|
||||
As an example of the some of the fixes the Wireshark tcptrace style graph
|
||||
of the following conversation fragment will now be similar to the graph
|
||||
produced by Tcptrace.
|
||||
|
||||
|
@ -1570,7 +1570,7 @@ Changed paths:
|
|||
|
||||
Repeatedly indicate that "-w" is for writing binary packet data, and
|
||||
that if you want to send text to a file, just redirect the standard
|
||||
output. I've seen at least one message on the Ethereal lists from
|
||||
output. I've seen at least one message on the Wireshark lists from
|
||||
somebody who didn't realize that, and I think I've seen more.
|
||||
|
||||
------------------------------------------------------------------------
|
||||
|
@ -2288,7 +2288,7 @@ New protocol : CIGI (with minor updates to make it heuristic)
|
|||
Hi,
|
||||
|
||||
This patch is for a CIGI dissector (complete versions 2 and 3). It has
|
||||
been [fuzz] tested on GNU/Linux using the Ethereal 0.10.13 codebase.
|
||||
been [fuzz] tested on GNU/Linux using the Wireshark 0.10.13 codebase.
|
||||
However, the patch here is against the svn repository.
|
||||
|
||||
More information about CIGI can be found at http://cigi.sourceforge.net/
|
||||
|
@ -5922,7 +5922,7 @@ Changed paths:
|
|||
M /trunk/tap-iostat.c
|
||||
|
||||
Make the processing of "-z" arguments in the Tethereal I/O stat tap more
|
||||
like that of the Ethereal I/O stat tap. Improve error messages in both
|
||||
like that of the Wireshark I/O stat tap. Improve error messages in both
|
||||
taps.
|
||||
|
||||
Use nstime() routines and structure assignment to do operations on
|
||||
|
|
30
FAQ
30
FAQ
|
@ -270,7 +270,7 @@
|
|||
cannot, for example, make a "derived work" from Ethereal, by making
|
||||
modifications to it, and then sell the resulting derived work and not allow
|
||||
recipients to give away the resulting work. You must also make the changes
|
||||
you've made to the Ethereal source available to all recipients of your
|
||||
you've made to the Wireshark source available to all recipients of your
|
||||
modified version; those changes must also be licensed under the terms of the
|
||||
GPL. See the GPL FAQ for more details; in particular, note the answer to the
|
||||
question about modifying a GPLed program and selling it commercially, and
|
||||
|
@ -1409,7 +1409,7 @@ cies
|
|||
single port so that you can plug your analyzer into that single port to
|
||||
sniff all traffic. You would have to check the documentation for the switch
|
||||
to see if this is possible and, if so, to see how to do this. See the switch
|
||||
reference page on the Ethereal Wiki for information on some switches. (Note
|
||||
reference page on the Wireshark Wiki for information on some switches. (Note
|
||||
that it's a Wiki, so you can update or fix that information, or add
|
||||
additional information on those switches or information on new switches,
|
||||
yourself.)
|
||||
|
@ -1457,7 +1457,7 @@ cies
|
|||
|
||||
In the case of token ring interfaces, the drivers for some of them, on
|
||||
Windows, may require you to enable promiscuous mode in order to capture in
|
||||
promiscuous mode. See the Ethereal Wiki item on Token Ring capturing for
|
||||
promiscuous mode. See the Wireshark Wiki item on Token Ring capturing for
|
||||
details.
|
||||
|
||||
In the case of wireless LAN interfaces, it appears that, when those
|
||||
|
@ -1532,7 +1532,7 @@ cies
|
|||
of Ethereal and a shared libpcap library with DAG support, in order to do so
|
||||
with Ethereal. You should ask Endace whether that could be used to capture
|
||||
traffic on, for example, your T1/E1 link.
|
||||
See the SS7 capture setup page on the Ethereal Wiki for current information
|
||||
See the SS7 capture setup page on the Wireshark Wiki for current information
|
||||
on capturing SS7 traffic on TDM links.
|
||||
|
||||
Q 7.6: How do I put an interface into promiscuous mode?
|
||||
|
@ -1681,7 +1681,7 @@ cies
|
|||
In order to see the raw Ethernet packets, rather than "de-VLANized" packets,
|
||||
you would have to capture not on the virtual interface for the VLAN, but on
|
||||
the interface corresponding to the physical network device, if possible. See
|
||||
the Ethereal Wiki item on VLAN capturing for details.
|
||||
the Wireshark Wiki item on VLAN capturing for details.
|
||||
|
||||
Q 7.12: Why does Ethereal hang after I stop a capture?
|
||||
|
||||
|
@ -1728,13 +1728,13 @@ cies
|
|||
running the most recent release of Ethereal, you should first upgrade to
|
||||
that release, as, if there's a bug of that sort, it might've been fixed in a
|
||||
release after the one you're running. If the hang occurs in the most recent
|
||||
release of Ethereal, the bug should be reported to the Ethereal developers'
|
||||
release of Ethereal, the bug should be reported to the Wireshark developers'
|
||||
mailing list at ethereal-dev@ethereal.com.
|
||||
|
||||
On UNIX-flavored OSes, please try to force Ethereal to dump core, by sending
|
||||
it a SIGABRT signal (usually signal 6) with the kill command, and then get a
|
||||
stack trace if you have a debugger installed. A stack trace can be obtained
|
||||
by using your debugger (gdb in this example), the Ethereal binary, and the
|
||||
by using your debugger (gdb in this example), the Wireshark binary, and the
|
||||
resulting core file. Here's an example of how to use the gdb command
|
||||
backtrace to do so.
|
||||
$ gdb ethereal core
|
||||
|
@ -1819,7 +1819,7 @@ cies
|
|||
4.0 or Windows Vista Beta 1, you should be able to capture on the
|
||||
"GenericDialupAdapter" with WinPcap 3.1. (3.1 beta releases called it
|
||||
the "NdisWanAdapter"; if you're using a 3.1 beta release, you should
|
||||
un-install it and install the final 3.1 release.) See the Ethereal Wiki
|
||||
un-install it and install the final 3.1 release.) See the Wireshark Wiki
|
||||
item on PPP capturing for details.
|
||||
4. WinPcap prior to 3.0 does not support multiprocessor machines (note that
|
||||
machines with a single multi-threaded processor, such as Intel's new
|
||||
|
@ -1909,7 +1909,7 @@ cies
|
|||
or Windows Vista Beta 1, you should be able to capture on the
|
||||
"GenericDialupAdapter" with WinPcap 3.1. (3.1 beta releases called it the
|
||||
"NdisWanAdapter"; if you're using a 3.1 beta release, you should un-install
|
||||
it and install the final 3.1 release.) See the Ethereal Wiki item on PPP
|
||||
it and install the final 3.1 release.) See the Wireshark Wiki item on PPP
|
||||
capturing for details.
|
||||
|
||||
Q 8.4: I'm running Ethereal on Windows NT 4.0/Windows 2000/Windows
|
||||
|
@ -1930,7 +1930,7 @@ cies
|
|||
or Windows Vista Beta 1, you should be able to capture on the
|
||||
"GenericDialupAdapter" with WinPcap 3.1. (3.1 beta releases called it the
|
||||
"NdisWanAdapter"; if you're using a 3.1 beta release, you should un-install
|
||||
it and install the final 3.1 release.) See the Ethereal Wiki item on PPP
|
||||
it and install the final 3.1 release.) See the Wireshark Wiki item on PPP
|
||||
capturing for details.
|
||||
|
||||
Q 8.5: I'm running Ethereal on Windows 95/98/Me, on a machine with more than
|
||||
|
@ -2018,14 +2018,14 @@ cies
|
|||
account sufficient privileges to capture packets. Only those interfaces that
|
||||
Ethereal can open for capturing show up in that list; if you don't have
|
||||
sufficient privileges to capture on any interfaces, no interfaces will show
|
||||
up in the list. See the Ethereal Wiki item on capture privileges for details
|
||||
up in the list. See the Wireshark Wiki item on capture privileges for details
|
||||
on how to give a particular account or account group capture privileges on
|
||||
platforms where that can be done.
|
||||
|
||||
If you are running Ethereal from an account with sufficient privileges, then
|
||||
note that Ethereal relies on the libpcap library, and on the facilities that
|
||||
come with the OS on which it's running in order to do captures. On some
|
||||
OSes, those facilities aren't present by default; see the Ethereal Wiki item
|
||||
OSes, those facilities aren't present by default; see the Wireshark Wiki item
|
||||
on adding capture support for details.
|
||||
|
||||
And, even if you're running with an account that has sufficient privileges
|
||||
|
@ -2142,7 +2142,7 @@ cies
|
|||
resolve the name because it will not be able to communicate with any DNS or
|
||||
NIS servers.
|
||||
|
||||
See the Ethereal Wiki item on 802.11 capturing for details.
|
||||
See the Wireshark Wiki item on 802.11 capturing for details.
|
||||
|
||||
Q 10.2: How do I capture on an 802.11 device in monitor mode?
|
||||
|
||||
|
@ -2179,7 +2179,7 @@ cies
|
|||
possible" option, clicking "Save" if you want to save that setting in your
|
||||
preference file, and clicking "OK".
|
||||
|
||||
It can also be set on the Ethereal or Tethereal command line with a -o
|
||||
It can also be set on the Wireshark or Tethereal command line with a -o
|
||||
tcp.check_checksum:false command-line flag, or manually set in your
|
||||
preferences file by adding a tcp.check_checksum:false line.
|
||||
|
||||
|
@ -2267,7 +2267,7 @@ cies
|
|||
Q 12.3: How do I filter a capture to see traffic for virus XXX?
|
||||
|
||||
A: For some viruses/worms there might be a capture filter to recognize the
|
||||
virus traffic. Check the CaptureFilters page on the Ethereal Wiki to see if
|
||||
virus traffic. Check the CaptureFilters page on the Wireshark Wiki to see if
|
||||
anybody's added such a filter.
|
||||
|
||||
Note that Ethereal was not designed to be an intrusion detection system; you
|
||||
|
|
4
INSTALL
4
INSTALL
|
@ -1,4 +1,4 @@
|
|||
NOTE: this document applies to the Ethereal source releases. It also
|
||||
NOTE: this document applies to the Wireshark source releases. It also
|
||||
applies to buildbot source tarballs, but it does not apply to source
|
||||
code checked out directly from Subversion, as files such as the
|
||||
configuration script are not checked into Subversion, but need to be
|
||||
|
@ -57,7 +57,7 @@ README.win32 for those instructions.
|
|||
Similarly, Red Hat 5.x users will need to install a "libpcap-devel"
|
||||
.rpm to go along with the "libpcap" .rpm.
|
||||
|
||||
4. Run './configure' in the Ethereal distribution directory.
|
||||
4. Run './configure' in the Wireshark distribution directory.
|
||||
Running './configure --help' displays a list of options.
|
||||
The file 'INSTALL.configure' contains general instructions for
|
||||
using 'configure' and 'make'. Ethereal has some non-generic configure
|
||||
|
|
8
NEWS
8
NEWS
|
@ -91,7 +91,7 @@ Getting Ethereal
|
|||
Most Linux and Unix vendors supply their own Ethereal packages.
|
||||
You can install or upgrade Ethereal using the package management
|
||||
system specific to that platform. A list of third-party packages
|
||||
can be found on the [5]download page on the Ethereal web site.
|
||||
can be found on the [5]download page on the Wireshark web site.
|
||||
|
||||
File Locations
|
||||
|
||||
|
@ -216,7 +216,7 @@ Ethereal 0.10.13 has been released.
|
|||
manually through the View/Time Display Format menu items.
|
||||
|
||||
o The WinPcap version 3.1 installer was released since the last Ethereal
|
||||
release. The version included in the Ethereal Windows installer has
|
||||
release. The version included in the Wireshark Windows installer has
|
||||
been updated from 3.1 beta 4 to 3.1. If you want to upgrade WinPcap
|
||||
separately or install a different version you can download it from:
|
||||
[3]the WinPcap web site.
|
||||
|
@ -289,7 +289,7 @@ Getting Ethereal
|
|||
Most Linux and Unix vendors supply their own Ethereal packages. You can
|
||||
install or upgrade Ethereal using the package management system specific
|
||||
to that platform. A list of third-party packages can be found on the
|
||||
[7]download page on the Ethereal web site.
|
||||
[7]download page on the Wireshark web site.
|
||||
|
||||
File Locations
|
||||
|
||||
|
@ -449,7 +449,7 @@ New and updated features
|
|||
|
||||
A lot of documentation was updated
|
||||
|
||||
Some command line parameters have changed, see the Ethereal / Tethereal
|
||||
Some command line parameters have changed, see the Wireshark / Tethereal
|
||||
manual pages
|
||||
|
||||
A "File/File Set" submenu was added to better handle multiple files
|
||||
|
|
|
@ -283,7 +283,7 @@ The AIX documentation is not so well written.
|
|||
But basically, after I fixed up pcap-dlpi.c, I managed to get libpcap
|
||||
working under AIX. This enabled me to successfully run Ethereal,
|
||||
ie. all the packets on my Ethernet network correctly showed up
|
||||
as Ethernet and not Token Ring in the Ethereal screen.
|
||||
as Ethernet and not Token Ring in the Wireshark screen.
|
||||
|
||||
YAY!
|
||||
--
|
||||
|
@ -309,7 +309,7 @@ On Thu, Nov 11, 1999 at 11:50:23AM -0800, Guy Harris wrote:
|
|||
> > Any ideas why this causes trouble?
|
||||
>
|
||||
> Mismatches between the layouts of data structures as declared in the
|
||||
> "gtk/gtk*.h" files in the Ethereal source tree and the layouts as
|
||||
> "gtk/gtk*.h" files in the Wireshark source tree and the layouts as
|
||||
> declared in the header files in the GTK+ source (either due to header
|
||||
> file differences - although the header files appear to be identical to
|
||||
> the GTK+ 1.2.6 ones - or due to compiler behavior differences)?
|
||||
|
|
|
@ -128,7 +128,7 @@ On IRIX, older versions of the libpcap library use, in
|
|||
"pcap_open_live()", the snapshot length passed in, without reducing it
|
||||
to be less than or equal to the MTU of the interface. If the snapshot
|
||||
length is larger than the interface MTU, IRIX will return an error; this
|
||||
means that, for example, the Ethereal default snapshot length of 65535,
|
||||
means that, for example, the Wireshark default snapshot length of 65535,
|
||||
chosen so that all of the packet is captured, will not work.
|
||||
|
||||
Current versions of libpcap, from tcpdump.org, do not do so.
|
||||
|
|
18
README.win32
18
README.win32
|
@ -4,7 +4,7 @@ Installing Ethereal, Tethereal, and Editcap on Win32
|
|||
====================================================
|
||||
These are the instructions for installing Ethereal
|
||||
from the installation executable that is provided on
|
||||
the Ethereal website at:
|
||||
the Wireshark website at:
|
||||
|
||||
http://www.ethereal.com/distribution/win32
|
||||
|
||||
|
@ -30,7 +30,7 @@ All binaries in Wireshark package are now built with debugging
|
|||
information embedded. If you are experiencing a crash when running
|
||||
Ethereal or other binaries, Dr. Watson or your debugger
|
||||
can use the information embedded in the binary to provide useful
|
||||
information to the Ethereal developers that will help them pinpoint
|
||||
information to the Wireshark developers that will help them pinpoint
|
||||
the problem.
|
||||
|
||||
In the past, two versions of Ethereal binaries were published -- a
|
||||
|
@ -42,7 +42,7 @@ to capture packets on Win32 platforms.
|
|||
|
||||
As of WinPcap 2.1, all the WinPcap libraries have been released as DLLs.
|
||||
This means that Ethereal can detect the presence of WinPcap at run time,
|
||||
which means that only one version of the Ethereal binaries needs to be
|
||||
which means that only one version of the Wireshark binaries needs to be
|
||||
shipped.
|
||||
|
||||
If you don't want to capture packets, just install the Ethereal
|
||||
|
@ -88,7 +88,7 @@ The rest of this documentation is only interesting if
|
|||
you want to compile Ethereal yourself.
|
||||
|
||||
|
||||
Compiling the Ethereal distribution from source
|
||||
Compiling the Wireshark distribution from source
|
||||
===============================================
|
||||
|
||||
Developer's Guide
|
||||
|
@ -244,7 +244,7 @@ The gettext runtime package provides intl.dll, which is needed by
|
|||
GLib 2.4.7.
|
||||
|
||||
|
||||
Compiling the Ethereal distribution using GTK+2
|
||||
Compiling the Wireshark distribution using GTK+2
|
||||
-----------------------------------------------
|
||||
|
||||
The more recent version 2 of the GTK+ can be used to compile
|
||||
|
@ -299,7 +299,7 @@ Yes, the location of plugins needs to be more flexible.
|
|||
|
||||
Instructions for MS Visual C++
|
||||
----------------------------
|
||||
Modify the config.nmake file in the top directory of the Ethereal source
|
||||
Modify the config.nmake file in the top directory of the Wireshark source
|
||||
tree to work for your local configuration; if you don't have Python,
|
||||
comment out the line that defines PYTHON, otherwise set it to refer to
|
||||
the pathname of your Python interpreter executable. You should not have
|
||||
|
@ -384,7 +384,7 @@ make-tapreg-dotc, tap-*.c tethereal-tap-register.c
|
|||
make-tapreg-dotc, tap files gtk/ethereal-tap-register.c
|
||||
in the gtk subdirectory Bash + grep + sed
|
||||
|
||||
The Makefile.nmake supplied with the Ethereal distribution will, if
|
||||
The Makefile.nmake supplied with the Wireshark distribution will, if
|
||||
PYTHON is defined in config.nmake, attempt to make register.c with
|
||||
Python, since it is much much much faster than the shell version. The
|
||||
reason it is faster is because the shell version launches multiple
|
||||
|
@ -444,7 +444,7 @@ GTK-Wimp can be used to get a native Look-and-Feel on WinXP machines,
|
|||
especially with the new "coloured" WinXP theme. It will only take effect
|
||||
together with the GTK2 version of Ethereal.
|
||||
|
||||
No changes to the Ethereal sources are needed, GTK-Wimp simply changes the
|
||||
No changes to the Wireshark sources are needed, GTK-Wimp simply changes the
|
||||
way GTK2 displays the widgets (by changing the GTK2 default theme).
|
||||
|
||||
GTK-Wimp will be automatically installed if you use the official Ethereal Setup.
|
||||
|
@ -481,7 +481,7 @@ ANSI-C functions like fopen, malloc, etc.. MSVCRT.DLL is shipped with
|
|||
the MSVC 6 compiler versions, and dynamically linked to prebuild DLL's
|
||||
like the one's for gtk, glib and such. The MSVC 7 compiler now uses and
|
||||
ships MSVCRT71.DLL with it, which is incompatible with MSVCRT.DLL. So
|
||||
when using the MSVC 7 compiler, some parts of the Ethereal code uses
|
||||
when using the MSVC 7 compiler, some parts of the Wireshark code uses
|
||||
MSVCRT71.DLL, and some others (indirectly from e.g. the gtk DLL) will
|
||||
use MSVCRT.DLL. This will result in incorrect file handles and such.
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
-- ExtendedSecurityServices as defined in RFC2634
|
||||
--
|
||||
-- The ASN definition has been modified to suit the Ethereal ASN2ETH compiler
|
||||
-- The ASN definition has been modified to suit the Wireshark ASN2ETH compiler
|
||||
--
|
||||
--
|
||||
--
|
||||
|
|
|
@ -91,7 +91,7 @@
|
|||
* Standard secondary message for unexpected errors.
|
||||
*/
|
||||
static const char please_report[] =
|
||||
"Please report this to the Ethereal developers";
|
||||
"Please report this to the Wireshark developers";
|
||||
|
||||
/*
|
||||
* This needs to be static, so that the SIGUSR1 handler can clear the "go"
|
||||
|
|
|
@ -150,7 +150,7 @@ diff -urNad --exclude=CVS --exclude=.svn ./idl2deb /tmp/dpep-work.K2bQz4/etherea
|
|||
+Depends: ethereal (= %s), ${shlibs:Depends}
|
||||
+Description: GIOP dissector for CORBA interface %s
|
||||
+ This package provides a dissector for GIOP (General Inter-ORB
|
||||
+ Protocol) for the Ethereal protocol analyser. It decodes the CORBA
|
||||
+ Protocol) for the Wireshark protocol analyser. It decodes the CORBA
|
||||
+ (Common Object Request Broker Architecture) interfaces described
|
||||
+ in the IDL (Interface Definition Language) file '%s.idl'.
|
||||
+""" % (base, name, email, base, deb, base, base))
|
||||
|
|
|
@ -185,7 +185,7 @@ and, if you're including it to get routines such as "open()", "close()",
|
|||
|
||||
in order to declare the Windows C library routines "_open()",
|
||||
"_close()", "_read()", and "_write()". Your file must include <glib.h>
|
||||
- which many of the Ethereal header files include, so you might not have
|
||||
- which many of the Wireshark header files include, so you might not have
|
||||
to include it explicitly - in order to get "open()", "close()",
|
||||
"read()", "write()", etc. mapped to "_open()", "_close()", "_read()",
|
||||
"_write()", etc..
|
||||
|
@ -301,7 +301,7 @@ mechanisms that are present in GLib 1.2[.x] and GTK+ 1.2[.x], use #if's
|
|||
to conditionally use older or newer mechanisms depending on the platform
|
||||
on which Wireshark is being built, or, if the code in GLib or GTK+ that
|
||||
implements that mechanism will build with GLib 1.2[.x]/GTK+ 1.2[.x],
|
||||
conditionally include that code as part of the Ethereal source and use
|
||||
conditionally include that code as part of the Wireshark source and use
|
||||
the included version with GLib 1.2[.x] or GTK+ 1.2[.x]. In particular,
|
||||
if the GLib 2.x or GTK+ 2.x mechanism indicates that a routine is
|
||||
deprecated and shouldn't be used in new code, and that it was renamed in
|
||||
|
|
|
@ -7,7 +7,7 @@ distributing a software package containing Ethereal:
|
|||
|
||||
http://www.ethereal.com/distribution/all-versions/ethereal-0.55.71.tar.bz2
|
||||
|
||||
If your packaging system downloads a copy of the Ethereal sources,
|
||||
If your packaging system downloads a copy of the Wireshark sources,
|
||||
use this location.
|
||||
|
||||
2. The Wireshark web site URL is http://www.ethereal.com/ .
|
||||
|
@ -22,7 +22,7 @@ distributing a software package containing Ethereal:
|
|||
you use this to differentiate your package from official Ethereal
|
||||
releases.
|
||||
|
||||
6. Ethereal icons can be found in the "image" directory of the Ethereal
|
||||
6. Ethereal icons can be found in the "image" directory of the Wireshark
|
||||
sources. Larger versions of the logo can be found at
|
||||
http://www.ethereal.com/~gerald/ethereal_logo/povray/ .
|
||||
|
||||
|
|
|
@ -113,7 +113,7 @@ I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)>, I<editcap(1)>, I<teth
|
|||
B<Capinfos> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
|
||||
HTML versions of the Ethereal project man pages are available at:
|
||||
HTML versions of the Wireshark project man pages are available at:
|
||||
http://www.ethereal.com/docs/man-pages
|
||||
|
||||
=head1 AUTHORS
|
||||
|
|
|
@ -205,7 +205,7 @@ I<ethereal(1)>, I<tethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
|
|||
B<Dumpcap> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
|
||||
HTML versions of the Ethereal project man pages are available at:
|
||||
HTML versions of the Wireshark project man pages are available at:
|
||||
http://www.ethereal.com/docs/man-pages
|
||||
|
||||
=head1 AUTHORS
|
||||
|
|
|
@ -206,7 +206,7 @@ I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)>
|
|||
B<Editcap> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
|
||||
HTML versions of the Ethereal project man pages are available at:
|
||||
HTML versions of the Wireshark project man pages are available at:
|
||||
http://www.ethereal.com/docs/man-pages
|
||||
|
||||
=head1 AUTHORS
|
||||
|
|
|
@ -1223,7 +1223,7 @@ right mouse button (on those platforms that have a right
|
|||
mouse button) ethereal will display a popup menu offering several different
|
||||
filter operations to apply to the capture.
|
||||
|
||||
These statistics windows can also be invoked from the Ethereal command
|
||||
These statistics windows can also be invoked from the Wireshark command
|
||||
line using the B<-z conv> argument.
|
||||
|
||||
=item Statistics:Service Response Time:DCE-RPC
|
||||
|
|
|
@ -130,7 +130,7 @@ B<Mergecap> is based heavily upon B<editcap> by Richard Sharpe
|
|||
B<Mergecap> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
|
||||
HTML versions of the Ethereal project man pages are available at:
|
||||
HTML versions of the Wireshark project man pages are available at:
|
||||
http://www.ethereal.com/docs/man-pages
|
||||
|
||||
=head1 AUTHORS
|
||||
|
|
|
@ -864,7 +864,7 @@ I<ethereal-filter(4)> I<ethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
|
|||
B<Tethereal> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
|
||||
HTML versions of the Ethereal project man pages are available at:
|
||||
HTML versions of the Wireshark project man pages are available at:
|
||||
http://www.ethereal.com/docs/man-pages
|
||||
|
||||
=head1 AUTHORS
|
||||
|
|
|
@ -112,7 +112,7 @@ tasks.</command>
|
|||
Part II. Ethereal Development
|
||||
</para>
|
||||
<para>
|
||||
The second part describes how the Ethereal sources are structured and how
|
||||
The second part describes how the Wireshark sources are structured and how
|
||||
to change the sources (e.g. adding a new dissector).
|
||||
</para>
|
||||
</partintro>
|
||||
|
@ -138,7 +138,7 @@ to generate Ethereal, and how to do some typical development tasks.
|
|||
<command>Part II. Ethereal Development</command>
|
||||
</para>
|
||||
<para>
|
||||
<command>The second part describes how the Ethereal sources are structured and how
|
||||
<command>The second part describes how the Wireshark sources are structured and how
|
||||
to change the sources (e.g. adding a new dissector).</command>
|
||||
</para>
|
||||
</partintro>
|
||||
|
|
|
@ -104,7 +104,7 @@
|
|||
</title>
|
||||
<para>
|
||||
Ethereal was initially developed by Gerald Combs. Ongoing development
|
||||
and maintenance of Wireshark is handled by the Ethereal team, a loose
|
||||
and maintenance of Wireshark is handled by the Wireshark team, a loose
|
||||
group of individuals who fix bugs and provide new functionality.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -112,7 +112,7 @@
|
|||
protocol dissectors to Ethereal, and it is expected that this will
|
||||
continue. You can find a list of the people who have contributed
|
||||
code to Ethereal by checking the about dialog box of Ethereal, or have
|
||||
a look at the <ulink url="&EtherealAuthorsPage;"/> page on the Ethereal
|
||||
a look at the <ulink url="&EtherealAuthorsPage;"/> page on the Wireshark
|
||||
web site.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -142,7 +142,7 @@
|
|||
<para>
|
||||
So unless you are going to change the development process of Ethereal
|
||||
itself, you won't come in touch with any other programming language than
|
||||
ANSI C (such as perl or python, which are used only in the Ethereal build
|
||||
ANSI C (such as perl or python, which are used only in the Wireshark build
|
||||
process).
|
||||
</para>
|
||||
<para>
|
||||
|
@ -169,7 +169,7 @@
|
|||
<para>
|
||||
You are welcome to
|
||||
modify Ethereal to suit your own needs, and it would be appreciated
|
||||
if you contribute your improvements back to the Ethereal team.
|
||||
if you contribute your improvements back to the Wireshark team.
|
||||
</para>
|
||||
<para>
|
||||
You gain three benefits by contributing your improvements back to the
|
||||
|
@ -204,7 +204,7 @@
|
|||
</para>
|
||||
<para>
|
||||
The Wireshark source code and binary kits for some platforms are all
|
||||
available on the download page of the Ethereal website:
|
||||
available on the download page of the Wireshark website:
|
||||
<ulink url="&EtherealDownloadPage;">&EtherealDownloadPage;</ulink>.
|
||||
</para>
|
||||
|
||||
|
@ -283,7 +283,7 @@
|
|||
<para>
|
||||
You should use the released sources if you want to build Ethereal from
|
||||
source on your platform for productive use. However, if you going to
|
||||
develop changes to the Ethereal sources, it might be better to use the
|
||||
develop changes to the Wireshark sources, it might be better to use the
|
||||
latest SVN sources. For details about the different ways to get the
|
||||
Ethereal source code see <xref linkend="ChSrcObtain"/>.
|
||||
</para>
|
||||
|
@ -305,7 +305,7 @@
|
|||
|
||||
<section id="ChIntroHomepage"><title>Website</title>
|
||||
<para>
|
||||
You will find lot's of useful information on the Ethereal homepage at
|
||||
You will find lot's of useful information on the Wireshark homepage at
|
||||
<ulink url="&EtherealWebSite;">&EtherealWebSite;</ulink>.
|
||||
</para>
|
||||
</section>
|
||||
|
@ -402,10 +402,10 @@
|
|||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
You can subscribe to each of these lists from the Ethereal web site:
|
||||
You can subscribe to each of these lists from the Wireshark web site:
|
||||
<ulink url="&EtherealWebSite;">&EtherealWebSite;</ulink>. Simply
|
||||
select the <command>mailing lists</command> link on the left hand
|
||||
side of the site. The lists are archived at the Ethereal web site
|
||||
side of the site. The lists are archived at the Wireshark web site
|
||||
as well.
|
||||
<tip><title>Tip!</title>
|
||||
<para>
|
||||
|
@ -557,7 +557,7 @@ $
|
|||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
have a look at the Ethereal source code
|
||||
have a look at the Wireshark source code
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
|
|
|
@ -2,12 +2,12 @@
|
|||
<!-- $Id$ -->
|
||||
|
||||
<chapter id="ChapterSources">
|
||||
<title>Work with the Ethereal sources</title>
|
||||
<title>Work with the Wireshark sources</title>
|
||||
|
||||
<section id="ChSrcIntro">
|
||||
<title>Introduction</title>
|
||||
<para>
|
||||
This chapter will explain how to work with the Ethereal source code.
|
||||
This chapter will explain how to work with the Wireshark source code.
|
||||
It will show you how to:
|
||||
<itemizedlist>
|
||||
<listitem><para>
|
||||
|
@ -32,7 +32,7 @@
|
|||
<section id="ChSrcSVNServer">
|
||||
<title>The Wireshark Subversion repository</title>
|
||||
<para>
|
||||
Subversion is used to keep track of the changes made to the Ethereal
|
||||
Subversion is used to keep track of the changes made to the Wireshark
|
||||
source code. The Wireshark source code is stored inside Ethereal project's
|
||||
Subversion repository located at a server at the ethereal.com domain.
|
||||
</para>
|
||||
|
@ -75,7 +75,7 @@
|
|||
see which person changed a specific piece of code
|
||||
</para></listitem>
|
||||
<listitem><para>
|
||||
... and a lot more things related to the history of the Ethereal source
|
||||
... and a lot more things related to the history of the Wireshark source
|
||||
code development
|
||||
</para></listitem>
|
||||
</itemizedlist>
|
||||
|
@ -101,9 +101,9 @@
|
|||
</para>
|
||||
<tip><title>Tip!</title>
|
||||
<para>
|
||||
As the Ethereal project has switched from CVS (Concurrent versioning
|
||||
As the Wireshark project has switched from CVS (Concurrent versioning
|
||||
system) to Subversion some time ago, you may still find old references to
|
||||
CVS in the Ethereal documentation and source files.
|
||||
CVS in the Wireshark documentation and source files.
|
||||
</para>
|
||||
</tip>
|
||||
</section>
|
||||
|
@ -111,7 +111,7 @@
|
|||
<section id="ChSrcWebInterface">
|
||||
<title>The web interface to the Subversion repository</title>
|
||||
<para>
|
||||
If you need a quick look at the Ethereal source code,
|
||||
If you need a quick look at the Wireshark source code,
|
||||
you will only need a Web browser.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -143,7 +143,7 @@
|
|||
</section>
|
||||
|
||||
<section id="ChSrcObtain">
|
||||
<title>Obtain the Ethereal sources</title>
|
||||
<title>Obtain the Wireshark sources</title>
|
||||
<para>
|
||||
There are several ways to obtain the sources from Ethereal's Subversion
|
||||
server.
|
||||
|
@ -160,7 +160,7 @@
|
|||
</tip>
|
||||
<note><title>Note!</title>
|
||||
<para>
|
||||
The following ways to retrieve the Ethereal sources are sorted in
|
||||
The following ways to retrieve the Wireshark sources are sorted in
|
||||
decreasing
|
||||
actuality. If you plan to commit changes you've made to the sources,
|
||||
it's a good idea to keep your private source tree as actual as possible.
|
||||
|
@ -273,9 +273,9 @@
|
|||
</section>
|
||||
|
||||
<section id="ChSrcUpdating">
|
||||
<title>Update the Ethereal sources</title>
|
||||
<title>Update the Wireshark sources</title>
|
||||
<para>
|
||||
After you obtained the Ethereal sources for the first time, you
|
||||
After you obtained the Wireshark sources for the first time, you
|
||||
might want to keep them in sync with the sources at the Subversion
|
||||
repository.
|
||||
</para>
|
||||
|
@ -284,7 +284,7 @@
|
|||
<title>... with Anonymous Subversion access</title>
|
||||
<para>
|
||||
After the first time checkout is done, updating your
|
||||
sources is simply done by typing (in the Ethereal source dir):
|
||||
sources is simply done by typing (in the Wireshark source dir):
|
||||
</para>
|
||||
<para>
|
||||
<prompt>$</prompt>
|
||||
|
@ -301,7 +301,7 @@
|
|||
<section id="ChSrcZipUpdate">
|
||||
<title>... from zip files</title>
|
||||
<para>
|
||||
Independant of the way you retrieve the zip file of the Ethereal sources
|
||||
Independant of the way you retrieve the zip file of the Wireshark sources
|
||||
(as <xref linkend="ChSrcObtain"/> is providing several ways), the way to
|
||||
bring the changes from the official sources into your personal source tree
|
||||
is identical.
|
||||
|
@ -444,9 +444,9 @@ make
|
|||
</section>
|
||||
|
||||
<section id="ChSrcChange">
|
||||
<title>Make changes to the Ethereal sources</title>
|
||||
<title>Make changes to the Wireshark sources</title>
|
||||
<para>
|
||||
As the Ethereal developers working on many different platforms, a lot of
|
||||
As the Wireshark developers working on many different platforms, a lot of
|
||||
editors are used to develop Ethereal (emacs, vi, Microsoft Visual Studio
|
||||
and many many others). There's no "standard" or "default" development
|
||||
environment.
|
||||
|
@ -460,7 +460,7 @@ make
|
|||
<listitem><para>fix a bug</para></listitem>
|
||||
<listitem><para>implement a new glorious feature :-)</para></listitem>
|
||||
</itemizedlist>
|
||||
The internal structure of the Ethereal sources will be described in
|
||||
The internal structure of the Wireshark sources will be described in
|
||||
<xref linkend="PartDevelopment"/>.
|
||||
</para>
|
||||
<tip><title>Tip!</title>
|
||||
|
@ -481,8 +481,8 @@ make
|
|||
<section id="ChSrcCommit">
|
||||
<title>Commit changed sources</title>
|
||||
<para>
|
||||
If you have finished changing the Ethereal sources to suit your needs,
|
||||
you might want to contribute your changes back to the Ethereal SVN
|
||||
If you have finished changing the Wireshark sources to suit your needs,
|
||||
you might want to contribute your changes back to the Wireshark SVN
|
||||
repository.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -766,7 +766,7 @@ diff -ur ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/pa
|
|||
</warning>
|
||||
<itemizedlist>
|
||||
<listitem><para>
|
||||
<command>Follow the Ethereal source code style guide.</command>
|
||||
<command>Follow the Wireshark source code style guide.</command>
|
||||
Just because something compiles on your platform, that doesn't
|
||||
mean it'll compile on all of the other platforms for which Wireshark is
|
||||
built.
|
||||
|
@ -814,7 +814,7 @@ diff -ur ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/pa
|
|||
harder to apply your patch.
|
||||
</para>
|
||||
<para>
|
||||
When someone from the Ethereal core maintainers finds the time to look
|
||||
When someone from the Wireshark core maintainers finds the time to look
|
||||
at your patch, it will be merged into the SVN repository, so
|
||||
the latest SVN revisions and new releases will include it :-)
|
||||
</para>
|
||||
|
@ -928,7 +928,7 @@ diff -c -r1.5 dlnames.c
|
|||
</para>
|
||||
<para>
|
||||
For "cvs diff -c" or "cvs diff -u" diffs, there's a Python script
|
||||
"cvsdiff-fix.py" in the "tools" directory in the Ethereal source tree; it
|
||||
"cvsdiff-fix.py" in the "tools" directory in the Wireshark source tree; it
|
||||
will fix up those lines in "cvs diff" output. It reads its standard input
|
||||
by default, or can be given a file name on the command line, and writes to
|
||||
the standard output, so if you're typing at a command interpreter that
|
||||
|
@ -971,7 +971,7 @@ diff -c -r1.5 dlnames.c
|
|||
<orderedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
Add the Ethereal boilerplate to the new file(s).
|
||||
Add the Wireshark boilerplate to the new file(s).
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
|
@ -1052,7 +1052,7 @@ $Id$
|
|||
The "Nullsoft Install System" is a free installer generator for win32
|
||||
based systems, instructions how to install it can be found in <xref
|
||||
linkend="ChToolsNSIS"/>.
|
||||
NSIS is script based, you will find the Ethereal installer
|
||||
NSIS is script based, you will find the Wireshark installer
|
||||
generation script at: <filename>packaging/nsis/ethereal.nsi</filename>.
|
||||
</para>
|
||||
<para>
|
||||
|
|
|
@ -41,7 +41,7 @@
|
|||
</para>
|
||||
<para>
|
||||
The following sections give a very brief description of
|
||||
what the particular tool is doing, how it is used in the Ethereal project
|
||||
what the particular tool is doing, how it is used in the Wireshark project
|
||||
and how it can be installed and tested.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -193,7 +193,7 @@
|
|||
<entry><xref linkend="ChToolsSubversion"/></entry>
|
||||
<entry>-</entry>
|
||||
<entry><ulink url="http://tortoisesvn.tigris.org/">TortoiseSVN</ulink></entry>
|
||||
<entry>Only needed if you access the Ethereal sources using
|
||||
<entry>Only needed if you access the Wireshark sources using
|
||||
the subversion repository (the recommended way).</entry>
|
||||
</row>
|
||||
<row>
|
||||
|
@ -338,7 +338,7 @@
|
|||
<section>
|
||||
<title>TortoiseSVN</title>
|
||||
<para>
|
||||
If you want to work with the Ethereal subversion source repositories
|
||||
If you want to work with the Wireshark subversion source repositories
|
||||
(which is highly recommended, see <xref linkend="ChSrcObtain"/>),
|
||||
it's recommended to use TortoiseSVN. You can download the setup from
|
||||
<ulink url="http://tortoisesvn.tigris.org/"/> and simply install it.
|
||||
|
@ -353,7 +353,7 @@
|
|||
</para>
|
||||
<para>
|
||||
You may check the MAKENSIS setting in the file
|
||||
<filename>config.nmake</filename> of the Ethereal sources.
|
||||
<filename>config.nmake</filename> of the Wireshark sources.
|
||||
</para>
|
||||
</section>
|
||||
</section>
|
||||
|
@ -361,14 +361,14 @@
|
|||
<section id="ChToolsWin32Verify">
|
||||
<title>Verify installed tools</title>
|
||||
<para>
|
||||
After you've installed the Ethereal sources (see <xref
|
||||
After you've installed the Wireshark sources (see <xref
|
||||
linkend="ChSrcObtain"/>), you can check the correct installation of
|
||||
all tools by using the verify_tools target of the
|
||||
<filename>Makefile.nmake</filename> from the source package.
|
||||
</para>
|
||||
<warning><title>Warning!</title>
|
||||
<para>
|
||||
You will need the Ethereal sources and some tools (nmake, bash) installed,
|
||||
You will need the Wireshark sources and some tools (nmake, bash) installed,
|
||||
before this verification is able to work.
|
||||
</para>
|
||||
</warning>
|
||||
|
@ -1075,14 +1075,14 @@ warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.]]>
|
|||
<para>
|
||||
The Wireshark project uses it's own subversion (or short SVN) server to keep
|
||||
track of all the changes done to the source code. Details about the usage
|
||||
of subversion in the Ethereal project can be found in <xref
|
||||
of subversion in the Wireshark project can be found in <xref
|
||||
linkend="ChSrcSVNServer"/>.
|
||||
</para>
|
||||
<para>
|
||||
If you want to work with the source code and planning to commit your
|
||||
changes back to the Ethereal community, it is recommended to use a SVN
|
||||
changes back to the Wireshark community, it is recommended to use a SVN
|
||||
client to get the latest source files. For detailed information about the
|
||||
different ways to obtain the Ethereal sources, see
|
||||
different ways to obtain the Wireshark sources, see
|
||||
<xref linkend="ChSrcObtain"/>.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -1147,7 +1147,7 @@ This product includes software developed by CollabNet (http://www.Collab.Net/).
|
|||
Diff is used to get a file of all differences between two source
|
||||
files/trees (sometimes called a patch). The diff tool isn't needed for
|
||||
building Ethereal, but it's needed if you are going to commit your changes
|
||||
back to the Ethereal community.
|
||||
back to the Wireshark community.
|
||||
</para>
|
||||
<note><title>Note!</title>
|
||||
<para>
|
||||
|
@ -1367,7 +1367,7 @@ written by Larry Wall and Paul Eggert]]>
|
|||
<section id="ChToolsCVS">
|
||||
<title>Obsolete: CVS client</title>
|
||||
<para>
|
||||
Some time ago, the Ethereal project was using CVS to keep track of all
|
||||
Some time ago, the Wireshark project was using CVS to keep track of all
|
||||
the source code changes. As now subversion (SVN) is used, a CVS client
|
||||
is no longer helpful, see <xref linkend="ChToolsSubversion"/> for details
|
||||
about subversion clients.
|
||||
|
|
|
@ -28,7 +28,7 @@
|
|||
</para></listitem>
|
||||
</itemizedlist>
|
||||
There are other Ethereal frontends existing, not developped nor
|
||||
maintained by the Ethereal development team:
|
||||
maintained by the Wireshark development team:
|
||||
<itemizedlist>
|
||||
<listitem><para>
|
||||
Packetyzer (Win32 native interface, written in Delphi and released
|
||||
|
@ -40,7 +40,7 @@
|
|||
finished)
|
||||
</para></listitem>
|
||||
</itemizedlist>
|
||||
This chapter is focussed on the Ethereal frontend, and especially on
|
||||
This chapter is focussed on the Wireshark frontend, and especially on
|
||||
the GTK specific things.
|
||||
</para>
|
||||
</section>
|
||||
|
|
|
@ -92,7 +92,7 @@
|
|||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><command>Win-/libpcap (not part of the Ethereal package)</command></term>
|
||||
<term><command>Win-/libpcap (not part of the Wireshark package)</command></term>
|
||||
<listitem>
|
||||
<para>
|
||||
The platform dependant packet capture library, including the capture
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
needed to develop Ethereal.
|
||||
</para>
|
||||
<para>
|
||||
The second part of this book will describe how to change the Ethereal
|
||||
The second part of this book will describe how to change the Wireshark
|
||||
source code.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -55,7 +55,7 @@
|
|||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
Gerald Combs, for initiating the Ethereal project.
|
||||
Gerald Combs, for initiating the Wireshark project.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
|
|
|
@ -119,7 +119,7 @@
|
|||
%APPDATA% points to the personal configuration folder, typically
|
||||
<filename>C:\Documents and Settings\<username>\Application Data</filename>
|
||||
(for further details, have a look at <xref linkend="ChWindowsProfiles"/>),
|
||||
%ETHEREAL% points to the Ethereal program folder, typically
|
||||
%ETHEREAL% points to the Wireshark program folder, typically
|
||||
<filename>C:\Program Files\Ethereal</filename>
|
||||
</para>
|
||||
</note>
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
<section id="AppToolsIntroduction">
|
||||
<title>Introduction</title>
|
||||
<para>
|
||||
Beside the Ethereal GUI application, there are some command line tools,
|
||||
Beside the Wireshark GUI application, there are some command line tools,
|
||||
which can be helpful for doing some more specialized things. These tools
|
||||
will be described in this chapter.
|
||||
</para>
|
||||
|
@ -42,7 +42,7 @@ tcpdump -i <interface> -s 1500 -w <some-file>
|
|||
</para>
|
||||
<note><title>Note!</title>
|
||||
<para>
|
||||
tcpdump is not part of the Ethereal distribution. You can get it from:
|
||||
tcpdump is not part of the Wireshark distribution. You can get it from:
|
||||
<ulink url="http://www.tcpdump.org">http://www.tcpdump.org</ulink> for various
|
||||
platforms.
|
||||
</para>
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
<para>
|
||||
Simply select a TCP packet in the packet list of the stream/connection
|
||||
you are interested in and then select the Follow TCP Stream menu item
|
||||
from the Ethereal Tools menu (or use the context menu in the packet
|
||||
from the Wireshark Tools menu (or use the context menu in the packet
|
||||
list).
|
||||
Ethereal will set an appropriate display filter and pop up a dialog
|
||||
box with all the data from the TCP stream laid out in order,
|
||||
|
@ -883,7 +883,7 @@
|
|||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Turn off checksum validation of the specific protocol in the Ethereal
|
||||
Turn off checksum validation of the specific protocol in the Wireshark
|
||||
preferences.
|
||||
</para>
|
||||
</listitem>
|
||||
|
|
|
@ -62,7 +62,7 @@
|
|||
<section id="ChBuildInstallDistro">
|
||||
<title>Obtaining the source and binary distributions</title>
|
||||
<para>
|
||||
You can obtain both source and binary distributions from the Ethereal
|
||||
You can obtain both source and binary distributions from the Wireshark
|
||||
web site: <ulink url="&EtherealWebSite;">&EtherealWebSite;</ulink>.
|
||||
Simply select the download link, and then select either the source
|
||||
package or binary package of your choice from the mirror site closest
|
||||
|
@ -307,7 +307,7 @@ tar xvf ethereal-&EtherealCurrentVersion;-tar
|
|||
<note>
|
||||
<title>Note!</title>
|
||||
<para>
|
||||
If you have downloaded the Ethereal tarball under Windows,
|
||||
If you have downloaded the Wireshark tarball under Windows,
|
||||
you may find that your browser has created a file with
|
||||
underscores rather than periods in its file name.
|
||||
</para>
|
||||
|
@ -316,7 +316,7 @@ tar xvf ethereal-&EtherealCurrentVersion;-tar
|
|||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Change directory to the Ethereal source directory.
|
||||
Change directory to the Wireshark source directory.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
|
@ -365,15 +365,15 @@ make install
|
|||
In general, installing the binary under your version of UNIX will be
|
||||
specific to the installation methods used with your version of UNIX.
|
||||
For example, under AIX, you would use <command>smit</command> to
|
||||
install the Ethereal binary package, while under Tru64 UNIX
|
||||
install the Wireshark binary package, while under Tru64 UNIX
|
||||
(formerly Digital UNIX) you would use <command>setld</command>.
|
||||
</para>
|
||||
|
||||
<section>
|
||||
<title>Installing from rpm's under RedHat and alike</title>
|
||||
<para>
|
||||
Use the following command to install the Ethereal RPM that you have
|
||||
downloaded from the Ethereal web site:
|
||||
Use the following command to install the Wireshark RPM that you have
|
||||
downloaded from the Wireshark web site:
|
||||
<programlisting>
|
||||
rpm -ivh ethereal-0.10.5-0.2.2.i386.rpm
|
||||
</programlisting>
|
||||
|
@ -460,7 +460,7 @@ apt-get install ethereal
|
|||
<filename>ethereal-setup-x.y.z.exe</filename>.
|
||||
</para>
|
||||
<para>
|
||||
Simply download the Ethereal installer from:
|
||||
Simply download the Wireshark installer from:
|
||||
<ulink url="&EtherealBinariesPage;">&EtherealBinariesPage;</ulink>
|
||||
and execute it.
|
||||
</para>
|
||||
|
@ -474,7 +474,7 @@ apt-get install ethereal
|
|||
<section id="ChBuildInstallEtherealCommandLine">
|
||||
<title>Command line options</title>
|
||||
<para>
|
||||
You can simply start the Ethereal installer without any command line
|
||||
You can simply start the Wireshark installer without any command line
|
||||
parameters, it will show you the usual interactive installer.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -620,7 +620,7 @@ ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\P
|
|||
<title>Install WinPcap</title>
|
||||
<note><title>Note!</title>
|
||||
<para>
|
||||
<command>As mentioned above, the Ethereal installer
|
||||
<command>As mentioned above, the Wireshark installer
|
||||
(since version 0.10.12) takes care of the installation of WinPcap,
|
||||
so usually you don't have to worry about WinPcap at all!</command>
|
||||
</para>
|
||||
|
@ -630,7 +630,7 @@ ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\P
|
|||
capture files, but you will not be able to capture live network traffic.
|
||||
</para>
|
||||
<para>
|
||||
While running, the Ethereal installer detects which WinPcap version is
|
||||
While running, the Wireshark installer detects which WinPcap version is
|
||||
currently installed and will install WinPcap, if none or an older version is
|
||||
detected.
|
||||
</para>
|
||||
|
@ -651,7 +651,7 @@ ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\P
|
|||
<title>Manual WinPcap Installation</title>
|
||||
<para>
|
||||
The following is only necessary if you want to
|
||||
try a different version than the one included in the Ethereal installer,
|
||||
try a different version than the one included in the Wireshark installer,
|
||||
e.g. because a new WinPcap (beta) version was released.
|
||||
</para>
|
||||
<para>
|
||||
|
|
|
@ -765,7 +765,7 @@ ethereal -i eth0 -k
|
|||
</para>
|
||||
</tip>
|
||||
<para>
|
||||
You enter the capture filter into the Filter field of the Ethereal
|
||||
You enter the capture filter into the Filter field of the Wireshark
|
||||
Capture Options dialog box, as shown in
|
||||
<xref linkend="ChCapCaptureOptionsDialog"/>. The following is an outline
|
||||
of the syntax of the <command>tcpdump</command> capture filter language.
|
||||
|
|
|
@ -263,7 +263,7 @@
|
|||
<section id="ChIntroDownload">
|
||||
<title>Where to get Ethereal?</title>
|
||||
<para>
|
||||
You can get the latest copy of the program from the Ethereal website:
|
||||
You can get the latest copy of the program from the Wireshark website:
|
||||
<ulink url="&EtherealDownloadPage;">&EtherealDownloadPage;</ulink>. The
|
||||
website allows you to choose from among several mirrors for
|
||||
downloading.
|
||||
|
@ -341,7 +341,7 @@
|
|||
</title>
|
||||
<para>
|
||||
Ethereal was initially developed by Gerald Combs. Ongoing development
|
||||
and maintenance of Wireshark is handled by the Ethereal team, a loose
|
||||
and maintenance of Wireshark is handled by the Wireshark team, a loose
|
||||
group of individuals who fix bugs and provide new functionality.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -357,7 +357,7 @@
|
|||
the <ulink url="&GPLWebsite;">GNU General Public Licence</ulink> (GPL).
|
||||
All source code is freely available under the GPL. You are welcome to
|
||||
modify Ethereal to suit your own needs, and it would be appreciated
|
||||
if you contribute your improvements back to the Ethereal team.
|
||||
if you contribute your improvements back to the Wireshark team.
|
||||
</para>
|
||||
<para>
|
||||
You gain three benefits by contributing your improvements back to the
|
||||
|
@ -392,7 +392,7 @@
|
|||
</para>
|
||||
<para>
|
||||
The Wireshark source code and binary kits for some platforms are all
|
||||
available on the download page of the Ethereal website:
|
||||
available on the download page of the Wireshark website:
|
||||
<ulink url="&EtherealDownloadPage;">&EtherealDownloadPage;</ulink>.
|
||||
</para>
|
||||
</section>
|
||||
|
@ -407,7 +407,7 @@
|
|||
|
||||
<section id="ChIntroHomepage"><title>Website</title>
|
||||
<para>
|
||||
You will find lot's of useful information on the Ethereal homepage at
|
||||
You will find lot's of useful information on the Wireshark homepage at
|
||||
<ulink url="&EtherealWebSite;">&EtherealWebSite;</ulink>.
|
||||
</para>
|
||||
</section>
|
||||
|
@ -481,10 +481,10 @@
|
|||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
You can subscribe to each of these lists from the Ethereal web site:
|
||||
You can subscribe to each of these lists from the Wireshark web site:
|
||||
<ulink url="&EtherealWebSite;">&EtherealWebSite;</ulink>. Simply
|
||||
select the <command>mailing lists</command> link on the left hand
|
||||
side of the site. The lists are archived at the Ethereal web site
|
||||
side of the site. The lists are archived at the Wireshark web site
|
||||
as well.
|
||||
<tip><title>Tip!</title>
|
||||
<para>
|
||||
|
|
|
@ -68,7 +68,7 @@
|
|||
The "Open Capture File" dialog box allows you to search for a
|
||||
capture file containing previously captured packets for display in
|
||||
Ethereal. <xref linkend="ChIOOpenFileDialog"/> shows an example
|
||||
of the Ethereal Open File Dialog box.
|
||||
of the Wireshark Open File Dialog box.
|
||||
</para>
|
||||
<note>
|
||||
<title>Note</title>
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
How the Ethereal user interface works
|
||||
How the Wireshark user interface works
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
|
@ -132,7 +132,7 @@
|
|||
|
||||
<section id="ChUseMenuSection"><title>The Menu</title>
|
||||
<para>
|
||||
The Wireshark menu sits on top of the Ethereal window.
|
||||
The Wireshark menu sits on top of the Wireshark window.
|
||||
An example is shown in <xref linkend="ChUseEtherealMenu"/>.
|
||||
</para>
|
||||
<note><title>Note!</title>
|
||||
|
@ -342,7 +342,7 @@
|
|||
<entry></entry>
|
||||
<entry><para>
|
||||
This menu item allows you to show a list of files in a file set.
|
||||
It pops up the Ethereal List File Set dialog box (which is
|
||||
It pops up the Wireshark List File Set dialog box (which is
|
||||
discussed further in <xref linkend="ChIOFileSetSection"/>).
|
||||
</para></entry>
|
||||
</row>
|
||||
|
@ -375,7 +375,7 @@
|
|||
<entry><para>
|
||||
This menu item allows you to export all, or some, of the packets in
|
||||
the capture file to a plain ASCII text file.
|
||||
It pops up the Ethereal Export dialog box (which is discussed further in
|
||||
It pops up the Wireshark Export dialog box (which is discussed further in
|
||||
<xref linkend="ChIOExportPlainDialog"/>).
|
||||
</para></entry>
|
||||
</row>
|
||||
|
@ -385,7 +385,7 @@
|
|||
<entry><para>
|
||||
This menu item allows you to export the (or some) of the packets in
|
||||
the capture file to a PostScript file.
|
||||
It pops up the Ethereal Export dialog box (which is discussed further in
|
||||
It pops up the Wireshark Export dialog box (which is discussed further in
|
||||
<xref linkend="ChIOExportPSDialog"/>).
|
||||
</para></entry>
|
||||
</row>
|
||||
|
@ -395,7 +395,7 @@
|
|||
<entry><para>
|
||||
This menu item allows you to export the (or some) of the packet summaries in
|
||||
the capture file to a .csv file (e.g. used by spreadsheet programs).
|
||||
It pops up the Ethereal Export dialog box (which is discussed further in
|
||||
It pops up the Wireshark Export dialog box (which is discussed further in
|
||||
<xref linkend="ChIOExportCSVDialog"/>).
|
||||
</para></entry>
|
||||
</row>
|
||||
|
@ -405,7 +405,7 @@
|
|||
<entry><para>
|
||||
This menu item allows you to export the (or some) of the packets in
|
||||
the capture file to a PSML (packet summary markup language) XML file.
|
||||
It pops up the Ethereal Export dialog box (which is discussed further in
|
||||
It pops up the Wireshark Export dialog box (which is discussed further in
|
||||
<xref linkend="ChIOExportPSMLDialog"/>).
|
||||
</para></entry>
|
||||
</row>
|
||||
|
@ -415,7 +415,7 @@
|
|||
<entry><para>
|
||||
This menu item allows you to export the (or some) of the packets in
|
||||
the capture file to a PDML (packet details markup language) XML file.
|
||||
It pops up the Ethereal Export dialog box (which is discussed further in
|
||||
It pops up the Wireshark Export dialog box (which is discussed further in
|
||||
<xref linkend="ChIOExportPDMLDialog"/>).
|
||||
</para></entry>
|
||||
</row>
|
||||
|
@ -439,7 +439,7 @@
|
|||
<entry>Ctrl+P</entry>
|
||||
<entry><para>
|
||||
This menu item allows you to print all (or some of) the packets in
|
||||
the capture file. It pops up the Ethereal Print dialog
|
||||
the capture file. It pops up the Wireshark Print dialog
|
||||
box (which is discussed further in
|
||||
<xref linkend="ChIOPrintSection"/>).
|
||||
</para></entry>
|
||||
|
@ -1586,7 +1586,7 @@
|
|||
<entry>File/Print...</entry>
|
||||
<entry><para>
|
||||
This item allows you to print all (or some of) the packets in
|
||||
the capture file. It pops up the Ethereal Print dialog
|
||||
the capture file. It pops up the Wireshark Print dialog
|
||||
box (which is discussed further in
|
||||
<xref linkend="ChIOPrintSection"/>).
|
||||
</para></entry>
|
||||
|
|
|
@ -506,7 +506,7 @@
|
|||
<para>
|
||||
To select packets based on protocol type, simply type the protocol you
|
||||
are interested in in the <command>Filter:</command> field in the filter
|
||||
toolbar of the Ethereal window and press enter to initiate
|
||||
toolbar of the Wireshark window and press enter to initiate
|
||||
the filter. <xref linkend="ChWorkTCPFilter"/> shows an example of what
|
||||
happens when you type <command>tcp</command> in the filter field.
|
||||
</para>
|
||||
|
@ -537,7 +537,7 @@
|
|||
You can filter on any protocol that Ethereal understands.
|
||||
You can also filter on any field that a dissector adds to the tree
|
||||
view, but only if the dissector has added an abbreviation for the
|
||||
field. A list of such fields is available in the Ethereal in the
|
||||
field. A list of such fields is available in the Wireshark in the
|
||||
<command>Add Expression...</command> dialog box. You can find more
|
||||
information on the <command>Add Expression...</command> dialog box
|
||||
in <xref linkend="ChWorkFilterAddExpressionSection"/>.
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
would like from Ethereal because of the lack of documentation.
|
||||
</para>
|
||||
<para>
|
||||
This document is part of an effort by the Ethereal team to improve the
|
||||
This document is part of an effort by the Wireshark team to improve the
|
||||
usability of Ethereal.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -32,7 +32,7 @@
|
|||
<para>
|
||||
This book is not intended to explain network sniffing in general and it will
|
||||
not provide details about specific network protocols. A lot of useful
|
||||
information regarding these topics can be found at the Ethereal Wiki at
|
||||
information regarding these topics can be found at the Wireshark Wiki at
|
||||
<ulink url="&EtherealWikiPage;">&EtherealWikiPage;</ulink>
|
||||
</para>
|
||||
<para>
|
||||
|
@ -53,7 +53,7 @@
|
|||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
Gerald Combs, for initiating the Ethereal project and funding to
|
||||
Gerald Combs, for initiating the Wireshark project and funding to
|
||||
do this documentation.
|
||||
</para>
|
||||
</listitem>
|
||||
|
@ -124,7 +124,7 @@
|
|||
<para>
|
||||
This book was originally developed by
|
||||
<ulink url="mailto:&AuthorEmail;">Richard Sharpe</ulink> with
|
||||
funds provided from the Ethereal Fund. It was updated by
|
||||
funds provided from the Wireshark Fund. It was updated by
|
||||
<ulink url="mailto:&AuthorEmail2;">Ed Warnicke</ulink> and more recently
|
||||
redesigned and updated by <ulink url="mailto:&AuthorEmail3;">Ulf
|
||||
Lamping</ulink>.
|
||||
|
|
|
@ -131,7 +131,7 @@ Ethereal Info
|
|||
Most Linux and Unix vendors supply their own Ethereal packages.
|
||||
You can install or upgrade Ethereal using the package management
|
||||
system specific to that platform. A list of third-party packages
|
||||
can be found on the <ulink url="http://www.ethereal.com/download.html#otherplat">download page</ulink> on the Ethereal web site.
|
||||
can be found on the <ulink url="http://www.ethereal.com/download.html#otherplat">download page</ulink> on the Wireshark web site.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
The REAMDE specific to the Ethereal "copy" of the pidl sources
|
||||
The REAMDE specific to the Wireshark "copy" of the pidl sources
|
||||
==============================================================
|
||||
|
||||
The tree tools/pidl is a direct extract from
|
||||
|
@ -8,7 +8,7 @@ to allow building Ethereal pidl dissectors without having to
|
|||
|
||||
Don't do changes here, do them at the samba tree! Changes to this tree will
|
||||
be overwritten the next time the sources from the samba tree are updated,
|
||||
which is basically every time you do an svn up in the Ethereal toplevel dir.
|
||||
which is basically every time you do an svn up in the Wireshark toplevel dir.
|
||||
|
||||
In order to build, install yapp (on Suse, the rpm is named perl-Parse-Yapp),
|
||||
then do
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
from atsvc.idl and atsvc.cnf.
|
||||
|
||||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Ethereal team.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
*/
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
from atsvc.idl and atsvc.cnf.
|
||||
|
||||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Ethereal team.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
*/
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
from initshutdown.idl and initshutdown.cnf.
|
||||
|
||||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Ethereal team.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
*/
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
from initshutdown.idl and initshutdown.cnf.
|
||||
|
||||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Ethereal team.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
*/
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
from winreg.idl and winreg.cnf.
|
||||
|
||||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Ethereal team.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
*/
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
from winreg.idl and winreg.cnf.
|
||||
|
||||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Ethereal team.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
*/
|
||||
|
|
|
@ -494,7 +494,7 @@ get_progfile_dir(void)
|
|||
* Note that some of those configuration files might be used by code in
|
||||
* libethereal, some of them might be used by dissectors (would they
|
||||
* belong to libethereal, the application, or a separate library?),
|
||||
* and some of them might be used by other code (the Ethereal preferences
|
||||
* and some of them might be used by other code (the Wireshark preferences
|
||||
* file includes resolver preferences that control the behavior of code
|
||||
* in libethereal, dissector preferences, and UI preferences, for
|
||||
* example).
|
||||
|
|
|
@ -352,7 +352,7 @@ char *get_plugins_global_dir(const char *plugin_dir)
|
|||
*
|
||||
* Assume we're running the installed version of Wireshark;
|
||||
* on Windows, the data file directory is the directory
|
||||
* in which the Ethereal binary resides.
|
||||
* in which the Wireshark binary resides.
|
||||
*/
|
||||
install_plugin_dir = g_strdup_printf("%s\\plugins\\%s", get_datafile_dir(), VERSION);
|
||||
|
||||
|
|
|
@ -3275,13 +3275,13 @@ welcome_new(void)
|
|||
#if (GLIB_MAJOR_VERSION >= 2)
|
||||
item_hb = welcome_item(GTK_STOCK_HOME,
|
||||
"Home",
|
||||
"Visit the Ethereal homepage",
|
||||
"Visit the Wireshark homepage",
|
||||
GTK_SIGNAL_FUNC(topic_cb), GINT_TO_POINTER(ONLINEPAGE_HOME));
|
||||
gtk_box_pack_start(GTK_BOX(welcome_vb), item_hb, TRUE, FALSE, 5);
|
||||
|
||||
item_hb = welcome_item(ETHEREAL_STOCK_WEB_SUPPORT,
|
||||
"User's Guide",
|
||||
"Open the Ethereal User's Guide",
|
||||
"Open the Wireshark User's Guide",
|
||||
GTK_SIGNAL_FUNC(topic_cb), GINT_TO_POINTER(ONLINEPAGE_USERGUIDE));
|
||||
gtk_box_pack_start(GTK_BOX(welcome_vb), item_hb, TRUE, FALSE, 5);
|
||||
#endif
|
||||
|
|
|
@ -4,7 +4,7 @@ Capture Filters are used to filter out uninteresting packets already at capture
|
|||
|
||||
Ethereal uses the pcap (libpcap/WinPcap) filter language for capture filters. This language is explained in the tcpdump man page under "expression" (http://www.tcpdump.org and search for "selects which").
|
||||
|
||||
Note: This capture filter language is different from the one used for the Ethereal display filters!
|
||||
Note: This capture filter language is different from the one used for the Wireshark display filters!
|
||||
|
||||
-------------------------------------------------
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ Everytime you change the filter string, all packets will be reread from the capt
|
|||
|
||||
Ethereal offers a very powerful display filter language for this. It can be used for a wide range of purposes, from simply: "show only packets from a specific IP address", or on the other hand, to very complex filters like: "find all packets where a special application specific flag is set".
|
||||
|
||||
Note: This display filter language is different from the one used for the Ethereal capture filters!
|
||||
Note: This display filter language is different from the one used for the Wireshark capture filters!
|
||||
|
||||
-------------------------------------------------
|
||||
|
||||
|
|
30
help/faq.txt
30
help/faq.txt
|
@ -270,7 +270,7 @@
|
|||
cannot, for example, make a "derived work" from Ethereal, by making
|
||||
modifications to it, and then sell the resulting derived work and not allow
|
||||
recipients to give away the resulting work. You must also make the changes
|
||||
you've made to the Ethereal source available to all recipients of your
|
||||
you've made to the Wireshark source available to all recipients of your
|
||||
modified version; those changes must also be licensed under the terms of the
|
||||
GPL. See the GPL FAQ for more details; in particular, note the answer to the
|
||||
question about modifying a GPLed program and selling it commercially, and
|
||||
|
@ -1409,7 +1409,7 @@ cies
|
|||
single port so that you can plug your analyzer into that single port to
|
||||
sniff all traffic. You would have to check the documentation for the switch
|
||||
to see if this is possible and, if so, to see how to do this. See the switch
|
||||
reference page on the Ethereal Wiki for information on some switches. (Note
|
||||
reference page on the Wireshark Wiki for information on some switches. (Note
|
||||
that it's a Wiki, so you can update or fix that information, or add
|
||||
additional information on those switches or information on new switches,
|
||||
yourself.)
|
||||
|
@ -1457,7 +1457,7 @@ cies
|
|||
|
||||
In the case of token ring interfaces, the drivers for some of them, on
|
||||
Windows, may require you to enable promiscuous mode in order to capture in
|
||||
promiscuous mode. See the Ethereal Wiki item on Token Ring capturing for
|
||||
promiscuous mode. See the Wireshark Wiki item on Token Ring capturing for
|
||||
details.
|
||||
|
||||
In the case of wireless LAN interfaces, it appears that, when those
|
||||
|
@ -1532,7 +1532,7 @@ cies
|
|||
of Ethereal and a shared libpcap library with DAG support, in order to do so
|
||||
with Ethereal. You should ask Endace whether that could be used to capture
|
||||
traffic on, for example, your T1/E1 link.
|
||||
See the SS7 capture setup page on the Ethereal Wiki for current information
|
||||
See the SS7 capture setup page on the Wireshark Wiki for current information
|
||||
on capturing SS7 traffic on TDM links.
|
||||
|
||||
Q 7.6: How do I put an interface into promiscuous mode?
|
||||
|
@ -1681,7 +1681,7 @@ cies
|
|||
In order to see the raw Ethernet packets, rather than "de-VLANized" packets,
|
||||
you would have to capture not on the virtual interface for the VLAN, but on
|
||||
the interface corresponding to the physical network device, if possible. See
|
||||
the Ethereal Wiki item on VLAN capturing for details.
|
||||
the Wireshark Wiki item on VLAN capturing for details.
|
||||
|
||||
Q 7.12: Why does Ethereal hang after I stop a capture?
|
||||
|
||||
|
@ -1728,13 +1728,13 @@ cies
|
|||
running the most recent release of Ethereal, you should first upgrade to
|
||||
that release, as, if there's a bug of that sort, it might've been fixed in a
|
||||
release after the one you're running. If the hang occurs in the most recent
|
||||
release of Ethereal, the bug should be reported to the Ethereal developers'
|
||||
release of Ethereal, the bug should be reported to the Wireshark developers'
|
||||
mailing list at ethereal-dev@ethereal.com.
|
||||
|
||||
On UNIX-flavored OSes, please try to force Ethereal to dump core, by sending
|
||||
it a SIGABRT signal (usually signal 6) with the kill command, and then get a
|
||||
stack trace if you have a debugger installed. A stack trace can be obtained
|
||||
by using your debugger (gdb in this example), the Ethereal binary, and the
|
||||
by using your debugger (gdb in this example), the Wireshark binary, and the
|
||||
resulting core file. Here's an example of how to use the gdb command
|
||||
backtrace to do so.
|
||||
$ gdb ethereal core
|
||||
|
@ -1819,7 +1819,7 @@ cies
|
|||
4.0 or Windows Vista Beta 1, you should be able to capture on the
|
||||
"GenericDialupAdapter" with WinPcap 3.1. (3.1 beta releases called it
|
||||
the "NdisWanAdapter"; if you're using a 3.1 beta release, you should
|
||||
un-install it and install the final 3.1 release.) See the Ethereal Wiki
|
||||
un-install it and install the final 3.1 release.) See the Wireshark Wiki
|
||||
item on PPP capturing for details.
|
||||
4. WinPcap prior to 3.0 does not support multiprocessor machines (note that
|
||||
machines with a single multi-threaded processor, such as Intel's new
|
||||
|
@ -1909,7 +1909,7 @@ cies
|
|||
or Windows Vista Beta 1, you should be able to capture on the
|
||||
"GenericDialupAdapter" with WinPcap 3.1. (3.1 beta releases called it the
|
||||
"NdisWanAdapter"; if you're using a 3.1 beta release, you should un-install
|
||||
it and install the final 3.1 release.) See the Ethereal Wiki item on PPP
|
||||
it and install the final 3.1 release.) See the Wireshark Wiki item on PPP
|
||||
capturing for details.
|
||||
|
||||
Q 8.4: I'm running Ethereal on Windows NT 4.0/Windows 2000/Windows
|
||||
|
@ -1930,7 +1930,7 @@ cies
|
|||
or Windows Vista Beta 1, you should be able to capture on the
|
||||
"GenericDialupAdapter" with WinPcap 3.1. (3.1 beta releases called it the
|
||||
"NdisWanAdapter"; if you're using a 3.1 beta release, you should un-install
|
||||
it and install the final 3.1 release.) See the Ethereal Wiki item on PPP
|
||||
it and install the final 3.1 release.) See the Wireshark Wiki item on PPP
|
||||
capturing for details.
|
||||
|
||||
Q 8.5: I'm running Ethereal on Windows 95/98/Me, on a machine with more than
|
||||
|
@ -2018,14 +2018,14 @@ cies
|
|||
account sufficient privileges to capture packets. Only those interfaces that
|
||||
Ethereal can open for capturing show up in that list; if you don't have
|
||||
sufficient privileges to capture on any interfaces, no interfaces will show
|
||||
up in the list. See the Ethereal Wiki item on capture privileges for details
|
||||
up in the list. See the Wireshark Wiki item on capture privileges for details
|
||||
on how to give a particular account or account group capture privileges on
|
||||
platforms where that can be done.
|
||||
|
||||
If you are running Ethereal from an account with sufficient privileges, then
|
||||
note that Ethereal relies on the libpcap library, and on the facilities that
|
||||
come with the OS on which it's running in order to do captures. On some
|
||||
OSes, those facilities aren't present by default; see the Ethereal Wiki item
|
||||
OSes, those facilities aren't present by default; see the Wireshark Wiki item
|
||||
on adding capture support for details.
|
||||
|
||||
And, even if you're running with an account that has sufficient privileges
|
||||
|
@ -2142,7 +2142,7 @@ cies
|
|||
resolve the name because it will not be able to communicate with any DNS or
|
||||
NIS servers.
|
||||
|
||||
See the Ethereal Wiki item on 802.11 capturing for details.
|
||||
See the Wireshark Wiki item on 802.11 capturing for details.
|
||||
|
||||
Q 10.2: How do I capture on an 802.11 device in monitor mode?
|
||||
|
||||
|
@ -2179,7 +2179,7 @@ cies
|
|||
possible" option, clicking "Save" if you want to save that setting in your
|
||||
preference file, and clicking "OK".
|
||||
|
||||
It can also be set on the Ethereal or Tethereal command line with a -o
|
||||
It can also be set on the Wireshark or Tethereal command line with a -o
|
||||
tcp.check_checksum:false command-line flag, or manually set in your
|
||||
preferences file by adding a tcp.check_checksum:false line.
|
||||
|
||||
|
@ -2267,7 +2267,7 @@ cies
|
|||
Q 12.3: How do I filter a capture to see traffic for virus XXX?
|
||||
|
||||
A: For some viruses/worms there might be a capture filter to recognize the
|
||||
virus traffic. Check the CaptureFilters page on the Ethereal Wiki to see if
|
||||
virus traffic. Check the CaptureFilters page on the Wireshark Wiki to see if
|
||||
anybody's added such a filter.
|
||||
|
||||
Note that Ethereal was not designed to be an intrusion detection system; you
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
This directory contains a set of images and icons for the Ethereal suite of
|
||||
This directory contains a set of images and icons for the Wireshark suite of
|
||||
applications. Of particular note for people creating packages for
|
||||
distribution are the files ethereal.ico, hi??-app-ethereal.png, and
|
||||
lo??-app-ethereal.png.
|
||||
|
|
2
make-faq
2
make-faq
|
@ -2,7 +2,7 @@
|
|||
#
|
||||
# $Id$
|
||||
#
|
||||
# Make-faq - Creates a plain text version of the Ethereal FAQ
|
||||
# Make-faq - Creates a plain text version of the Wireshark FAQ
|
||||
# from http://www.ethereal.com/faq.html
|
||||
|
||||
rm -f FAQ
|
||||
|
|
2
manuf
2
manuf
|
@ -39,7 +39,7 @@
|
|||
# The Wireshark 'manuf' file, which started out as a subset of Michael
|
||||
# Patton's list and grew from there.
|
||||
#
|
||||
# In the event of data set collisions the Ethereal entries have been given
|
||||
# In the event of data set collisions the Wireshark entries have been given
|
||||
# precedence, followed by Michael Patton's, followed by the IEEE.
|
||||
#
|
||||
# This file is in the same format as ethers(4) except that vendor names
|
||||
|
|
|
@ -36,7 +36,7 @@
|
|||
# The Wireshark 'manuf' file, which started out as a subset of Michael
|
||||
# Patton's list and grew from there.
|
||||
#
|
||||
# In the event of data set collisions the Ethereal entries have been given
|
||||
# In the event of data set collisions the Wireshark entries have been given
|
||||
# precedence, followed by Michael Patton's, followed by the IEEE.
|
||||
#
|
||||
# This file is in the same format as ethers(4) except that vendor names
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
#
|
||||
|
||||
# path to the Ethereal binaries, only used for the settings below
|
||||
# path to the Wireshark binaries, only used for the settings below
|
||||
ETH_BIN_PATH=../Debug_GTK2
|
||||
|
||||
# Tweak the following to your liking.
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Test the capture engine of the Ethereal tools
|
||||
# Test the capture engine of the Wireshark tools
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Test the command line options of the Ethereal tools
|
||||
# Test the command line options of the Wireshark tools
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Test the file I/O of the Ethereal tools
|
||||
# Test the file I/O of the Wireshark tools
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Test various command line testable aspects of the Ethereal tools
|
||||
# Test various command line testable aspects of the Wireshark tools
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
|
|
|
@ -141,7 +141,7 @@ static print_stream_t *print_stream;
|
|||
* Standard secondary message for unexpected errors.
|
||||
*/
|
||||
static const char please_report[] =
|
||||
"Please report this to the Ethereal developers";
|
||||
"Please report this to the Wireshark developers";
|
||||
|
||||
#ifdef HAVE_LIBPCAP
|
||||
/*
|
||||
|
|
|
@ -808,7 +808,7 @@ sub Parse($$$$)
|
|||
from $idl_file and $cnf_file.
|
||||
|
||||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Ethereal team.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
*/
|
||||
|
|
Loading…
Reference in New Issue