Tethereal/tethereal -> TShark/tshark.

svn path=/trunk/; revision=18268
This commit is contained in:
Gerald Combs 2006-05-31 17:38:42 +00:00
parent 7bc853b62b
commit 8958bab6de
98 changed files with 438 additions and 438 deletions

18
FAQ
View File

@ -41,7 +41,7 @@
3. Installing Ethereal:
3.1 I installed an Ethereal RPM; why did it install Tethereal but not
3.1 I installed an Ethereal RPM; why did it install TShark but not
Ethereal?
4. Building Ethereal:
@ -70,7 +70,7 @@
5.1 Why does Ethereal crash with a Bus Error when I try to run it on Solaris
8?
5.2 When I run Tethereal with the "-x" option, why does it crash with an
5.2 When I run TShark with the "-x" option, why does it crash with an
error
"** ERROR **: file print.c: line 691 (print_line): should not be reached.
@ -1169,7 +1169,7 @@ cies
3. Installing Ethereal
Q 3.1: I installed an Ethereal RPM; why did it install Tethereal but not
Q 3.1: I installed an Ethereal RPM; why did it install TShark but not
Ethereal?
A: Older versions of the Red Hat RPMs for Wireshark put only the non-GUI
@ -1270,7 +1270,7 @@ cies
Similar problems may exist with older versions of GTK+ for earlier versions
of Solaris.
Q 5.2: When I run Tethereal with the "-x" option, why does it crash with an
Q 5.2: When I run TShark with the "-x" option, why does it crash with an
error
"** ERROR **: file print.c: line 691 (print_line): should not be reached.
@ -1440,7 +1440,7 @@ cies
supply to the host all network packets they see. Ethereal will try to put
the interface on which it's capturing into promiscuous mode unless the
"Capture packets in promiscuous mode" option is turned off in the "Capture
Options" dialog box, and Tethereal will try to put the interface on which
Options" dialog box, and TShark will try to put the interface on which
it's capturing into promiscuous mode unless the -p option was specified.
However, some network interfaces don't support promiscuous mode, and some
OSes might not allow interfaces to be put into promiscuous mode.
@ -1537,7 +1537,7 @@ cies
Q 7.6: How do I put an interface into promiscuous mode?
A: By not disabling promiscuous mode when running Ethereal or Tethereal.
A: By not disabling promiscuous mode when running Ethereal or TShark.
Note, however, that:
* the form of promiscuous mode that libpcap (the library that programs
@ -1768,7 +1768,7 @@ cies
A: If you are running Ethereal on Windows NT 4.0, Windows 2000, Windows XP,
or Windows Server 2003, and this is the first time you have run a
WinPcap-based program (such as Ethereal, or Tethereal, or WinDump, or
WinPcap-based program (such as Ethereal, or TShark, or WinDump, or
Analyzer, or...) since the machine was rebooted, you need to run that
program from an account with administrator privileges; once you have run
such a program, you will not need administrator privileges to run any such
@ -2137,7 +2137,7 @@ cies
passively capture packets.
This means that you should disable name resolution when capturing in monitor
mode; otherwise, when Ethereal (or Tethereal, or tcpdump) tries to display
mode; otherwise, when Ethereal (or TShark, or tcpdump) tries to display
IP addresses as host names, it will probably block for a long time trying to
resolve the name because it will not be able to communicate with any DNS or
NIS servers.
@ -2179,7 +2179,7 @@ cies
possible" option, clicking "Save" if you want to save that setting in your
preference file, and clicking "OK".
It can also be set on the Wireshark or Tethereal command line with a -o
It can also be set on the Wireshark or TShark command line with a -o
tcp.check_checksum:false command-line flag, or manually set in your
preferences file by adding a tcp.check_checksum:false line.

12
INSTALL
View File

@ -33,7 +33,7 @@ README.win32 for those instructions.
GLib 2.x; you need to configure with --disable-gtk2 to use GTK+
1.2[.x].
2. If you wish to build Tethereal, the line-mode version of Ethereal,
2. If you wish to build TShark, the line-mode version of Ethereal,
make sure you have GLIB installed. See note #1 above for instructions
on checking if you have GLIB installed. You can download GLIB from
the same site as GTK.
@ -83,8 +83,8 @@ README.win32 for those instructions.
--disable-gtk2
Build Glib/Gtk+ 1.2[.x]-based ethereal.
--disable-tethereal
By default the line-mode packet analyzer, Tethereal, is built.
--disable-tshark
By default the line-mode packet analyzer, TShark, is built.
Use this switch to avoid building it.
--disable-editcap
@ -128,7 +128,7 @@ README.win32 for those instructions.
By default, if 'configure' finds zlib (a.k.a, libz), the
wiretap library will be built so that it can read compressed
capture files. If you have zlib but do not wish to build
it into the wiretap library, used by Wireshark, Tethereal, and
it into the wiretap library, used by Wireshark, TShark, and
the capture-file utilities that come in this package, use
this switch.
@ -144,7 +144,7 @@ README.win32 for those instructions.
--enable-setuid-install
Use this switch to install the packet analyzers as setuid.
Installating Ethereal and Tethereal as setuid 'root' is
Installating Ethereal and TShark as setuid 'root' is
dangerous. Repeat: IT'S DANGEROUS. Don't do it.
--with-ssl=DIR
@ -195,7 +195,7 @@ README.win32 for those instructions.
6. Run 'make'. Hopefully, you won't run into any problems.
7. Run './ethereal' or './tethereal', and make sure things are working.
7. Run './ethereal' or './tshark', and make sure things are working.
You must have root privileges in order to capture live data.
8. Run 'make install'. If you wish to install the man page, run

View File

@ -60,13 +60,13 @@ ACLOCAL_AMFLAGS = `./aclocal-flags`
# automake will arrange that the Makefile define it as the union of all
# the "man{section}_MANS" variables.
#
bin_PROGRAMS = @ethereal_bin@ @capinfos_bin@ @editcap_bin@ @mergecap_bin@ @tethereal_bin@ @dftest_bin@ @randpkt_bin@ @text2pcap_bin@ @dumpcap_bin@
bin_PROGRAMS = @ethereal_bin@ @capinfos_bin@ @editcap_bin@ @mergecap_bin@ @tshark_bin@ @dftest_bin@ @randpkt_bin@ @text2pcap_bin@ @dumpcap_bin@
bin_SCRIPTS = @idl2wrs_bin@
man1_MANS = @ethereal_man@ @capinfos_man@ @editcap_man@ @mergecap_man@ @tethereal_man@ @text2pcap_man@ @dumpcap_man@ @idl2wrs_man@
man1_MANS = @ethereal_man@ @capinfos_man@ @editcap_man@ @mergecap_man@ @tshark_man@ @text2pcap_man@ @dumpcap_man@ @idl2wrs_man@
man4_MANS = @etherealfilter_man@
man_MANS =
EXTRA_PROGRAMS = ethereal tethereal capinfos editcap mergecap dftest \
EXTRA_PROGRAMS = ethereal tshark capinfos editcap mergecap dftest \
randpkt text2pcap dumpcap
EXTRA_SCRIPTS = idl2wrs
@ -77,7 +77,7 @@ idl2wrs: tools/idl2wrs.sh Makefile
#
# Ethereal configuration files are put in $(pkgdatadir).
#
pkgdata_DATA = AUTHORS-SHORT manuf ethereal.html tethereal.html \
pkgdata_DATA = AUTHORS-SHORT manuf ethereal.html tshark.html \
ethereal-filter.html capinfos.html editcap.html \
idl2wrs.html mergecap.html text2pcap.html dumpcap.html \
cfilters colorfilters dfilters
@ -266,11 +266,11 @@ endif # HAVE_PLUGINS
# Optional objects that I know how to build. These will be
# linked into the ethereal executable.
# They will also be linked into the tethereal executable; if this
# They will also be linked into the tshark executable; if this
# list ever grows to include something that can't be linked with
# tethereal, or if tethereal needs something that wireshark doesn't,
# tshark, or if tshark needs something that wireshark doesn't,
# we should probably split this into stuff needed both
# by wireshark and tethereal and stuff needed only by one or the
# by wireshark and tshark and stuff needed only by one or the
# other.
ethereal_optional_objects = @GETOPT_O@ @SNPRINTF_O@ @STRERROR_O@ \
@STRCASECMP_O@ @STRNCASECMP_O@ @MKSTEMP_O@ @STRPTIME_O@
@ -312,21 +312,21 @@ ethereal_LDADD = \
@LIBGNUTLS_LIBS@
# Additional libs that I know how to build. These will be
# linked into the tethereal executable.
tethereal_additional_libs = \
# linked into the tshark executable.
tshark_additional_libs = \
wiretap/libwiretap.la \
epan/libwireshark.la
# This is the automake dependency variable for the executable
tethereal_DEPENDENCIES = \
tshark_DEPENDENCIES = \
$(ethereal_optional_objects) \
$(tethereal_additional_libs) \
$(tshark_additional_libs) \
$(plugin_libs)
# This automake variable adds to the link-line for the executable
tethereal_LDADD = \
tshark_LDADD = \
$(ethereal_optional_objects) \
$(tethereal_additional_libs) \
$(tshark_additional_libs) \
@SNMP_LIBS@ @SSL_LIBS@ \
$(plugin_ldadd) \
@PCRE_LIBS@ \
@ -335,9 +335,9 @@ tethereal_LDADD = \
@LIBGNUTLS_LIBS@
if ENABLE_STATIC
tethereal_LDFLAGS = -Wl,-static -all-static
tshark_LDFLAGS = -Wl,-static -all-static
else
tethereal_LDFLAGS = -export-dynamic
tshark_LDFLAGS = -export-dynamic
endif
# Optional objects that I know how to build, and that are needed by
@ -398,9 +398,9 @@ SUFFIXES = .sh
$(editsh) $< > $@.tmp && chmod +x $@.tmp && mv $@.tmp $@
#
# Build "tethereal-tap-register.c", which contains a function
# Build "tshark-tap-register.c", which contains a function
# "register_all_tap_listeners()"
# that calls the register routines for all tethereal tap listeners.
# that calls the register routines for all tshark tap listeners.
#
# We do this by grepping through sources.
#
@ -411,9 +411,9 @@ SUFFIXES = .sh
# The first argument is the directory in which the source files live.
# All subsequent arguments are the files to scan.
#
tethereal-tap-register.c: $(TETHEREAL_TAP_SRC) $(srcdir)/make-tapreg-dotc
@echo Making tethereal-tap-register.c
@$(srcdir)/make-tapreg-dotc tethereal-tap-register.c $(srcdir) $(TETHEREAL_TAP_SRC)
tshark-tap-register.c: $(TSHARK_TAP_SRC) $(srcdir)/make-tapreg-dotc
@echo Making tshark-tap-register.c
@$(srcdir)/make-tapreg-dotc tshark-tap-register.c $(srcdir) $(TSHARK_TAP_SRC)
ps.c: print.ps rdps
./rdps $(srcdir)/print.ps ps.c
@ -557,7 +557,7 @@ EXTRA_DIST = \
doc/idl2wrs.pod \
doc/mergecap.pod \
doc/randpkt.txt \
doc/tethereal.pod \
doc/tshark.pod \
doc/text2pcap.pod \
doc/dumpcap.pod \
docbook/Makefile.auto.am \
@ -608,7 +608,7 @@ EXTRA_DIST = \
image/stock_dialog_question_48.xpm \
image/stock_dialog_info_48.xpm \
image/stock_dialog_stop_48.xpm \
image/tethereal.rc.in \
image/tshark.rc.in \
image/text2pcap.rc.in \
image/toolbar/autoscroll_24.xpm \
image/toolbar/capture_filter_24.xpm \
@ -688,7 +688,7 @@ EXTRA_DIST = \
if SETUID_INSTALL
install-exec-hook:
-chmod +s $(DESTDIR)$(bindir)/dumpcap
-chmod +s $(DESTDIR)$(bindir)/tethereal
-chmod +s $(DESTDIR)$(bindir)/tshark
else
install-exec-hook:
endif
@ -705,11 +705,11 @@ ethereal.1: doc/ethereal.pod AUTHORS-SHORT-FORMAT
(cd doc ; \
$(MAKE) ../ethereal.1 )
tethereal.1: doc/tethereal.pod
tshark.1: doc/tshark.pod
(cd doc ; \
$(MAKE) ../tethereal.1 )
$(MAKE) ../tshark.1 )
ethereal-filter.4: tethereal doc/ethereal-filter.pod.template
ethereal-filter.4: tshark doc/ethereal-filter.pod.template
(cd doc ; \
$(MAKE) ../ethereal-filter.4 )
@ -741,11 +741,11 @@ ethereal.html: doc/ethereal.pod AUTHORS-SHORT-FORMAT
(cd doc ; \
$(MAKE) ../ethereal.html )
tethereal.html: doc/tethereal.pod
tshark.html: doc/tshark.pod
(cd doc ; \
$(MAKE) ../tethereal.html )
$(MAKE) ../tshark.html )
ethereal-filter.html: tethereal doc/ethereal-filter.pod.template
ethereal-filter.html: tshark doc/ethereal-filter.pod.template
(cd doc ; \
$(MAKE) ../ethereal-filter.html )

View File

@ -39,12 +39,12 @@ GENERATED_HEADER_FILES = \
# C source files generated from source files.
GENERATED_C_FILES = \
$(BUILT_C_FILES) \
tethereal-tap-register.c
tshark-tap-register.c
# All the generated files.
GENERATED_FILES = $(GENERATED_C_FILES) $(GENERATED_HEADER_FILES)
# sources common for ethereal and tethereal
# sources common for ethereal and tshark
ETHEREAL_COMMON_SRC = \
$(PLATFORM_SRC) \
capture_errs.c \
@ -92,8 +92,8 @@ ETHEREAL_COMMON_INCLUDES = \
util.h \
version_info.h
# sources for Tethereal taps
TETHEREAL_TAP_SRC = \
# sources for TShark taps
TSHARK_TAP_SRC = \
tap-afpstat.c \
tap-ansi_astat.c \
tap-bootpstat.c \
@ -181,15 +181,15 @@ ethereal_INCLUDES = \
tap_dfilter_dlg.h \
ui_util.h
# tethereal specifics
tethereal_SOURCES = \
# tshark specifics
tshark_SOURCES = \
$(ETHEREAL_COMMON_SRC) \
$(TETHEREAL_TAP_SRC) \
$(TSHARK_TAP_SRC) \
capture_opts.c \
capture_loop.c \
tempfile.c \
tethereal-tap-register.c \
tethereal.c
tshark-tap-register.c \
tshark.c
# text2pcap specifics
text2pcap_SOURCES = \

View File

@ -29,7 +29,7 @@ PLATFORM_SRC = capture-wpcap.c capture_wpcap_packet.c
include Makefile.common
ethereal_OBJECTS = $(ethereal_SOURCES:.c=.obj)
tethereal_OBJECTS = $(tethereal_SOURCES:.c=.obj)
tshark_OBJECTS = $(tshark_SOURCES:.c=.obj)
dftest_OBJECTS = $(dftest_SOURCES:.c=.obj)
dumpcap_OBJECTS = $(dumpcap_SOURCES:.c=.obj)
@ -65,7 +65,7 @@ ethereal_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
!ENDIF
# $(PCAP_DIR)\lib\wpcap.lib
tethereal_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
tshark_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
wsock32.lib user32.lib \
$(GLIB_LIBS) \
$(NET_SNMP_DIR)\win32\lib\release\netsnmp.lib \
@ -118,10 +118,10 @@ randpkt_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
$(GLIB_LIBS) \
$(NET_SNMP_DIR)\win32\lib\release\netsnmp.lib
EXECUTABLES=ethereal.exe ethereal-gtk2.exe tethereal.exe \
EXECUTABLES=ethereal.exe ethereal-gtk2.exe tshark.exe \
capinfos.exe editcap.exe mergecap.exe text2pcap.exe randpkt.exe dumpcap.exe
RESOURCES=image\ethereal.res image\libwireshark.res image\tethereal.res \
RESOURCES=image\ethereal.res image\libwireshark.res image\tshark.res \
image\capinfos.res image\editcap.res image\mergecap.res \
image\text2pcap.res image\wiretap.res image\dumpcap.res
@ -170,10 +170,10 @@ ethereal-gtk2.exe : config.h svnversion.h $(ethereal_OBJECTS) $(command_line_OBJ
<<
!ENDIF
tethereal.exe : config.h svnversion.h $(tethereal_OBJECTS) $(command_line_OBJECTS) epan image\tethereal.res wiretap\wiretap-$(WTAP_VERSION).lib plugins
tshark.exe : config.h svnversion.h $(tshark_OBJECTS) $(command_line_OBJECTS) epan image\tshark.res wiretap\wiretap-$(WTAP_VERSION).lib plugins
@echo Linking $@
$(LINK) @<<
/OUT:tethereal.exe $(conflags) $(conlibsdll) $(LDFLAGS) /SUBSYSTEM:console $(tethereal_LIBS) $(tethereal_OBJECTS) $(command_line_OBJECTS) image\tethereal.res
/OUT:tshark.exe $(conflags) $(conlibsdll) $(LDFLAGS) /SUBSYSTEM:console $(tshark_LIBS) $(tshark_OBJECTS) $(command_line_OBJECTS) image\tshark.res
<<
capinfos.exe : config.h capinfos.obj getopt.obj $(command_line_OBJECTS) wiretap\wiretap-$(WTAP_VERSION).lib image\capinfos.res
@ -261,7 +261,7 @@ AUTHORS-SHORT-FORMAT: AUTHORS-SHORT make-authors-format.pl
$(PERL) perlnoutf.pl make-authors-format.pl < AUTHORS-SHORT > AUTHORS-SHORT-FORMAT
#
# Build "tethereal-tap-register.c", which contains a function
# Build "tshark-tap-register.c", which contains a function
# "register_all_tap_listeners()"
# that calls the register routines for all tehtereal tap listeners.
#
@ -275,9 +275,9 @@ AUTHORS-SHORT-FORMAT: AUTHORS-SHORT make-authors-format.pl
# The second argument is the directory in which the source files live.
# All subsequent arguments are the files to scan.
#
tethereal-tap-register.c: $(TETHEREAL_TAP_SRC) make-tapreg-dotc
@echo Making tethereal-tap-register.c
@$(SH) make-tapreg-dotc tethereal-tap-register.c . $(TETHEREAL_TAP_SRC)
tshark-tap-register.c: $(TSHARK_TAP_SRC) make-tapreg-dotc
@echo Making tshark-tap-register.c
@$(SH) make-tapreg-dotc tshark-tap-register.c . $(TSHARK_TAP_SRC)
text2pcap-scanner.c : text2pcap-scanner.l
$(LEX) -otext2pcap-scanner.c text2pcap-scanner.l
@ -287,7 +287,7 @@ gtk2_distclean:
if exist gtk2.tmp rmdir gtk2.tmp
clean: gtk2_distclean
rm -f $(ethereal_OBJECTS) $(tethereal_OBJECTS) $(EXTRA_OBJECTS) \
rm -f $(ethereal_OBJECTS) $(tshark_OBJECTS) $(EXTRA_OBJECTS) \
$(EXECUTABLES) $(PDB_FILE) \
capinfos.obj editcap.obj mergecap.obj text2pcap.obj getopt.obj\
text2pcap-scanner.obj text2pcap-scanner.c rdps.obj \

View File

@ -1,6 +1,6 @@
$Id$
In order to capture packets (with Ethereal/Tethereal, tcpdump, or any
In order to capture packets (with Ethereal/TShark, tcpdump, or any
other packet capture program) on a BSD system, your kernel must have
the Berkeley packet Filter mechanism enabled. On some BSDs (recent
versions of FreeBSD, for example), it's enabled by default in the

View File

@ -99,7 +99,7 @@ as a shared library.
5 - HP-UX patches to fix packet capture problems
Note that packet-capture programs such as Ethereal/Tethereal or tcpdump
Note that packet-capture programs such as Ethereal/TShark or tcpdump
may, on HP-UX, not be able to see packets sent from the machine on which
they're running. Make sure you have a recent "LAN Cummulative/DLPI" patch
installed.

View File

@ -1,6 +1,6 @@
$Id$
In order to capture packets (with Ethereal/Tethereal, tcpdump, or any
In order to capture packets (with Ethereal/TShark, tcpdump, or any
other libpcap-based packet capture program) on a Linux system, the
"packet" protocol must be supported by your kernel. If it is not, you
may get error messages such as

View File

@ -5,7 +5,7 @@ not work on earlier versions of Mac OS).
In order to build Ethereal, you must have X11 and the X11 developer
headers and libraries installed; otherwise, you will not be able to
build or install GTK+, and will only be able to build Tethereal. The
build or install GTK+, and will only be able to build TShark. The
X11 and X11 SDK that come with Mac OS X 10.3[.x] are sufficient to build
and run Ethereal.

View File

@ -1,6 +1,6 @@
$Id$
Installing Ethereal, Tethereal, and Editcap on Win32
Installing Ethereal, TShark, and Editcap on Win32
====================================================
These are the instructions for installing Ethereal
from the installation executable that is provided on
@ -13,7 +13,7 @@ and any of its mirrors.
The installation package allows you to install:
o Ethereal - the GUI version
o Tethereal - the console, line-mode version
o TShark - the console, line-mode version
o Editcap - a console, line-mode utility to convert
capture files from one format to another.
(The same functions are available in Wireshark)
@ -24,7 +24,7 @@ The installation package allows you to install:
Additionally, the installation package contains a "plugins"
option, which installs some additional dissector plugins
for use with Ethereal and Tethereal.
for use with Ethereal and TShark.
All binaries in Wireshark package are now built with debugging
information embedded. If you are experiencing a crash when running
@ -364,7 +364,7 @@ Source Output Tool
config.h.win32 config.h sed
epan/config.h.win32 epan/config.h sed
image/ethereal.rc.in image/ethereal.rc sed
image/tethereal.rc.in image/tethereal.rc sed
image/tshark.rc.in image/tshark.rc sed
image/editcap.rc.in image/editcap.rc sed
image/mergecap.rc.in image/mergecap.rc sed
image/text2pcap.rc.in image/text2pcap.rc sed
@ -379,7 +379,7 @@ make-reg-dotc, packet*.c register.c Bash + grep + sed
or
make-reg-dotc.py, packet*.c register.c Python
make-tapreg-dotc, tap-*.c tethereal-tap-register.c
make-tapreg-dotc, tap-*.c tshark-tap-register.c
Bash + grep + sed
make-tapreg-dotc, tap files gtk/ethereal-tap-register.c
in the gtk subdirectory Bash + grep + sed

View File

@ -1,6 +1,6 @@
/* capture-wpcap.c
* WinPcap-specific interfaces for capturing. We load WinPcap at run
* time, so that we only need one Wireshark binary and one Twireshark binary
* time, so that we only need one Wireshark binary and one TShark binary
* for Windows, regardless of whether WinPcap is installed or not.
*
* $Id$

View File

@ -113,13 +113,13 @@ cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
case WTAP_ERR_FILE_UNKNOWN_FORMAT:
/* Seen only when opening a capture file for reading. */
errmsg = "The file \"%s\" isn't a capture file in a format Twireshark understands.";
errmsg = "The file \"%s\" isn't a capture file in a format TShark understands.";
break;
case WTAP_ERR_UNSUPPORTED:
/* Seen only when opening a capture file for reading. */
g_snprintf(errmsg_errno, sizeof(errmsg_errno),
"The file \"%%s\" isn't a capture file in a format Twireshark understands.\n"
"The file \"%%s\" isn't a capture file in a format TShark understands.\n"
"(%s)", err_info);
g_free(err_info);
errmsg = errmsg_errno;
@ -135,15 +135,15 @@ cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
case WTAP_ERR_UNSUPPORTED_FILE_TYPE:
/* Seen only when opening a capture file for writing. */
errmsg = "Twireshark doesn't support writing capture files in that format.";
errmsg = "TShark doesn't support writing capture files in that format.";
break;
case WTAP_ERR_UNSUPPORTED_ENCAP:
if (for_writing)
errmsg = "Twireshark can't save this capture in that format.";
errmsg = "TShark can't save this capture in that format.";
else {
g_snprintf(errmsg_errno, sizeof(errmsg_errno),
"The file \"%%s\" is a capture for a network type that Twireshark doesn't support.\n"
"The file \"%%s\" is a capture for a network type that TShark doesn't support.\n"
"(%s)", err_info);
g_free(err_info);
errmsg = errmsg_errno;
@ -152,9 +152,9 @@ cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
case WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED:
if (for_writing)
errmsg = "Twireshark can't save this capture in that format.";
errmsg = "TShark can't save this capture in that format.";
else
errmsg = "The file \"%s\" is a capture for a network type that Twireshark doesn't support.";
errmsg = "The file \"%s\" is a capture for a network type that TShark doesn't support.";
break;
case WTAP_ERR_BAD_RECORD:

View File

@ -458,7 +458,7 @@ capture_loop_open_input(capture_options *capture_opts, loop_data *ld,
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_open_input : %s", capture_opts->iface);
/* XXX - opening Winsock on twireshark? */
/* XXX - opening Winsock on tshark? */
/* Initialize Windows Socket if we are in a WIN32 OS
This needs to be done before querying the interface for network/netmask */
@ -628,7 +628,7 @@ capture_loop_open_input(capture_options *capture_opts, loop_data *ld,
#endif
}
/* XXX - will this work for twireshark? */
/* XXX - will this work for tshark? */
#ifdef MUST_DO_SELECT
if (!ld->from_cap_pipe) {
#ifdef HAVE_PCAP_GET_SELECTABLE_FD
@ -753,7 +753,7 @@ gboolean capture_loop_init_output(capture_options *capture_opts, int save_file_f
if (ld->pdh == NULL) {
/* We couldn't set up to write to the capture file. */
/* XXX - use cf_open_error_message from twireshark instead? */
/* XXX - use cf_open_error_message from tshark instead? */
switch (err) {
case WTAP_ERR_CANT_OPEN:

View File

@ -98,9 +98,9 @@ extern void capture_loop_stop(void);
typedef void (*capture_packet_cb_fct)(u_char *, const struct pcap_pkthdr *, const u_char *);
/* moved from capture_loop.c here, so we can combine it (and the related functions) with twireshark */
/* moved from capture_loop.c here, so we can combine it (and the related functions) with tshark */
/* XXX - should be moved back to capture_loop.c */
/* E: capture_loop.c only (Wireshark/dumpcap) T: twireshark only */
/* E: capture_loop.c only (Wireshark/dumpcap) T: tshark only */
typedef struct _loop_data {
/* common */
gboolean go; /* TRUE as long as we're supposed to keep capturing */

View File

@ -244,7 +244,7 @@ capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg)
/*
* If the argument is a number, treat it as an index into the list
* of adapters, as printed by "twireshark -D".
* of adapters, as printed by "tshark -D".
*
* This should be OK on UNIX systems, as interfaces shouldn't have
* names that begin with digits. It can be useful on Windows, where

View File

@ -1,7 +1,7 @@
/* capture_wpcap_packet.c
* WinPcap-specific interfaces for low-level information (packet.dll).
* We load WinPcap at run
* time, so that we only need one Wireshark binary and one Twireshark binary
* time, so that we only need one Wireshark binary and one TShark binary
* for Windows, regardless of whether WinPcap is installed or not.
*
* $Id$

View File

@ -1,5 +1,5 @@
/* clopts_common.c
* Handle command-line arguments common to Wireshark and Twireshark
* Handle command-line arguments common to Wireshark and TShark
*
* $Id$
*

View File

@ -1,5 +1,5 @@
/* clopts_common.h
* Handle command-line arguments common to Wireshark and Twireshark
* Handle command-line arguments common to Wireshark and TShark
*
* $Id$
*

View File

@ -337,7 +337,7 @@ if test "$HAVE_GNU_SED" = no ; then
esac
fi
# Enable/disable tethereal
# Enable/disable tshark
AC_ARG_ENABLE(ethereal,
[ --enable-ethereal build GTK+-based ethereal. [default=yes]],enable_ethereal=$enableval,enable_ethereal=yes)
@ -524,21 +524,21 @@ rdps_bin="rdps\$(EXEEXT)"
AC_SUBST(rdps_bin)
# Enable/disable tethereal
# Enable/disable tshark
AC_ARG_ENABLE(tethereal,
[ --enable-tethereal build tethereal. [default=yes]],tethereal=$enableval,enable_tethereal=yes)
AC_ARG_ENABLE(tshark,
[ --enable-tshark build tshark. [default=yes]],tshark=$enableval,enable_tshark=yes)
if test "x$enable_tethereal" = "xyes" ; then
tethereal_bin="tethereal\$(EXEEXT)"
tethereal_man="tethereal.1"
if test "x$enable_tshark" = "xyes" ; then
tshark_bin="tshark\$(EXEEXT)"
tshark_man="tshark.1"
etherealfilter_man="ethereal-filter.4"
else
tethereal_bin=""
tethereal_man=""
tshark_bin=""
tshark_man=""
fi
AC_SUBST(tethereal_bin)
AC_SUBST(tethereal_man)
AC_SUBST(tshark_bin)
AC_SUBST(tshark_man)
AC_SUBST(etherealfilter_man)
@ -1402,7 +1402,7 @@ fi
echo ""
echo "The Ethereal package has been configured with the following options."
echo " Build ethereal : $enable_ethereal"
echo " Build tethereal : $enable_tethereal"
echo " Build tshark : $enable_tshark"
echo " Build capinfos : $enable_capinfos"
echo " Build editcap : $enable_editcap"
echo " Build dumpcap : $enable_dumpcap"

2
debian/rules vendored
View File

@ -62,7 +62,7 @@ clean: unpatch-stamp
cp /usr/share/misc/config.guess /usr/share/misc/config.sub .
-$(MAKE) distclean
rm -f rdps ethereal.1 tethereal.1 idl2deb.1 ethereal-filter.4 asn2deb.1
rm -f rdps ethereal.1 tshark.1 idl2deb.1 ethereal-filter.4 asn2deb.1
rm -f conftest conftest.c
rm -f config.guess config.sub config.log

View File

@ -1,6 +0,0 @@
/usr/bin/tethereal
/usr/bin/tethereal
/usr/bin/tethereal

View File

@ -1,3 +0,0 @@
tethereal.1
tethereal.1
tethereal.1

6
debian/tshark.files vendored Normal file
View File

@ -0,0 +1,6 @@
/usr/bin/tshark
/usr/bin/tshark
/usr/bin/tshark

3
debian/tshark.manpages vendored Normal file
View File

@ -0,0 +1,3 @@
tshark.1
tshark.1
tshark.1

View File

@ -39,17 +39,17 @@ ethereal-tmp.pod: $(srcdir)/ethereal.pod $(top_builddir)/AUTHORS-SHORT-FORMAT
--noindex \
ethereal-tmp.pod > ../ethereal.html
../tethereal.1: tethereal.pod ../config.h
../tshark.1: tshark.pod ../config.h
$(POD2MAN) \
--center="The Wireshark Network Analyzer" \
--release=$(VERSION) \
$(srcdir)/tethereal.pod > ../tethereal.1
$(srcdir)/tshark.pod > ../tshark.1
../tethereal.html: tethereal.pod ../config.h
../tshark.html: tshark.pod ../config.h
$(POD2HTML) \
--title="tethereal - The Wireshark Network Analyzer $(VERSION)" \
--title="tshark - The Wireshark Network Analyzer $(VERSION)" \
--noindex \
$(srcdir)/tethereal.pod > ../tethereal.html
$(srcdir)/tshark.pod > ../tshark.html
../ethereal-filter.4: ethereal-filter.pod ../config.h
$(POD2MAN) \
@ -64,8 +64,8 @@ ethereal-tmp.pod: $(srcdir)/ethereal.pod $(top_builddir)/AUTHORS-SHORT-FORMAT
--noindex \
ethereal-filter.pod > ../ethereal-filter.html
ethereal-filter.pod: ethereal-filter.pod.template ../tethereal
../tethereal -G fields | $(PERL) $(srcdir)/dfilter2pod.pl $(srcdir)/ethereal-filter.pod.template > ethereal-filter.pod
ethereal-filter.pod: ethereal-filter.pod.template ../tshark
../tshark -G fields | $(PERL) $(srcdir)/dfilter2pod.pl $(srcdir)/ethereal-filter.pod.template > ethereal-filter.pod
../capinfos.1: capinfos.pod ../config.h
$(POD2MAN) \
@ -152,8 +152,8 @@ CLEANFILES = \
../editcap.html \
../mergecap.1 \
../mergecap.html \
../tethereal.1 \
../tethereal.html \
../tshark.1 \
../tshark.html \
../text2pcap.1 \
../text2pcap.html \
../dumpcap.1 \

View File

@ -26,10 +26,10 @@
include ../config.nmake
doc: ethereal.html tethereal.html ethereal-filter.html capinfos.html \
doc: ethereal.html tshark.html ethereal-filter.html capinfos.html \
editcap.html idl2wrs.html mergecap.html text2pcap.html dumpcap.html
man: ethereal.1 tethereal.1 ethereal-filter.4 capinfos.1 editcap.1 \
man: ethereal.1 tshark.1 ethereal-filter.4 capinfos.1 editcap.1 \
idl2wrs.1 mergecap.1 text2pcap.1 dumpcap.1
ethereal-tmp.pod: ethereal.pod ../AUTHORS-SHORT-FORMAT
@ -52,22 +52,22 @@ ethereal.html: ethereal-tmp.pod ../config.h
--noindex \
ethereal-tmp.pod > ethereal.html
../tethereal.exe:
../tshark.exe:
cd ..
$(MAKE) -f makefile.nmake tethereal.exe
$(MAKE) -f makefile.nmake tshark.exe
cd doc
tethereal.1: tethereal.pod ../config.h
tshark.1: tshark.pod ../config.h
$(POD2MAN) \
--center="The Wireshark Network Analyzer" \
--release=$(VERSION) \
tethereal.pod > tethereal.1
tshark.pod > tshark.1
tethereal.html: tethereal.pod ../config.h
tshark.html: tshark.pod ../config.h
$(POD2HTML) \
--title="tethereal - The Wireshark Network Analyzer $(VERSION)" \
--title="tshark - The Wireshark Network Analyzer $(VERSION)" \
--noindex \
tethereal.pod > tethereal.html
tshark.pod > tshark.html
ethereal-filter.4: ethereal-filter.pod ../config.h
$(POD2MAN) \
@ -81,10 +81,10 @@ ethereal-filter.html: ethereal-filter.pod ../config.h
--noindex \
ethereal-filter.pod > ethereal-filter.html
ethereal-filter.pod: ethereal-filter.pod.template ../tethereal.exe
ethereal-filter.pod: ethereal-filter.pod.template ../tshark.exe
cd ..
$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake install-deps
tethereal.exe -G | $(PERL) doc\dfilter2pod.pl doc\ethereal-filter.pod.template > doc\ethereal-filter.pod
tshark.exe -G | $(PERL) doc\dfilter2pod.pl doc\ethereal-filter.pod.template > doc\ethereal-filter.pod
$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake clean-deps
cd doc
@ -163,7 +163,7 @@ dumpcap.html: dumpcap.pod ../config.h
clean:
rm -f ethereal.html ethereal.1 ethereal-tmp.pod
rm -f tethereal.html tethereal.1
rm -f tshark.html tshark.1
rm -f ethereal-filter.html ethereal-filter.4 ethereal-filter.pod
rm -f capinfos.html capinfos.1
rm -f editcap.html editcap.1

View File

@ -497,17 +497,17 @@ much better to use the g_snprintf() function declared by <glib.h> instead.
You should test your dissector against incorrectly-formed packets. This
can be done using the randpkt and editcap utilities that come with the
Ethereal distribution. Testing using randpkt can be done by generating
output at the same layer as your protocol, and forcing Ethereal/Tethereal
output at the same layer as your protocol, and forcing Ethereal/TShark
to decode it as your protocol, e.g. if your protocol sits on top of UDP:
randpkt -c 50000 -t dns randpkt.pcap
tethereal -nVr randpkt.pcap -d udp.port==53,<myproto>
tshark -nVr randpkt.pcap -d udp.port==53,<myproto>
Testing using editcap can be done using preexisting capture files and the
"-E" flag, which introduces errors in a capture file. E.g.:
editcap -E 0.03 infile.pcap outfile.pcap
tethereal -nVr outfile.pcap
tshark -nVr outfile.pcap
1.1.4 Name convention.

View File

@ -1,27 +1,27 @@
#
# Ethereal/Tethereal Regression Testing
# Ethereal/TShark Regression Testing
#
# $Id$
#
# This is a sample Makefile for regression testing of the
# Ethereal engine. These tests use that uses 'tethereal -V' to analyze all
# Ethereal engine. These tests use that uses 'tshark -V' to analyze all
# the frames of a capture file.
#
# You should probably rename this file as 'Makefile' in a separate directory
# set aside for the sole purpose of regression testing. Two text files will
# be created for each capture file you test, so expect to have lots of files.
#
# Set TETHEREAL, CAPTURE_DIR, and CAPTURE_FILES to values appropriate for
# Set TSHARK, CAPTURE_DIR, and CAPTURE_FILES to values appropriate for
# your system. Run 'make' to create the initial datasets. Type 'make accept'
# to accept those files as the reference set.
#
# After you make changes to Tethereal, run 'make regress'. This will re-run
# After you make changes to TShark, run 'make regress'. This will re-run
# the tests and compare them against the accepted reference set of data.
# The comparison, which is just an invocation of 'diff -u' for the output
# of each trace file, will be put into a file called 'regress'. Examine
# this file for any changes that you did or did not expect.
#
# If you have introduced a change to Tethereal that shows up in the tests, but
# If you have introduced a change to TShark that shows up in the tests, but
# it is a valid change, run 'make accept' to accept those new data as your
# reference set.
#
@ -33,7 +33,7 @@
# 'make accept' Accept current tests; make them the reference test results
# 'make clean' Cleans any tests (but not references!)
TETHEREAL=/home/gram/prj/ethereal/debug/linux-ix86/tethereal
TSHARK=/home/gram/prj/ethereal/debug/linux-ix86/tshark
CAPTURE_DIR=/home/gram/prj/sniff
@ -59,8 +59,8 @@ all: $(TESTS)
clean:
rm -f $(TESTS)
%.tether : $(CAPTURE_DIR)/% $(TETHEREAL)
$(TETHEREAL) -V -n -r $< > $@
%.tether : $(CAPTURE_DIR)/% $(TSHARK)
$(TSHARK) -V -n -r $< > $@
accept: $(REFERENCES)

View File

@ -4,9 +4,9 @@ tapping with stats_tree
Let's suppose that you want to write a tap only to keep counters, and you
don't want to get involved with GUI programming or maybe you'd like to make
it a plugin. A stats_tree might be the way to go. The stats_tree module takes
care of the representation (GUI for ethereal and text for tethereal) of the
care of the representation (GUI for ethereal and text for tshark) of the
tap data. So there's very little code to write to make a tap listener usable
from both ethereal and tethereal.
from both ethereal and tshark.
First, you should add the TAP to the dissector in question as described in
README.tapping .

View File

@ -6,11 +6,11 @@ In order to use the tapping system, very little knowledge of ethereal
internals are required.
As examples on how to use the tap system see the implementation of
tap-rpcstat.c (tethereal version)
tap-rpcstat.c (tshark version)
gtk/gtk-rpcstat.c (gtk-ethereal version)
If all you need is to keep some counters, there's the stats_tree API,
which offers a simple way to make a GUI and tethereal tap-listener; see
which offers a simple way to make a GUI and tshark tap-listener; see
README.stats_tree. However, keep reading, as you'll need much of what's
in this document.

View File

@ -5,7 +5,7 @@ Copyright (c) 2003 by Gilbert Ramirez <gram@alumni.rice.edu>
Ethereal has the ability to export its protocol dissection in an
XML format, tethereal has similar functionality by using the "-Tpdml"
XML format, tshark has similar functionality by using the "-Tpdml"
option.
The XML that wireshark produces follows the Packet Details Markup
@ -18,10 +18,10 @@ A related XML format, the Packet Summary Markup Language (PSML), is
also defined by the Analyzer group to provide packet summary information.
The PSML format is not documented in a publicly-available HTML document,
but its format is simple. Ethereal can export this format too. Some day it
may be added to tethereal so that "-Tpsml" would produce PSML.
may be added to tshark so that "-Tpsml" would produce PSML.
One wonders if the "-T" option should read "-Txml" instead of "-Tpdml"
(and in the future, "-Tpsml"), but if tethereal was required to produce
(and in the future, "-Tpsml"), but if tshark was required to produce
another XML-based format of its protocol dissection, then "-Txml" would
be ambiguous.
@ -53,7 +53,7 @@ Example:
<pdml version="0" creator="ethereal/0.9.17">
The creator is "ethereal" (i.e., the "ethereal" engine. It will always say
"ethereal", not "tethereal") version 0.9.17.
"ethereal", not "tshark") version 0.9.17.
The "<proto>" tag
@ -192,13 +192,13 @@ a protocol or a field:
General Notes
=============
Generally, parsing XML is slow. If you're writing a script to parse
the PDML output of tethereal, pass a read filter with "-R" to tethereal to
try to reduce as much as possible the number of packets coming out of tethereal.
the PDML output of tshark, pass a read filter with "-R" to tshark to
try to reduce as much as possible the number of packets coming out of tshark.
The less your script has to process, the faster it will be.
'tools/msnchat' is a sample Python program that uses EtherealXML to parse PDML.
Given one or more capture files, it runs tethereal on each of them, providing
a read filter to reduce tethereal's output. It finds MSN Chat conversations
Given one or more capture files, it runs tshark on each of them, providing
a read filter to reduce tshark's output. It finds MSN Chat conversations
in the capture file and produces nice HTML showing the conversations. It has
only been tested with capture files containing non-simultaneous chat sessions,
but was written to more-or-less handle any number of simultanous chat

View File

@ -106,7 +106,7 @@ Prints the help listing and exits.
=head1 SEE ALSO
I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)>, I<editcap(1)>, I<tethereal(1)>
I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)>, I<editcap(1)>, I<tshark(1)>
=head1 NOTES

View File

@ -198,7 +198,7 @@ See the manual page of I<tcpdump(8)>.
=head1 SEE ALSO
I<ethereal(1)>, I<tethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
I<ethereal(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
=head1 NOTES

View File

@ -7,12 +7,12 @@ ethereal-filter - Ethereal filter syntax and reference
B<ethereal> [other options]
S<[ B<-R> "filter expression" ]>
B<tethereal> [other options]
B<tshark> [other options]
S<[ B<-R> "filter expression" ]>
=head1 DESCRIPTION
B<Ethereal> and B<Tethereal> share a powerful filter engine that helps remove
B<Ethereal> and B<TShark> share a powerful filter engine that helps remove
the noise from a packet trace and lets you see only the packets that interest
you. If a packet meets the requirements expressed in your filter, then it
is displayed in the list of packets. Display filters let you compare the
@ -37,7 +37,7 @@ Think of a protocol or field in a filter as implicitly having the "exists"
operator.
Note: all protocol and field names that are available in B<Ethereal> and
B<Tethereal> filters are listed in the comprehensive B<FILTER PROTOCOL
B<TShark> filters are listed in the comprehensive B<FILTER PROTOCOL
REFERENCE> (see below).
=head2 Comparison operators
@ -85,11 +85,11 @@ a case-insensitive pattern match. More information on PCRE can be found in the
pcrepattern(3) man page (Perl Regular Expressions are explained in
B<http://www.perldoc.com/perl5.8.0/pod/perlre.html>).
Note: the "matches" operator is only available if B<Ethereal> or B<Tethereal>
Note: the "matches" operator is only available if B<Ethereal> or B<TShark>
have been compiled with the PCRE library. This can be checked by running:
ethereal -v
tethereal -v
tshark -v
or selecting the "About Ethereal" item from the "Help" menu in B<Ethereal>.
@ -221,7 +221,7 @@ Another example is:
You can use the slice operator on a protocol name, too.
The "frame" protocol can be useful, encompassing all the data captured
by B<Ethereal> or B<Tethereal>.
by B<Ethereal> or B<TShark>.
token[0:5] ne 0.0.0.1.1
llc[0] eq aa
@ -393,7 +393,7 @@ in B<http://www.winpcap.org/docs/man/html/group__language.html>.
=head1 SEE ALSO
I<ethereal(1)>, I<tethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
I<ethereal(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
=head1 AUTHORS

View File

@ -2199,7 +2199,7 @@ See above in the description of the About:Plugins page.
=head1 SEE ALSO
I<ethereal-filter(4)> I<tethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
I<ethereal-filter(4)> I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
=head1 NOTES

View File

@ -1,11 +1,11 @@
=head1 NAME
tethereal - Dump and analyze network traffic
tshark - Dump and analyze network traffic
=head1 SYNOPSYS
B<tethereal>
B<tshark>
S<[ B<-a> E<lt>capture autostop conditionE<gt> ] ...>
S<[ B<-b> E<lt>capture ring buffer optionE<gt>] ...>
S<[ B<-B> E<lt>capture buffer size (Win32 only)E<gt> ] >
@ -39,18 +39,18 @@ S<[ B<-z> E<lt>statisticsE<gt> ]>
=head1 DESCRIPTION
B<Tethereal> is a network protocol analyzer. It lets you capture packet
B<TShark> is a network protocol analyzer. It lets you capture packet
data from a live network, or read packets from a previously saved
capture file, either printing a decoded form of those packets to the
standard output or writing the packets to a file. B<Tethereal>'s native
standard output or writing the packets to a file. B<TShark>'s native
capture file format is B<libpcap> format, which is also the format used
by B<tcpdump> and various other tools.
Without any options set, B<Tethereal> will work much like B<tcpdump>. It will
Without any options set, B<TShark> will work much like B<tcpdump>. It will
use the pcap library to capture traffic from the first available network
interface and displays a summary line on stdout for each received packet.
B<Tethereal> is able to detect, read and write the same capture files that
B<TShark> is able to detect, read and write the same capture files that
are supported by B<Ethereal>.
The input file doesn't need a specific filename extension, the file
format and an optional gzip compression will be automatically detected.
@ -59,16 +59,16 @@ I<http://www.ethereal.com/docs/man-pages/ethereal.1.html>
provides a detailed description.
Compressed file support uses (and therefore requires) the zlib library.
If the zlib library is not present, B<Tethereal> will compile, but will
If the zlib library is not present, B<TShark> will compile, but will
be unable to read compressed files.
If the B<-w> option is not specified, B<Tethereal> writes to the standard
If the B<-w> option is not specified, B<TShark> writes to the standard
output the text of a decoded form of the packets it captures or reads.
If the B<-w> option is specified, B<Tethereal> writes to the file
If the B<-w> option is specified, B<TShark> writes to the file
specified by that option the raw data of the packets, along with the
packets' time stamps.
When writing a decoded form of packets, B<Tethereal> writes, by
When writing a decoded form of packets, B<TShark> writes, by
default, a summary line containing the fields specified by the
preferences file (which are also the fields displayed in the packet list
pane in B<Ethereal>), although if it's writing packets as it captures
@ -78,19 +78,19 @@ writes instead a view of the details of the packet, showing all the
fields of all protocols in the packet.
If you want to write the decoded form of packets to a file, run
B<Tethereal> without the B<-w> option, and redirect its standard output to
B<TShark> without the B<-w> option, and redirect its standard output to
the file (do I<not> use the B<-w> option).
When writing packets to a file, B<Tethereal>, by default, writes the
When writing packets to a file, B<TShark>, by default, writes the
file in B<libpcap> format, and writes all of the packets it sees to the
output file. The B<-F> option can be used to specify the format in which
to write the file. This list of available file formats is displayed by
the B<-h> flag.
Read filters in B<Tethereal>, which allow you to select which packets
Read filters in B<TShark>, which allow you to select which packets
are to be decoded or written to a file, are very powerful; more fields
are filterable in B<Tethereal> than in other protocol analyzers, and the
syntax you can use to create your filters is richer. As B<Tethereal>
are filterable in B<TShark> than in other protocol analyzers, and the
syntax you can use to create your filters is richer. As B<TShark>
progresses, expect more and more protocol fields to be allowed in read
filters.
@ -100,7 +100,7 @@ from the read filter syntax. A read filter can also be specified when
capturing, and only packets that pass the read filter will be displayed
or saved to the output file; note, however, that capture filters are much
more efficient than read filters, and it may be more difficult for
B<Tethereal> to keep up with a busy network if a read filter is
B<TShark> to keep up with a busy network if a read filter is
specified for a live capture.
A capture or read filter can either be specified with the B<-f> or B<-R>
@ -111,7 +111,7 @@ after the option arguments, in which case all the arguments after the
filter arguments are treated as a filter expression. Capture filters
are supported only when doing a live capture; read filters are supported
when doing a live capture and when reading a capture file, but require
Tethereal to do more work when filtering, so you might be more likely to
TShark to do more work when filtering, so you might be more likely to
lose packets under heavy load if you're using a read filter. If the
filter is specified with command-line arguments after the option
arguments, it's a capture filter if a capture is being done (i.e., if no
@ -124,7 +124,7 @@ read (i.e., if a B<-r> option was specified).
=item -a E<lt>capture autostop conditionE<gt>
Specify a criterion that specifies when B<Tethereal> is to stop writing
Specify a criterion that specifies when B<TShark> is to stop writing
to a capture file. The criterion is of the form I<test>B<:>I<value>,
where I<test> is one of:
@ -139,9 +139,9 @@ B<files>:I<value> Stop writing to capture files after I<value> number of files w
=item -b E<lt>capture ring buffer optionE<gt>
Cause B<Tethereal> to run in "multiple files" mode. In "multiple files" mode,
B<Tethereal> will write to several capture files. When the first capture file
fills up, B<Tethereal> will switch writing to the next file and so on.
Cause B<TShark> to run in "multiple files" mode. In "multiple files" mode,
B<TShark> will write to several capture files. When the first capture file
fills up, B<TShark> will switch writing to the next file and so on.
The created filenames are based on the filename given with the B<-w> option, the number of
the file and on the creation date and time,
@ -149,7 +149,7 @@ e.g. outfile_00001_20050604120117.pcap, outfile_00001_20050604120523.pcap, ...
With the I<files> option it's also possible to form a "ring buffer".
This will fill up new files until the number of files specified,
at which point B<Tethereal> will discard the data in the first file and start
at which point B<TShark> will discard the data in the first file and start
writing to that file and so on. If the I<files> option is not set,
new files filled up until one of the capture stop conditions match (or
until the disk if full).
@ -188,7 +188,7 @@ TCP port 8888 as HTTP.
=item -D
Print a list of the interfaces on which B<Tethereal> can capture, and
Print a list of the interfaces on which B<TShark> can capture, and
exit. For each network interface, a number and an
interface name, possibly followed by a text description of the
interface, is printed. The interface name or the number can be supplied
@ -199,11 +199,11 @@ This can be useful on systems that don't have a command to list them
the number can be useful on Windows 2000 and later systems, where the
interface name is a somewhat complex string.
Note that "can capture" means that B<Tethereal> was able to open
that device to do a live capture. Depending on your system you may need to run tethereal from an account
Note that "can capture" means that B<TShark> was able to open
that device to do a live capture. Depending on your system you may need to run tshark from an account
with special privileges (for example, as root) to be able to capture
network traffic.
If B<Tethereal -D> is not run from such an account, it will not list
If B<TShark -D> is not run from such an account, it will not list
any interfaces.
=item -f E<lt>capture filterE<gt>
@ -226,22 +226,22 @@ Set the name of the network interface or pipe to use for live packet
capture.
Network interface names should match one of the names listed in
"B<tethereal -D>" (described above); a number, as reported by
"B<tethereal -D>", can also be used. If you're using UNIX, "B<netstat
"B<tshark -D>" (described above); a number, as reported by
"B<tshark -D>", can also be used. If you're using UNIX, "B<netstat
-i>" or "B<ifconfig -a>" might also work to list interface names,
although not all versions of UNIX support the B<-a> option to B<ifconfig>.
If no interface is specified, B<Tethereal> searches the list of
If no interface is specified, B<TShark> searches the list of
interfaces, choosing the first non-loopback interface if there are any
non-loopback interfaces, and choosing the first loopback interface if
there are no non-loopback interfaces. If there are no interfaces at all,
B<Tethereal> reports an error and doesn't start the capture.
B<TShark> reports an error and doesn't start the capture.
Pipe names should be either the name of a FIFO (named pipe) or ``-'' to
read data from the standard input. Data read from pipes must be in
standard libpcap format.
Note: the Win32 version of B<Tethereal> doesn't support capturing from
Note: the Win32 version of B<TShark> doesn't support capturing from
pipes or stdin!
=item -l
@ -256,9 +256,9 @@ dissected, it should work just as well as true line-buffering. We do
this as a workaround for a deficiency in the Microsoft Visual C++ C
library.)
This may be useful when piping the output of B<Tethereal> to another
This may be useful when piping the output of B<TShark> to another
program, as it means that the program to which the output is piped will
see the dissected data for a packet as soon as B<Tethereal> sees the
see the dissected data for a packet as soon as B<TShark> sees the
packet and generates that output, rather than seeing it only when the
standard output buffer containing that data fills up.
@ -303,7 +303,7 @@ file), and I<value> is the value to which it should be set.
I<Don't> put the interface into promiscuous mode. Note that the
interface might be in promiscuous mode for some other reason; hence,
B<-p> cannot be used to ensure that the only traffic that is captured is
traffic sent to or from the machine on which B<Tethereal> is running,
traffic sent to or from the machine on which B<TShark> is running,
broadcast traffic, and multicast traffic to addresses received by that
machine.
@ -391,7 +391,7 @@ Print the version and exit.
=item -V
Cause B<Tethereal> to print a view of the packet details rather
Cause B<TShark> to print a view of the packet details rather
than a one-line summary of the packet.
=item -w E<lt>outfileE<gt>|-
@ -405,13 +405,13 @@ option for this.
=item -x
Cause B<Tethereal> to print a hex and ASCII dump of the packet data
Cause B<TShark> to print a hex and ASCII dump of the packet data
after printing the summary or details.
=item -X E<lt>eXtension optionsE<gt>
Specify an option to be passed to a B<Tethereal> module. The eXtension option
Specify an option to be passed to a B<TShark> module. The eXtension option
is in the form I<extension_key>B<:>I<value>, where I<extension_key> can be:
B<lua_script>:I<lua_script_filename> tells B<Ethereal> to load the given script in addition to the
@ -425,7 +425,7 @@ reported by B<-L> are the values that can be used.
=item -z E<lt>statisticsE<gt>
Get B<Tethereal> to collect various types of statistics and display the result
Get B<TShark> to collect various types of statistics and display the result
after finishing reading the capture file. Use the B<-q> flag if you're
reading a capture file and only want the statistics printed, not any
per-packet information.
@ -569,9 +569,9 @@ I<filter> is a filter string that controls for which packets the field value
will be presented in the info column. I<field> will only be presented in the
Info column for the packets which match I<filter>.
NOTE: In order for B<Tethereal> to be able to extract the I<field> value
NOTE: In order for B<TShark> to be able to extract the I<field> value
from the packet, I<field> MUST be part of the I<filter> string. If not,
B<Tethereal> will not be able to extract its value.
B<TShark> will not be able to extract its value.
For a simple example to add the "nfs.fh.hash" field to the Info column
for all packets containing the "nfs.fh.hash" field, use
@ -630,16 +630,16 @@ SMB packets echanged by the host at IP address 1.2.3.4 .
B<-z> smb,sids
When this feature is used B<Tethereal> will print a report with all the
When this feature is used B<TShark> will print a report with all the
discovered SID and account name mappings. Only those SIDs where the
account name is known will be presented in the table.
For this feature to work you will need to either to enable
"Edit/Preferences/Protocols/SMB/Snoop SID to name mappings" in the
preferences or you can override the preferences by specifying
B<-o "smb.sid_name_snooping:TRUE"> on the B<Tethereal> command line.
B<-o "smb.sid_name_snooping:TRUE"> on the B<TShark> command line.
The current methods used by B<Tethereal> to find the SID->name mapping
The current methods used by B<TShark> to find the SID->name mapping
is relatively restricted but is hoped to be expanded in the future.
B<-z> mgcp,rtd[I<,filter>]
@ -715,7 +715,7 @@ See the manual page of I<tcpdump(8)>.
=head1 READ FILTER SYNTAX
For a complete table of protocol and protocol fields that are filterable
in B<Tethereal> see the I<ethereal-filter(4)> manual page.
in B<TShark> see the I<ethereal-filter(4)> manual page.
=head1 FILES
@ -861,7 +861,7 @@ I<ethereal-filter(4)> I<ethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
=head1 NOTES
B<Tethereal> is part of the B<Ethereal> distribution. The latest version
B<TShark> is part of the B<Ethereal> distribution. The latest version
of B<Ethereal> can be found at B<http://www.ethereal.com>.
HTML versions of the Wireshark project man pages are available at:
@ -869,6 +869,6 @@ http://www.ethereal.com/docs/man-pages
=head1 AUTHORS
B<Tethereal> uses the same packet dissection code that B<Ethereal> does,
B<TShark> uses the same packet dissection code that B<Ethereal> does,
as well as using many other modules from B<Ethereal>; see the list of
authors in the B<Ethereal> man page for a list of authors of that code.

View File

@ -24,7 +24,7 @@
Ethereal, GTK 2.x based
</para></listitem>
<listitem><para>
Tethereal, console based
TShark, console based
</para></listitem>
</itemizedlist>
There are other Ethereal frontends existing, not developped nor

View File

@ -146,7 +146,7 @@ Ethereal Info
<section id="FileLocations"><title>File Locations</title>
<para>
Ethereal and Tethereal look in several different locations for
Ethereal and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform. You can use
About->Folders to find the default locations on your system.

View File

@ -49,15 +49,15 @@ tcpdump -i &lt;interface> -s 1500 -w &lt;some-file>
</note>
</section>
<section id="AppToolstethereal">
<title><command>tethereal</command>: Terminal-based Wireshark</title>
<section id="AppToolstshark">
<title><command>tshark</command>: Terminal-based Wireshark</title>
<para>
<application>Tethereal</application> is a terminal oriented version
<application>TShark</application> is a terminal oriented version
of ethereal designed for capturing and displaying packets when an
interactive user interface isn't necessary or available. It supports
the same options as <command>ethereal</command>. For more
information on <command>tethereal</command>, see the manual pages
(<command>man tethereal</command>).
information on <command>tshark</command>, see the manual pages
(<command>man tshark</command>).
</para>
</section>

View File

@ -554,11 +554,11 @@ ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\P
(native Win32 look and feel, recommended).
</para></listitem>
<listitem><para>
<command>Tethereal</command> - Tethereal is a command-line based network
<command>TShark</command> - TShark is a command-line based network
protocol analyzer.
</para></listitem>
</itemizedlist>
The dissection extensions for Wireshark and Tethereal:
The dissection extensions for Wireshark and TShark:
<itemizedlist>
<listitem><para>
<command>Dissector Plugins</command> - Plugins with some extended dissections.

View File

@ -467,7 +467,7 @@ standard libpcap format.
<varlistentry><term><command>-X &lt;eXtension option></command></term>
<listitem>
<para>
Specify an option to be passed to a Tethereal module. The eXtension
Specify an option to be passed to a TShark module. The eXtension
option is in the form extension_key:value, where extension_key can
be:
</para>

View File

@ -120,7 +120,7 @@ void get_addr_name_buf(address *addr, gchar *buf, guint size);
extern void host_name_lookup_init(void);
/* host_name_lookup_process does ADNS processing in GTK+ timeouts in Wireshark,
and before processing each packet in Twireshark, if we're using ADNS */
and before processing each packet in TShark, if we're using ADNS */
extern gint host_name_lookup_process(gpointer data);
/* host_name_lookup_cleanup cleans up an ADNS socket if we're using ADNS */

View File

@ -1342,7 +1342,7 @@ chunked_encoding_dissector(tvbuff_t **tvb_ptr, packet_info *pinfo,
if (chunk_size > 0) {
/*
* XXX - just use "proto_tree_add_text()"?
* This means that, in Twireshark, you get
* This means that, in TShark, you get
* the entire chunk dumped out in hex,
* in addition to whatever dissection is
* done on the reassembled data.

View File

@ -343,7 +343,7 @@ proto_reg_handoff_mdshdr(void)
if (!mdshdr_prefs_initialized) {
/*
* This is the first time this has been called (i.e.,
* Wireshark/Tethereal is starting up), so create a handle for
* Wireshark/TShark is starting up), so create a handle for
* the MDS Header dissector, register the dissector for
* ethertype ETHERTYPE_FCFT, and fetch the data and Fibre
* Channel handles.

View File

@ -404,7 +404,7 @@ sid_snooping_init(void)
if(error_string){
/* error, we failed to attach to the tap. clean up */
fprintf(stderr, "twireshark: Couldn't register proto_reg_handoff_smb_sidsnooping()/lsa_policy_information tap: %s\n",
fprintf(stderr, "tshark: Couldn't register proto_reg_handoff_smb_sidsnooping()/lsa_policy_information tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);
@ -415,7 +415,7 @@ sid_snooping_init(void)
if(error_string){
/* error, we failed to attach to the tap. clean up */
fprintf(stderr, "twireshark: Couldn't register proto_reg_handoff_smb_sidsnooping()/samr_query_dispinfo tap: %s\n",
fprintf(stderr, "tshark: Couldn't register proto_reg_handoff_smb_sidsnooping()/samr_query_dispinfo tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -185,7 +185,7 @@ emem_canary_pad (size_t allocation) {
/* Initialize the packet-lifetime memory allocation pool.
* This function should be called only once when Wireshark or Twireshark starts
* This function should be called only once when Wireshark or TShark starts
* up.
*/
void
@ -223,7 +223,7 @@ ep_init_chunk(void)
}
/* Initialize the capture-lifetime memory allocation pool.
* This function should be called only once when Wireshark or Twireshark starts
* This function should be called only once when Wireshark or TShark starts
* up.
*/
void

View File

@ -479,7 +479,7 @@ get_progfile_dir(void)
* stored.
*
* XXX - if we ever make libwireshark a real library, used by multiple
* applications (more than just Twireshark and versions of Wireshark with
* applications (more than just TShark and versions of Wireshark with
* various UIs), should the configuration files belong to the library
* (and be shared by all those applications) or to the applications?
*

View File

@ -45,7 +45,7 @@ get_credential_info(void)
* For now, we say the program wasn't started with special privileges.
* There are ways of running programs with credentials other than those
* for the session in which it's run, but I don't know whether that'd be
* done with Wireshark/Twireshark or not.
* done with Wireshark/TShark or not.
*/
gboolean
started_with_special_privs(void)

View File

@ -510,7 +510,7 @@ extern int stats_tree_manip_node(manip_node_mode mode, stats_tree* st, const gui
extern guint8* stats_tree_get_abbr(const guint8* optarg) {
guint i;
/* XXX: this fails when twireshark is given any options
/* XXX: this fails when tshark is given any options
after the -z */
g_assert(optarg != NULL);

View File

@ -24,7 +24,7 @@
/* This module provides rpc call/reply SRT statistics to Wireshark,
* and displays them graphically.
* It is only used by Wireshark and not twireshark
* It is only used by Wireshark and not tshark
*
* It serves as an example on how to use the tap api.
*/

View File

@ -363,8 +363,8 @@ topic_action(topic_action_e action)
case(LOCALPAGE_MAN_WIRESHARK_FILTER):
browser_open_data_file("wireshark-filter.html");
break;
case(LOCALPAGE_MAN_TWIRESHARK):
browser_open_data_file("twireshark.html");
case(LOCALPAGE_MAN_TSHARK):
browser_open_data_file("tshark.html");
break;
case(LOCALPAGE_MAN_DUMPCAP):
browser_open_data_file("dumpcap.html");

View File

@ -44,7 +44,7 @@ typedef enum {
/* local manual pages */
LOCALPAGE_MAN_WIRESHARK = 100,
LOCALPAGE_MAN_WIRESHARK_FILTER,
LOCALPAGE_MAN_TWIRESHARK,
LOCALPAGE_MAN_TSHARK,
LOCALPAGE_MAN_DUMPCAP,
LOCALPAGE_MAN_MERGECAP,
LOCALPAGE_MAN_EDITCAP,

View File

@ -2478,7 +2478,7 @@ main(int argc, char *argv[])
* Input file name not specified with "-r", and a command-line argument
* was specified; treat it as the input file name.
*
* Yes, this is different from twireshark, where non-flag command-line
* Yes, this is different from tshark, where non-flag command-line
* arguments are a filter, but this works better on GUI desktops
* where a command can be specified to be run to open a particular
* file - yes, you could have "-r" as the last part of the command,

View File

@ -398,7 +398,7 @@ static GtkItemFactoryEntry menu_items[] =
ITEM_FACTORY_ENTRY("/Help/Manual Pages/Wireshark", NULL, topic_menu_cb, LOCALPAGE_MAN_WIRESHARK, NULL, NULL),
ITEM_FACTORY_ENTRY("/Help/Manual Pages/Wireshark Filter", NULL, topic_menu_cb, LOCALPAGE_MAN_WIRESHARK_FILTER, NULL, NULL),
ITEM_FACTORY_ENTRY("/Help/Manual Pages/<separator>", NULL, NULL, 0, "<Separator>", NULL),
ITEM_FACTORY_ENTRY("/Help/Manual Pages/Twireshark", NULL, topic_menu_cb, LOCALPAGE_MAN_TWIRESHARK, NULL, NULL),
ITEM_FACTORY_ENTRY("/Help/Manual Pages/TShark", NULL, topic_menu_cb, LOCALPAGE_MAN_TSHARK, NULL, NULL),
ITEM_FACTORY_ENTRY("/Help/Manual Pages/Dumpcap", NULL, topic_menu_cb, LOCALPAGE_MAN_DUMPCAP, NULL, NULL),
ITEM_FACTORY_ENTRY("/Help/Manual Pages/Mergecap", NULL, topic_menu_cb, LOCALPAGE_MAN_MERGECAP, NULL, NULL),
ITEM_FACTORY_ENTRY("/Help/Manual Pages/Editcap", NULL, topic_menu_cb, LOCALPAGE_MAN_EDITCAP, NULL, NULL),

View File

@ -23,7 +23,7 @@
*/
/* This module provides rpc call/reply SRT statistics to Wireshark.
* It is only used by Wireshark and not TWireshark
* It is only used by Wireshark and not TShark
*
* It serves as an example on how to use the tap api.
*/

View File

@ -64,7 +64,7 @@ As a rule of thumb: if you want to see most of the packets and only filter a sma
d) If you still get packet drops, it might be an idea to use a tool dedicated to packet capturing and only use Ethereal for displaying and analyzing the packets.
Have a look at tethereal, the command line variant of ethereal, which is included in this package.
Have a look at tshark, the command line variant of ethereal, which is included in this package.
XXX: add a list of possibly useful standalone capture programs.

View File

@ -41,7 +41,7 @@
3. Installing Ethereal:
3.1 I installed an Ethereal RPM; why did it install Tethereal but not
3.1 I installed an Ethereal RPM; why did it install TShark but not
Ethereal?
4. Building Ethereal:
@ -70,7 +70,7 @@
5.1 Why does Ethereal crash with a Bus Error when I try to run it on Solaris
8?
5.2 When I run Tethereal with the "-x" option, why does it crash with an
5.2 When I run TShark with the "-x" option, why does it crash with an
error
"** ERROR **: file print.c: line 691 (print_line): should not be reached.
@ -1169,7 +1169,7 @@ cies
3. Installing Ethereal
Q 3.1: I installed an Ethereal RPM; why did it install Tethereal but not
Q 3.1: I installed an Ethereal RPM; why did it install TShark but not
Ethereal?
A: Older versions of the Red Hat RPMs for Wireshark put only the non-GUI
@ -1270,7 +1270,7 @@ cies
Similar problems may exist with older versions of GTK+ for earlier versions
of Solaris.
Q 5.2: When I run Tethereal with the "-x" option, why does it crash with an
Q 5.2: When I run TShark with the "-x" option, why does it crash with an
error
"** ERROR **: file print.c: line 691 (print_line): should not be reached.
@ -1440,7 +1440,7 @@ cies
supply to the host all network packets they see. Ethereal will try to put
the interface on which it's capturing into promiscuous mode unless the
"Capture packets in promiscuous mode" option is turned off in the "Capture
Options" dialog box, and Tethereal will try to put the interface on which
Options" dialog box, and TShark will try to put the interface on which
it's capturing into promiscuous mode unless the -p option was specified.
However, some network interfaces don't support promiscuous mode, and some
OSes might not allow interfaces to be put into promiscuous mode.
@ -1537,7 +1537,7 @@ cies
Q 7.6: How do I put an interface into promiscuous mode?
A: By not disabling promiscuous mode when running Ethereal or Tethereal.
A: By not disabling promiscuous mode when running Ethereal or TShark.
Note, however, that:
* the form of promiscuous mode that libpcap (the library that programs
@ -1768,7 +1768,7 @@ cies
A: If you are running Ethereal on Windows NT 4.0, Windows 2000, Windows XP,
or Windows Server 2003, and this is the first time you have run a
WinPcap-based program (such as Ethereal, or Tethereal, or WinDump, or
WinPcap-based program (such as Ethereal, or TShark, or WinDump, or
Analyzer, or...) since the machine was rebooted, you need to run that
program from an account with administrator privileges; once you have run
such a program, you will not need administrator privileges to run any such
@ -2137,7 +2137,7 @@ cies
passively capture packets.
This means that you should disable name resolution when capturing in monitor
mode; otherwise, when Ethereal (or Tethereal, or tcpdump) tries to display
mode; otherwise, when Ethereal (or TShark, or tcpdump) tries to display
IP addresses as host names, it will probably block for a long time trying to
resolve the name because it will not be able to communicate with any DNS or
NIS servers.
@ -2179,7 +2179,7 @@ cies
possible" option, clicking "Save" if you want to save that setting in your
preference file, and clicking "OK".
It can also be set on the Wireshark or Tethereal command line with a -o
It can also be set on the Wireshark or TShark command line with a -o
tcp.check_checksum:false command-line flag, or manually set in your
preferences file by adding a tcp.check_checksum:false line.

View File

@ -4,7 +4,7 @@
include ..\config.nmake
ALL_RC=ethereal.rc libwireshark.rc tethereal.rc capinfos.rc editcap.rc text2pcap.rc mergecap.rc wiretap.rc dumpcap.rc wireshark.exe.manifest
ALL_RC=ethereal.rc libwireshark.rc tshark.rc capinfos.rc editcap.rc text2pcap.rc mergecap.rc wiretap.rc dumpcap.rc wireshark.exe.manifest
all : $(ALL_RC)
wireshark.exe.manifest: ethereal.exe.manifest.in ..\config.nmake
@ -23,10 +23,10 @@ libwireshark.rc: libwireshark.rc.in ..\config.nmake
-e s/@RC_VERSION@/$(RC_VERSION)/ \
< libwireshark.rc.in > $@
tethereal.rc : tethereal.rc.in ..\config.nmake
tshark.rc : tshark.rc.in ..\config.nmake
sed -e s/@VERSION@/$(VERSION)/ \
-e s/@RC_VERSION@/$(RC_VERSION)/ \
< tethereal.rc.in > $@
< tshark.rc.in > $@
capinfos.rc : capinfos.rc.in ..\config.nmake
sed -e s/@VERSION@/$(VERSION)/ \

View File

@ -47,7 +47,7 @@ icon-excl.xpm informational dialogs
ethereal.rc.in MSVC++ resource templates
editcap.rc.in
mergecap.rc.in
tethereal.rc.in
tshark.rc.in
text2pcap.rc.in
stock_dialog_error_48.xpm GTK2 default icons for simple_dialog, from:

View File

@ -20,12 +20,12 @@ BEGIN
BLOCK "040904b0"
BEGIN
VALUE "CompanyName", "The Wireshark developer community\0"
VALUE "FileDescription", "Tethereal\0"
VALUE "FileDescription", "TShark\0"
VALUE "FileVersion", "@VERSION@\0"
VALUE "InternalName", "Tethereal @VERSION@\0"
VALUE "InternalName", "TShark @VERSION@\0"
VALUE "LegalCopyright", "Copyright © 2000 Gerald Combs <gerald@wireshark.org>, Gilbert Ramirez <gram@alumni.rice.edu> and others\0"
VALUE "OriginalFilename", "Tethereal.exe\0"
VALUE "ProductName", "Tethereal\0"
VALUE "OriginalFilename", "TShark.exe\0"
VALUE "ProductName", "TShark\0"
VALUE "ProductVersion", "@VERSION@\0"
END
END

View File

@ -35,7 +35,7 @@ DEST=wireshark-gtk2
DEST=wireshark
!ENDIF
EXE=../../tethereal.exe ../../editcap.exe \
EXE=../../tshark.exe ../../editcap.exe \
!IFDEF GTK1_DIR
../../ethereal.exe \
!ENDIF
@ -45,7 +45,7 @@ EXE=../../tethereal.exe ../../editcap.exe \
../../text2pcap.exe ../../mergecap.exe ../../capinfos.exe WinPcap_3_1.exe
DLL=../../wiretap/wiretap-$(WTAP_VERSION).dll
DOC=../../doc/ethereal.html \
../../doc/tethereal.html \
../../doc/tshark.html \
../../doc/ethereal-filter.html \
../../doc/editcap.html \
../../doc/text2pcap.html \

View File

@ -661,14 +661,14 @@ SectionEnd
SectionGroupEnd ; "Wireshark"
Section "Tethereal" SecTethereal
Section "TShark" SecTShark
;-------------------------------------------
!ifdef GTK1_DIR & GTK2_DIR
SectionIn 1 2
!endif
SetOutPath $INSTDIR
File "..\..\tethereal.exe"
File "..\..\doc\tethereal.html"
File "..\..\tshark.exe"
File "..\..\doc\tshark.html"
SectionEnd
SectionGroup "Plugins / Extensions" SecPluginsGroup
@ -807,11 +807,11 @@ Section "Uninstall" un.SecUinstall
SectionIn 1 2
SetShellVarContext all
Delete "$INSTDIR\tethereal.exe"
IfErrors 0 NoTetherealErrorMsg
MessageBox MB_OK "Please note: tethereal.exe could not be removed, it's probably in use!" IDOK 0 ;skipped if tethereal.exe removed
Abort "Please note: tethereal.exe could not be removed, it's probably in use! Abort uninstall process!"
NoTetherealErrorMsg:
Delete "$INSTDIR\tshark.exe"
IfErrors 0 NoTSharkErrorMsg
MessageBox MB_OK "Please note: tshark.exe could not be removed, it's probably in use!" IDOK 0 ;skipped if tshark.exe removed
Abort "Please note: tshark.exe could not be removed, it's probably in use! Abort uninstall process!"
NoTSharkErrorMsg:
Delete "$INSTDIR\wireshark.exe"
IfErrors 0 NoWiresharkErrorMsg
@ -1003,8 +1003,8 @@ SectionEnd
!insertmacro MUI_DESCRIPTION_TEXT ${SecGTKWimp} "GTK-Wimp is the GTK2 windows impersonator (native Win32 look and feel, for Win2000 and up)."
!endif
!endif
!insertmacro MUI_DESCRIPTION_TEXT ${SecTethereal} "Tethereal is a text based network protocol analyzer."
!insertmacro MUI_DESCRIPTION_TEXT ${SecPluginsGroup} "Some plugins and extensions for both Wireshark and Tethereal."
!insertmacro MUI_DESCRIPTION_TEXT ${SecTShark} "TShark is a text based network protocol analyzer."
!insertmacro MUI_DESCRIPTION_TEXT ${SecPluginsGroup} "Some plugins and extensions for both Wireshark and TShark."
!insertmacro MUI_DESCRIPTION_TEXT ${SecPlugins} "Plugins with some extended dissections."
!insertmacro MUI_DESCRIPTION_TEXT ${SecStatsTree} "Plugin for some extended statistics."
!insertmacro MUI_DESCRIPTION_TEXT ${SecMate} "Plugin - Meta Analysis and Tracing Engine (Experimental)."

View File

@ -3506,7 +3506,7 @@ build_pdu_tree(const char *pduname)
#ifdef DISSECTOR_WITH_GUI
/* This cannot work in twireshark.... don't include for now */
/* This cannot work in tshark.... don't include for now */
#if GTK_MAJOR_VERSION >= 2
#define SHOWPDU /* this needs GTK2 */
#endif

View File

@ -499,7 +499,7 @@ ELUA_FUNCTION elua_retap_packets(lua_State* L) {
if ( ops->retap_packets ) {
ops->retap_packets();
} else {
ELUA_ERROR(elua_retap_packets, "does not work on tWireshark");
ELUA_ERROR(elua_retap_packets, "does not work on TShark");
}
return 0;

View File

@ -272,7 +272,7 @@ static int Tap_newindex(lua_State* L) {
function tap.packet(pinfo,tvb,userdata) ... end
*/
/* ELUA_ATTRIBUTE Tap_draw WO A function that will be called once every few seconds to redraw the gui objects
in twireshark this funtion is called oly at the very end of the capture file.
in tshark this funtion is called oly at the very end of the capture file.
function tap.draw(userdata) ... end
*/

View File

@ -157,7 +157,7 @@ afpstat_init(const char *optarg, void* userdata _U_)
g_free(ss->filter);
g_free(ss);
fprintf(stderr, "twireshark: Couldn't register afp,rtt tap: %s\n",
fprintf(stderr, "tshark: Couldn't register afp,rtt tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -170,7 +170,7 @@ dhcpstat_init(const char *optarg, void* userdata _U_)
/* error, we failed to attach to the tap. clean up */
g_free(sp->filter);
g_free(sp);
fprintf(stderr, "twireshark: Couldn't register dhcp,stat tap: %s\n",
fprintf(stderr, "tshark: Couldn't register dhcp,stat tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -229,15 +229,15 @@ dcerpcstat_init(const char *optarg, void* userdata _U_)
filter=NULL;
}
} else {
fprintf(stderr, "twireshark: invalid \"-z dcerpc,rtt,<uuid>,<major version>.<minor version>[,<filter>]\" argument\n");
fprintf(stderr, "tshark: invalid \"-z dcerpc,rtt,<uuid>,<major version>.<minor version>[,<filter>]\" argument\n");
exit(1);
}
if (major < 0 || major > 65535) {
fprintf(stderr,"twireshark: dcerpcstat_init() Major version number %d is invalid - must be positive and <= 65535\n", major);
fprintf(stderr,"tshark: dcerpcstat_init() Major version number %d is invalid - must be positive and <= 65535\n", major);
exit(1);
}
if (minor < 0 || minor > 65535) {
fprintf(stderr,"twireshark: dcerpcstat_init() Minor version number %d is invalid - must be positive and <= 65535\n", minor);
fprintf(stderr,"tshark: dcerpcstat_init() Minor version number %d is invalid - must be positive and <= 65535\n", minor);
exit(1);
}
ver = major;
@ -246,7 +246,7 @@ dcerpcstat_init(const char *optarg, void* userdata _U_)
rs->prog=dcerpc_get_proto_name(&uuid, ver);
if(!rs->prog){
g_free(rs);
fprintf(stderr,"twireshark: dcerpcstat_init() Protocol with uuid:%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x v%u not supported\n",uuid.Data1,uuid.Data2,uuid.Data3,uuid.Data4[0],uuid.Data4[1],uuid.Data4[2],uuid.Data4[3],uuid.Data4[4],uuid.Data4[5],uuid.Data4[6],uuid.Data4[7],ver);
fprintf(stderr,"tshark: dcerpcstat_init() Protocol with uuid:%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x v%u not supported\n",uuid.Data1,uuid.Data2,uuid.Data3,uuid.Data4[0],uuid.Data4[1],uuid.Data4[2],uuid.Data4[3],uuid.Data4[4],uuid.Data4[5],uuid.Data4[6],uuid.Data4[7],ver);
exit(1);
}
procs=dcerpc_get_proto_sub_dissector(&uuid, ver);
@ -291,7 +291,7 @@ dcerpcstat_init(const char *optarg, void* userdata _U_)
g_free(rs->filter);
g_free(rs);
fprintf(stderr, "twireshark: Couldn't register dcerpc,rtt tap: %s\n",
fprintf(stderr, "tshark: Couldn't register dcerpc,rtt tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -412,7 +412,7 @@ h225counter_init(const char *optarg, void* userdata _U_)
g_free(hs->filter);
g_free(hs);
fprintf(stderr, "twireshark: Couldn't register h225,counter tap: %s\n",
fprintf(stderr, "tshark: Couldn't register h225,counter tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -236,7 +236,7 @@ h225rassrt_init(const char *optarg, void* userdata _U_)
g_free(hs->filter);
g_free(hs);
fprintf(stderr, "twireshark: Couldn't register h225,srt tap: %s\n",
fprintf(stderr, "tshark: Couldn't register h225,srt tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -314,7 +314,7 @@ gtk_httpstat_init(const char *optarg,void* userdata _U_)
/* error, we failed to attach to the tap. clean up */
g_free(sp->filter);
g_free(sp);
fprintf (stderr, "twireshark: Couldn't register http,stat tap: %s\n",
fprintf (stderr, "tshark: Couldn't register http,stat tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -479,18 +479,18 @@ register_io_tap(io_stat_t *io, int i, const char *filter)
p=filter+namelen+1;
parenp=strchr(p, ')');
if(!parenp){
fprintf(stderr, "twireshark: Closing parenthesis missing from calculated expression.\n");
fprintf(stderr, "tshark: Closing parenthesis missing from calculated expression.\n");
exit(10);
}
/* bail out if there was no field specified */
if(parenp==p){
fprintf(stderr, "twireshark: You didn't specify a field name for %s(*).\n",
fprintf(stderr, "tshark: You didn't specify a field name for %s(*).\n",
calc_type_table[j].func_name);
exit(10);
}
field=malloc(parenp-p+1);
if(!field){
fprintf(stderr, "twireshark: Out of memory.\n");
fprintf(stderr, "tshark: Out of memory.\n");
exit(10);
}
memcpy(field, p, parenp-p);
@ -499,7 +499,7 @@ register_io_tap(io_stat_t *io, int i, const char *filter)
hfi=proto_registrar_get_byname(field);
if(!hfi){
fprintf(stderr, "twireshark: There is no field named '%s'.\n",
fprintf(stderr, "tshark: There is no field named '%s'.\n",
field);
free(field);
exit(10);
@ -533,7 +533,7 @@ register_io_tap(io_stat_t *io, int i, const char *filter)
break;
default:
fprintf(stderr,
"twireshark: %s is a relative-time field, so %s(*) calculations are not supported on it.",
"tshark: %s is a relative-time field, so %s(*) calculations are not supported on it.",
field,
calc_type_table[j].func_name);
exit(10);
@ -547,7 +547,7 @@ register_io_tap(io_stat_t *io, int i, const char *filter)
*/
if(io->items[i].calc_type!=CALC_TYPE_COUNT){
fprintf(stderr,
"twireshark: %s is a 64-bit integer, so %s(*) calculations are not supported on it.",
"tshark: %s is a 64-bit integer, so %s(*) calculations are not supported on it.",
field,
calc_type_table[j].func_name);
exit(10);
@ -560,7 +560,7 @@ register_io_tap(io_stat_t *io, int i, const char *filter)
*/
if(io->items[i].calc_type!=CALC_TYPE_COUNT){
fprintf(stderr,
"twireshark: %s doesn't have integral values, so %s(*) calculations are not supported on it.\n",
"tshark: %s doesn't have integral values, so %s(*) calculations are not supported on it.\n",
field,
calc_type_table[j].func_name);
exit(10);
@ -581,7 +581,7 @@ CALC_TYPE_AVG 5
if(error_string){
g_free(io->items);
g_free(io);
fprintf(stderr, "twireshark: Couldn't register io,stat tap: %s\n",
fprintf(stderr, "tshark: Couldn't register io,stat tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);
@ -604,7 +604,7 @@ iostat_init(const char *optarg, void* userdata _U_)
filter=NULL;
}
} else {
fprintf(stderr, "twireshark: invalid \"-z io,stat,<interval>[,<filter>]\" argument\n");
fprintf(stderr, "tshark: invalid \"-z io,stat,<interval>[,<filter>]\" argument\n");
exit(1);
}
@ -612,7 +612,7 @@ iostat_init(const char *optarg, void* userdata _U_)
/* make interval be number of ms */
interval=(gint32)(interval_float*1000.0+0.9);
if(interval<1){
fprintf(stderr, "twireshark: \"-z\" interval must be >=0.001 seconds.\n");
fprintf(stderr, "tshark: \"-z\" interval must be >=0.001 seconds.\n");
exit(10);
}

View File

@ -671,7 +671,7 @@ iousers_init(const char *optarg, void* userdata _U_)
tap_type_name="SCTP";
packet_func=iousers_sctp_packet;
} else {
fprintf(stderr, "twireshark: invalid \"-z conv,<type>[,<filter>]\" argument\n");
fprintf(stderr, "tshark: invalid \"-z conv,<type>[,<filter>]\" argument\n");
fprintf(stderr," <type> must be one of\n");
fprintf(stderr," \"eth\"\n");
fprintf(stderr," \"fc\"\n");
@ -701,7 +701,7 @@ iousers_init(const char *optarg, void* userdata _U_)
g_free(iu->items);
}
g_free(iu);
fprintf(stderr, "twireshark: Couldn't register conversations tap: %s\n",
fprintf(stderr, "tshark: Couldn't register conversations tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -217,7 +217,7 @@ mgcpstat_init(const char *optarg, void* userdata _U_)
g_free(ms->filter);
g_free(ms);
fprintf(stderr, "twireshark: Couldn't register mgcp,rtd tap: %s\n",
fprintf(stderr, "tshark: Couldn't register mgcp,rtd tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -22,7 +22,7 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/* This module provides Protocol Column Info tap for twireshark */
/* This module provides Protocol Column Info tap for tshark */
#ifdef HAVE_CONFIG_H
# include "config.h"
@ -67,7 +67,7 @@ protocolinfo_packet(void *prs, packet_info *pinfo, epan_dissect_t *edt, const vo
* and, if so, we report that error and exit.
*/
if (pinfo->cinfo == NULL) {
fprintf(stderr, "twireshark: the proto,colinfo tap doesn't work if the columns aren't being printed.\n");
fprintf(stderr, "tshark: the proto,colinfo tap doesn't work if the columns aren't being printed.\n");
exit(1);
}
gp=proto_get_finfo_ptr_array(edt->tree, rs->hf_index);
@ -103,13 +103,13 @@ protocolinfo_init(const char *optarg, void* userdata _U_)
}
}
if(!field){
fprintf(stderr, "twireshark: invalid \"-z proto,colinfo,<filter>,<field>\" argument\n");
fprintf(stderr, "tshark: invalid \"-z proto,colinfo,<filter>,<field>\" argument\n");
exit(1);
}
hfi=proto_registrar_get_byname(field);
if(!hfi){
fprintf(stderr, "twireshark: Field \"%s\" doesn't exist.\n", field);
fprintf(stderr, "tshark: Field \"%s\" doesn't exist.\n", field);
exit(1);
}
@ -126,7 +126,7 @@ protocolinfo_init(const char *optarg, void* userdata _U_)
error_string=register_tap_listener("frame", rs, rs->filter, NULL, protocolinfo_packet, NULL);
if(error_string){
/* error, we failed to attach to the tap. complain and clean up */
fprintf(stderr, "twireshark: Couldn't register proto,colinfo tap: %s\n",
fprintf(stderr, "tshark: Couldn't register proto,colinfo tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
if(rs->filter){

View File

@ -22,7 +22,7 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/* This module provides ProtocolHierarchyStatistics for twireshark */
/* This module provides ProtocolHierarchyStatistics for tshark */
#ifdef HAVE_CONFIG_H
# include "config.h"
@ -193,7 +193,7 @@ protohierstat_init(const char *optarg, void* userdata _U_)
filter="frame";
}
} else {
fprintf(stderr, "twireshark: invalid \"-z io,phs[,<filter>]\" argument\n");
fprintf(stderr, "tshark: invalid \"-z io,phs[,<filter>]\" argument\n");
exit(1);
}
@ -212,7 +212,7 @@ protohierstat_init(const char *optarg, void* userdata _U_)
g_free(rs->filter);
g_free(rs);
fprintf(stderr, "twireshark: Couldn't register io,phs tap: %s\n",
fprintf(stderr, "tshark: Couldn't register io,phs tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -22,8 +22,8 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/* This module provides rpc call/reply SRT statistics to twireshark.
* It is only used by twireshark and not wireshark
/* This module provides rpc call/reply SRT statistics to tshark.
* It is only used by tshark and not wireshark
*/
#ifdef HAVE_CONFIG_H
@ -227,7 +227,7 @@ rpcprogs_init(const char *optarg _U_, void* userdata _U_)
error_string=register_tap_listener("rpc", NULL, NULL, NULL, rpcprogs_packet, rpcprogs_draw);
if(error_string){
fprintf(stderr,"twireshark: Couldn't register rpc,programs tap: %s\n",
fprintf(stderr,"tshark: Couldn't register rpc,programs tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -22,8 +22,8 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/* This module provides rpc call/reply RTT statistics to twireshark.
* It is only used by twireshark and not wireshark
/* This module provides rpc call/reply RTT statistics to tshark.
* It is only used by tshark and not wireshark
*
* It serves as an example on how to use the tap api.
*/
@ -66,7 +66,7 @@ typedef struct _rpcstat_t {
/* This callback is never used by twireshark but it is here for completeness.
/* This callback is never used by tshark but it is here for completeness.
* When registering below, we could just have left this function as NULL.
*
* When used by wireshark, this function will be called whenever we would need
@ -186,10 +186,10 @@ rpcstat_packet(void *prs, packet_info *pinfo, epan_dissect_t *edt _U_, const voi
return 1;
}
/* This callback is used when twireshark wants us to draw/update our
* data to the output device. Since this is twireshark only output is
/* This callback is used when tshark wants us to draw/update our
* data to the output device. Since this is tshark only output is
* stdout.
* Twireshark will only call this callback once, which is when twireshark has
* TShark will only call this callback once, which is when tshark has
* finished reading all packets and exists.
* If used with wireshark this may be called any time, perhaps once every 3
* seconds or so.
@ -268,7 +268,7 @@ rpcstat_find_procs(gpointer *key, gpointer *value _U_, gpointer *user_data _U_)
/* When called, this function will create a new instance of rpcstat.
* program and version are whick onc-rpc program/version we want to
* collect statistics for.
* This function is called from twireshark when it parses the -z rpc, arguments
* This function is called from tshark when it parses the -z rpc, arguments
* and it creates a new instance to store statistics in and registers this
* new instance for the rpc tap.
*/
@ -289,7 +289,7 @@ rpcstat_init(const char *optarg, void* userdata _U_)
filter=NULL;
}
} else {
fprintf(stderr, "twireshark: invalid \"-z rpc,rtt,<program>,<version>[,<filter>]\" argument\n");
fprintf(stderr, "tshark: invalid \"-z rpc,rtt,<program>,<version>[,<filter>]\" argument\n");
exit(1);
}
@ -309,8 +309,8 @@ rpcstat_init(const char *optarg, void* userdata _U_)
rpc_max_proc=-1;
g_hash_table_foreach(rpc_procs, (GHFunc)rpcstat_find_procs, NULL);
if(rpc_min_proc==-1){
fprintf(stderr,"twireshark: Invalid -z rpc,rrt,%d,%d\n",rpc_program,rpc_version);
fprintf(stderr," Program:%d version:%d isn't supported by twireshark.\n", rpc_program, rpc_version);
fprintf(stderr,"tshark: Invalid -z rpc,rrt,%d,%d\n",rpc_program,rpc_version);
fprintf(stderr," Program:%d version:%d isn't supported by tshark.\n", rpc_program, rpc_version);
exit(1);
}
@ -345,7 +345,7 @@ rpcstat_init(const char *optarg, void* userdata _U_)
g_free(rs->filter);
g_free(rs);
fprintf(stderr, "twireshark: Couldn't register rpc,rtt tap: %s\n",
fprintf(stderr, "tshark: Couldn't register rpc,rtt tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -246,7 +246,7 @@ sctpstat_init(const char *optarg, void* userdata _U_)
g_free(hs->filter);
g_free(hs);
fprintf(stderr, "twireshark: Couldn't register sctp,stat tap: %s\n",
fprintf(stderr, "tshark: Couldn't register sctp,stat tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -378,7 +378,7 @@ sipstat_init(const char *optarg, void* userdata _U_)
/* error, we failed to attach to the tap. clean up */
g_free(sp->filter);
g_free(sp);
fprintf (stderr, "twireshark: Couldn't register sip,stat tap: %s\n",
fprintf (stderr, "tshark: Couldn't register sip,stat tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -78,14 +78,14 @@ smbsids_init(const char *optarg _U_, void* userdata _U_)
fprintf(stderr,"Either enable Edit/Preferences/Protocols/SMB/Snoop SID name mappings in wireshark\n");
fprintf(stderr,"or override the preference file by specifying\n");
fprintf(stderr," -o \"smb.sid_name_snooping=TRUE\"\n");
fprintf(stderr,"on the twireshark command line.\n");
fprintf(stderr,"on the tshark command line.\n");
exit(1);
}
error_string=register_tap_listener("smb", NULL, NULL, NULL, smbsids_packet, smbsids_draw);
if(error_string){
fprintf(stderr, "twireshark: Couldn't register smb,sids tap:%s\n",
fprintf(stderr, "tshark: Couldn't register smb,sids tap:%s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -265,7 +265,7 @@ smbstat_init(const char *optarg,void* userdata _U_)
g_free(ss->filter);
g_free(ss);
fprintf(stderr, "twireshark: Couldn't register smb,rtt tap: %s\n",
fprintf(stderr, "tshark: Couldn't register smb,rtt tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -1,5 +1,5 @@
/* tap-stats_tree.c
* twireshark's tap implememntation of stats_tree
* tshark's tap implememntation of stats_tree
* 2005, Luis E. G. Ontanon
*
* $Id$

View File

@ -22,8 +22,8 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/* This module provides WSP statistics to twireshark.
* It is only used by twireshark and not wireshark
/* This module provides WSP statistics to tshark.
* It is only used by tshark and not wireshark
*
*/
@ -168,10 +168,10 @@ wspstat_packet(void *psp, packet_info *pinfo _U_, epan_dissect_t *edt _U_, const
}
/* This callback is used when twireshark wants us to draw/update our
* data to the output device. Since this is twireshark only output is
/* This callback is used when tshark wants us to draw/update our
* data to the output device. Since this is tshark only output is
* stdout.
* Twireshark will only call this callback once, which is when twireshark has
* TShark will only call this callback once, which is when tshark has
* finished reading all packets and exists.
* If used with wireshark this may be called any time, perhaps once every 3
* seconds or so.
@ -209,7 +209,7 @@ wspstat_draw(void *psp)
/* When called, this function will create a new instance of wspstat.
* program and version are whick onc-rpc program/version we want to
* collect statistics for.
* This function is called from twireshark when it parses the -z wsp, arguments
* This function is called from tshark when it parses the -z wsp, arguments
* and it creates a new instance to store statistics in and registers this
* new instance for the wsp tap.
*/
@ -272,7 +272,7 @@ wspstat_init(const char *optarg, void* userdata _U_)
g_free(sp);
g_hash_table_foreach( sp->hash, (GHFunc) wsp_free_hash_table, NULL ) ;
g_hash_table_destroy( sp->hash );
fprintf(stderr, "twireshark: Couldn't register wsp,stat tap: %s\n",
fprintf(stderr, "tshark: Couldn't register wsp,stat tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);

View File

@ -7,7 +7,7 @@ What is it?
This is basically a collection of bash scripts to test the command line options of:
- Ethereal
- Tethereal
- TShark
- Dumpcap
Motivation

View File

@ -28,7 +28,7 @@ ETH_BIN_PATH=../Debug_GTK2
# Tweak the following to your liking.
ETHEREAL=$ETH_BIN_PATH/ethereal
TETHEREAL=$ETH_BIN_PATH/tethereal
TSHARK=$ETH_BIN_PATH/tshark
CAPINFOS=$ETH_BIN_PATH/capinfos
DUMPCAP=$ETH_BIN_PATH/dumpcap

View File

@ -38,7 +38,7 @@ capture_step_10packets() {
test_step_failed "exit status of $DUT: $RETURNVALUE"
# part of the Prerequisite checks
# probably wrong interface, output the possible interfaces
$TETHEREAL -D
$TSHARK -D
return
fi
@ -58,7 +58,7 @@ capture_step_10packets() {
cat ./testout.txt
# part of the Prerequisite checks
# probably wrong interface, output the possible interfaces
$TETHEREAL -D
$TSHARK -D
test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
fi
}
@ -69,7 +69,7 @@ capture_step_10packets_stdout() {
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status of $DUT: $RETURNVALUE"
$TETHEREAL -D
$TSHARK -D
return
fi
@ -88,7 +88,7 @@ capture_step_10packets_stdout() {
echo
cat ./testout.txt
cat ./testout2.txt
$TETHEREAL -D
$TSHARK -D
test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
fi
}
@ -101,7 +101,7 @@ capture_step_2multi_10packets() {
test_step_failed "exit status of $DUT: $RETURNVALUE"
# part of the Prerequisite checks
# probably wrong interface, output the possible interfaces
$TETHEREAL -D
$TSHARK -D
return
fi
@ -169,8 +169,8 @@ capture_step_snapshot() {
return
fi
# use tethereal to filter out all packets, which are larger than 68 bytes
$TETHEREAL -r ./testout.pcap -w ./testout2.pcap -R 'frame.cap_len>68' > ./testout.txt 2>&1
# use tshark to filter out all packets, which are larger than 68 bytes
$TSHARK -r ./testout.pcap -w ./testout2.pcap -R 'frame.cap_len>68' > ./testout.txt 2>&1
# ok, we got a capture file, does it contain exactly 0 packets?
$CAPINFOS ./testout2.pcap > ./testout.txt
@ -196,8 +196,8 @@ ethereal_capture_suite() {
test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
}
tethereal_capture_suite() {
DUT=$TETHEREAL
tshark_capture_suite() {
DUT=$TSHARK
test_step_add "Capture 10 packets" capture_step_10packets
test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
@ -225,7 +225,7 @@ capture_suite() {
test_step_set_pre capture_cleanup_step
test_step_set_post capture_cleanup_step
test_remark_add "Capture - need some traffic on interface: \"$TRAFFIC_CAPTURE_IFACE\""
test_suite_add "Tethereal capture" tethereal_capture_suite
test_suite_add "TShark capture" tshark_capture_suite
test_suite_add "Ethereal capture" ethereal_capture_suite
test_suite_add "Dumpcap capture" dumpcap_capture_suite
}

View File

@ -30,7 +30,7 @@ EXIT_ERROR=2
# generic: check against a specific exit status with a single char option
# $1 command: tethereal
# $1 command: tshark
# $2 option: a
# $3 expected exit status: 0
test_single_char_options()
@ -49,7 +49,7 @@ test_single_char_options()
# check exit status when reading an existing file
clopts_step_existing_file() {
$TETHEREAL -r $CAPFILE > ./testout.txt 2>&1
$TSHARK -r $CAPFILE > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status: $RETURNVALUE"
@ -62,7 +62,7 @@ clopts_step_existing_file() {
# check exit status when reading a none existing file
clopts_step_nonexisting_file() {
$TETHEREAL -r ThisFileDontExist.pcap > ./testout.txt 2>&1
$TSHARK -r ThisFileDontExist.pcap > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_ERROR ]; then
test_step_failed "exit status: $RETURNVALUE"
@ -74,10 +74,10 @@ clopts_step_nonexisting_file() {
# check exit status of all single char option being invalid
clopts_suite_tethereal_invalid_chars() {
clopts_suite_tshark_invalid_chars() {
for index in A B C E F H I J K M N O P Q R T U W X Y Z a b c d e f g i j k m o r s t u w y z
do
test_step_add "Invalid Tethereal parameter -$index, exit status must be $EXIT_COMMAND_LINE" "test_single_char_options $TETHEREAL $index $EXIT_COMMAND_LINE"
test_step_add "Invalid TShark parameter -$index, exit status must be $EXIT_COMMAND_LINE" "test_single_char_options $TSHARK $index $EXIT_COMMAND_LINE"
done
}
@ -86,7 +86,7 @@ clopts_suite_tethereal_invalid_chars() {
clopts_suite_valid_chars() {
for index in D G L h v
do
test_step_add "Valid Tethereal parameter -$index, exit status must be $EXIT_OK" "test_single_char_options $TETHEREAL $index $EXIT_OK"
test_step_add "Valid TShark parameter -$index, exit status must be $EXIT_OK" "test_single_char_options $TSHARK $index $EXIT_OK"
done
}
@ -95,7 +95,7 @@ clopts_suite_valid_chars() {
# check exit status and grep output string of an invalid capture filter
clopts_step_invalid_capfilter() {
$TETHEREAL -f 'jkghg' -w './testout.pcap' > ./testout.txt 2>&1
$TSHARK -f 'jkghg' -w './testout.pcap' > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status: $RETURNVALUE"
@ -112,7 +112,7 @@ clopts_step_invalid_capfilter() {
# check exit status and grep output string of an invalid interface
clopts_step_invalid_interface() {
$TETHEREAL -i invalid_interface -w './testout.pcap' > ./testout.txt 2>&1
$TSHARK -i invalid_interface -w './testout.pcap' > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status: $RETURNVALUE"
@ -130,7 +130,7 @@ clopts_step_invalid_interface() {
# check exit status and grep output string of an invalid interface index
# (valid interface indexes start with 1)
clopts_step_invalid_interface_index() {
$TETHEREAL -i 0 -w './testout.pcap' > ./testout.txt 2>&1
$TSHARK -i 0 -w './testout.pcap' > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_COMMAND_LINE ]; then
test_step_failed "exit status: $RETURNVALUE"
@ -148,7 +148,7 @@ clopts_step_invalid_interface_index() {
# check exit status and grep output string of an invalid capture filter
# XXX - how to efficiently test the *invalid* flags?
clopts_step_valid_name_resolving() {
$TETHEREAL -N mntC -a duration:1 > ./testout.txt 2>&1
$TSHARK -N mntC -a duration:1 > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status: $RETURNVALUE"
@ -171,8 +171,8 @@ clopts_post_step() {
clopt_suite() {
test_step_set_post clopts_post_step
test_suite_add "Basic tests" clopts_suite_basic
test_suite_add "Invalid Tethereal single char options" clopts_suite_tethereal_invalid_chars
test_suite_add "Valid Tethereal single char options" clopts_suite_valid_chars
test_suite_add "Invalid TShark single char options" clopts_suite_tshark_invalid_chars
test_suite_add "Valid TShark single char options" clopts_suite_valid_chars
test_step_add "Invalid capture filter -f" clopts_step_invalid_capfilter
test_step_add "Invalid capture interface -i" clopts_step_invalid_interface
test_step_add "Invalid capture interface index 0" clopts_step_invalid_interface_index

View File

@ -38,7 +38,7 @@ io_step_input_file() {
test_step_failed "exit status of $DUT: $RETURNVALUE"
# part of the Prerequisite checks
# probably wrong interface, output the possible interfaces
$TETHEREAL -D
$TSHARK -D
return
fi
@ -58,7 +58,7 @@ io_step_input_file() {
cat ./testout.txt
# part of the Prerequisite checks
# probably wrong interface, output the possible interfaces
$TETHEREAL -D
$TSHARK -D
test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
fi
}
@ -69,7 +69,7 @@ io_step_output_piping() {
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status of $DUT: $RETURNVALUE"
$TETHEREAL -D
$TSHARK -D
return
fi
@ -88,7 +88,7 @@ io_step_output_piping() {
echo
cat ./testout.txt
cat ./testout2.txt
$TETHEREAL -D
$TSHARK -D
test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
fi
}
@ -98,7 +98,7 @@ io_step_input_piping() {
cat -B dhcp.pcap | $DUT -r - -w ./testout.pcap 2>./testout.txt
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
$TETHEREAL -D
$TSHARK -D
echo
cat ./testout.txt
test_step_failed "exit status of $DUT: $RETURNVALUE"
@ -120,7 +120,7 @@ io_step_input_piping() {
echo
cat ./testout.txt
cat ./testout2.txt
$TETHEREAL -D
$TSHARK -D
test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
fi
}
@ -131,8 +131,8 @@ ethereal_io_suite() {
test_step_add "Input file" io_step_input_file
}
tethereal_io_suite() {
DUT=$TETHEREAL
tshark_io_suite() {
DUT=$TSHARK
test_step_add "Input file" io_step_input_file
test_step_add "Output piping" io_step_output_piping
#test_step_add "Piping" io_step_input_piping
@ -155,7 +155,7 @@ io_cleanup_step() {
io_suite() {
test_step_set_pre io_cleanup_step
test_step_set_post io_cleanup_step
test_suite_add "Tethereal file I/O" tethereal_io_suite
test_suite_add "TShark file I/O" tshark_io_suite
#test_suite_add "Ethereal file I/O" ethereal_io_suite
#test_suite_add "Dumpcap file I/O" dumpcap_io_suite
}

View File

@ -39,7 +39,7 @@ source suite-capture.sh
test_step_prerequisites() {
NOTFOUND=0
for i in "$ETHEREAL" "$TETHEREAL" "$CAPINFOS" "$DUMPCAP" ; do
for i in "$ETHEREAL" "$TSHARK" "$CAPINFOS" "$DUMPCAP" ; do
if [ ! -x $i ]; then
echo "Couldn't find $i"
NOTFOUND=1
@ -71,8 +71,8 @@ test_suite() {
test_set_output VERBOSE
#test_suite_run "Tethereal command line options" clopt_suite
#test_suite_run "Tethereal capture" capture_suite
#test_suite_run "TShark command line options" clopt_suite
#test_suite_run "TShark capture" capture_suite
# all
@ -171,4 +171,4 @@ done
;;
esac
done
done

View File

@ -1,5 +1,5 @@
"""
Baseclass for reading PDML produced from Tethereal.
Baseclass for reading PDML produced from TShark.
Copyright (c) 2003 by Gilbert Ramirez <gram@alumni.rice.edu>

View File

@ -34,7 +34,7 @@ import getopt
REMOVE_TEMP_FILES = 1
VERBOSE = 0
TEXT2PCAP = os.path.join(".", "text2pcap")
TETHEREAL = os.path.join(".", "tethereal")
TSHARK = os.path.join(".", "tshark")
# Some DLT values. Add more from <net/bpf.h> if you need to.
@ -191,26 +191,26 @@ class Test:
def DFilterCount(self, packet, dfilter, num_lines_expected):
"""Run a dfilter on a packet file and expect
a certain number of output lines. If num_lines_expected
is None, then the tethereal command is expected to fail
is None, then the tshark command is expected to fail
with a non-zero return value."""
packet_file = packet.Filename()
cmd = (TETHEREAL, "-n -r", packet_file, "-R '", dfilter, "'")
cmd = (TSHARK, "-n -r", packet_file, "-R '", dfilter, "'")
tethereal_failed = 0
tshark_failed = 0
try:
(output, retval) = run_cmd(cmd)
except RunCommandError:
tethereal_failed = 1
tshark_failed = 1
# print "GOT", len(output), "lines:", output, retval
if retval:
tethereal_failed = 1
tshark_failed = 1
if tethereal_failed:
if tshark_failed:
if num_lines_expected == None:
if VERBOSE:
print "\nGot:", output
@ -1325,8 +1325,8 @@ all_tests = [
def usage():
print "usage: %s [OPTS] [TEST ...]" % (sys.argv[0],)
print "\t-p PATH : path to find both tethereal and text2pcap (DEFAULT: . )"
print "\t-t FILE : location of tethereal binary"
print "\t-p PATH : path to find both tshark and text2pcap (DEFAULT: . )"
print "\t-t FILE : location of tshark binary"
print "\t-x FILE : location of text2pcap binary"
print "\t-k : keep temporary files"
print "\t-v : verbose"
@ -1339,7 +1339,7 @@ def usage():
def main():
global TETHEREAL
global TSHARK
global TEXT2PCAP
global VERBOSE
global REMOVE_TEMP_FILES
@ -1355,14 +1355,14 @@ def main():
for opt, arg in opts:
if opt == "-t":
TETHEREAL = arg
TSHARK = arg
elif opt == "-x":
TEXT2PCAP = arg
elif opt == "-v":
VERBOSE = 1
elif opt == "-p":
TEXT2PCAP = os.path.join(arg, "text2pcap")
TETHEREAL = os.path.join(arg, "tethereal")
TSHARK = os.path.join(arg, "tshark")
elif opt == "-k":
REMOVE_TEMP_FILES = 0
else:
@ -1370,8 +1370,8 @@ def main():
usage()
# Sanity test
if not os.path.exists(TETHEREAL):
sys.exit("tethereal program '%s' does not exist." % (TETHEREAL,))
if not os.path.exists(TSHARK):
sys.exit("tshark program '%s' does not exist." % (TSHARK,))
if not os.path.exists(TEXT2PCAP):
sys.exit("text2pcap program '%s' does not exist." % (TEXT2PCAP,))

View File

@ -42,9 +42,9 @@ class Field:
def gather_data(tethereal):
"""Calls tethereal and gathers data."""
cmd = "%s -G fields3" % (tethereal,)
def gather_data(tshark):
"""Calls tshark and gathers data."""
cmd = "%s -G fields3" % (tshark,)
(status, output) = commands.getstatusoutput(cmd)
if status != 0:
@ -69,10 +69,10 @@ def check_fields(fields):
(field.abbrev, field.bitmask, field.ftype)
errors += 1
def run(tethereal):
def run(tshark):
"""Run the tests."""
global errors
protos, fields = gather_data(tethereal)
protos, fields = gather_data(tshark)
check_fields(fields)
@ -83,13 +83,13 @@ def run(tethereal):
def main():
"""Parse the command-line."""
usage = "%prog tethereal"
usage = "%prog tshark"
parser = OptionParser(usage=usage)
(options, args) = parser.parse_args()
if len(args) != 1:
parser.error("Need location of tethereal.")
parser.error("Need location of tshark.")
run(args[0])

View File

@ -2,15 +2,15 @@
#
# $Id$
# Fuzz-testing script for Tethereal
# Fuzz-testing script for TShark
#
# This script uses Editcap to add random errors ("fuzz") to a set of
# capture files specified on the command line. It runs Tethereal on
# capture files specified on the command line. It runs TShark on
# each fuzzed file and checks for errors. The files are processed
# repeatedly until an error is found.
# Tweak the following to your liking. Editcap must support "-E".
TETHEREAL=./tethereal
TSHARK=./tshark
EDITCAP=./editcap
CAPINFOS=./capinfos
@ -41,15 +41,15 @@ ulimit -c unlimited
### usually you won't have to change anything below this line ###
# Tethereal arguments (you won't have to change these)
# TShark arguments (you won't have to change these)
# n Disable network object name resolution
# V Print a view of the details of the packet rather than a one-line summary of the packet
# x Cause Tethereal to print a hex and ASCII dump of the packet data after printing the summary or details
# x Cause TShark to print a hex and ASCII dump of the packet data after printing the summary or details
# r Read packet data from the following infile
TETHEREAL_ARGS="-nVxr"
TSHARK_ARGS="-nVxr"
NOTFOUND=0
for i in "$TETHEREAL" "$EDITCAP" "$CAPINFOS" "$DATE" "$TMP_DIR" ; do
for i in "$TSHARK" "$EDITCAP" "$CAPINFOS" "$DATE" "$TMP_DIR" ; do
if [ ! -x $i ]; then
echo "Couldn't find $i"
NOTFOUND=1
@ -75,7 +75,7 @@ FIN
exit 1
fi
echo "Running $TETHEREAL with args: $TETHEREAL_ARGS"
echo "Running $TSHARK with args: $TSHARK_ARGS"
echo ""
# Not yet - properly handle empty filenames
@ -108,7 +108,7 @@ while [ 1 ] ; do
fi
fi
"$TETHEREAL" $TETHEREAL_ARGS $TMP_DIR/$TMP_FILE \
"$TSHARK" $TSHARK_ARGS $TMP_DIR/$TMP_FILE \
> /dev/null 2> $TMP_DIR/$ERR_FILE
RETVAL=$?
grep -i "dissector bug" $TMP_DIR/$ERR_FILE \

View File

@ -208,13 +208,13 @@ class CaptureFile:
"""Parses a single a capture file and keeps track of
all chat sessions in the file."""
def __init__(self, capture_filename, tethereal):
"""Run tethereal on the capture file and parse
def __init__(self, capture_filename, tshark):
"""Run tshark on the capture file and parse
the data."""
self.conversations = []
self.conversations_map = {}
pipe = os.popen(tethereal + " -Tpdml -n -R "
pipe = os.popen(tshark + " -Tpdml -n -R "
"'msnms contains \"X-MMS-IM-Format\"' "
"-r " + capture_filename, "r")
@ -253,14 +253,14 @@ class CaptureFile:
conv.CreateHTML(default_user)
def run_filename(filename, default_user, tethereal):
def run_filename(filename, default_user, tshark):
"""Process one capture file."""
capture = CaptureFile(filename, tethereal)
capture = CaptureFile(filename, tshark)
capture.CreateHTML(default_user)
def run(filenames, default_user, tethereal):
def run(filenames, default_user, tshark):
# HTML Header
print >> out_fh, """
<HTML><TITLE>MSN Conversation</TITLE>
@ -268,7 +268,7 @@ def run(filenames, default_user, tethereal):
<BODY>
"""
for filename in filenames:
run_filename(filename, default_user, tethereal)
run_filename(filename, default_user, tshark)
# HTML Footer
print >> out_fh, """
@ -281,13 +281,13 @@ def run(filenames, default_user, tethereal):
def usage():
print >> sys.stderr, "msnchat [OPTIONS] CAPTURE_FILE [...]"
print >> sys.stderr, " -o FILE name of output file"
print >> sys.stderr, " -t TETHEREAL location of tethereal binary"
print >> sys.stderr, " -t TSHARK location of tshark binary"
print >> sys.stderr, " -u USER name for unknown user"
sys.exit(1)
def main():
default_user = "Unknown"
tethereal = "tethereal"
tshark = "tshark"
optstring = "ho:t:u:"
longopts = ["help"]
@ -313,12 +313,12 @@ def main():
default_user = arg
elif opt == "-t":
tethereal = arg
tshark = arg
else:
sys.exit("Unhandled command-line option: " + opt)
run(args, default_user, tethereal)
run(args, default_user, tshark)
if __name__ == '__main__':
main()

View File

@ -1,6 +1,6 @@
#!/usr/bin/env python
"""
Retrieve a packet from a ethereal/tethereal core file
Retrieve a packet from a ethereal/tshark core file
and save it in a packet-capture file.
"""
@ -415,7 +415,7 @@ def usage():
print ""
print "\tGiven an executable file and a core file, this tool"
print "\tuses gdb to retrieve the packet that was being dissected"
print "\tat the time ethereal/tethereal stopped running. The packet"
print "\tat the time ethereal/tshark stopped running. The packet"
print "\tis saved in the capture_file specified by the -w option."
print ""
print "\t-v : verbose"

View File

@ -1,4 +1,4 @@
/* twireshark.c
/* tshark.c
*
* $Id$
*
@ -216,7 +216,7 @@ print_usage(gboolean print_ver)
if (print_ver) {
output = stdout;
fprintf(output,
"Twireshark " VERSION "%s\n"
"TShark " VERSION "%s\n"
"Dump and analyze network traffic.\n"
"See http://www.wireshark.com for more information.\n"
"\n"
@ -226,7 +226,7 @@ print_usage(gboolean print_ver)
output = stderr;
}
fprintf(output, "\n");
fprintf(output, "Usage: twireshark [options] ...\n");
fprintf(output, "Usage: tshark [options] ...\n");
fprintf(output, "\n");
#ifdef HAVE_LIBPCAP
@ -1030,7 +1030,7 @@ main(int argc, char *argv[])
}
break;
case 'v': /* Show version and exit */
printf("Twireshark " VERSION "%s\n"
printf("TShark " VERSION "%s\n"
"\n"
"%s"
"\n"
@ -1123,7 +1123,7 @@ main(int argc, char *argv[])
#ifndef HAVE_LIBPCAP
if (capture_option_specified)
cmdarg_err("This version of Twireshark was not built with support for capturing packets.");
cmdarg_err("This version of TShark was not built with support for capturing packets.");
#endif
if (arg_error) {
print_usage(FALSE);
@ -1385,7 +1385,7 @@ main(int argc, char *argv[])
/*
* Immediately relinquish any special privileges we have; we must not
* be allowed to read any capture files the user running Twireshark
* be allowed to read any capture files the user running TShark
* can't open.
*/
relinquish_special_privs_perm();
@ -1438,7 +1438,7 @@ main(int argc, char *argv[])
char *detailed_err;
cmdarg_err("WinPcap couldn't be found.");
detailed_err = cant_load_winpcap_err("Twireshark");
detailed_err = cant_load_winpcap_err("TShark");
cmdarg_err_cont("%s", detailed_err);
g_free(detailed_err);
exit(2);
@ -1481,7 +1481,7 @@ main(int argc, char *argv[])
}
#else
/* No - complain. */
cmdarg_err("This version of Twireshark was not built with support for capturing packets.");
cmdarg_err("This version of TShark was not built with support for capturing packets.");
exit(2);
#endif
}
@ -1981,13 +1981,13 @@ capture_cleanup(DWORD ctrltype _U_)
no other handler - such as one that would terminate the process -
gets called.
XXX - for some reason, typing ^C to Twireshark, if you run this in
XXX - for some reason, typing ^C to TShark, if you run this in
a Cygwin console window in at least some versions of Cygwin,
causes Twireshark to terminate immediately; this routine gets
causes TShark to terminate immediately; this routine gets
called, but the main loop doesn't get a chance to run and
exit cleanly, at least if this is compiled with Microsoft Visual
C++ (i.e., it's a property of the Cygwin console window or Bash;
it happens if Twireshark is not built with Cygwin - for all I know,
it happens if TShark is not built with Cygwin - for all I know,
building it with Cygwin may make the problem go away). */
ld.go = FALSE;
return TRUE;
@ -2130,7 +2130,7 @@ load_cap_file(capture_file *cf, char *save_file, int out_file_type)
switch (err) {
case WTAP_ERR_UNSUPPORTED_ENCAP:
cmdarg_err("\"%s\" has a packet with a network type that Twireshark doesn't support.\n(%s)",
cmdarg_err("\"%s\" has a packet with a network type that TShark doesn't support.\n(%s)",
cf->filename, err_info);
break;
@ -2334,7 +2334,7 @@ process_packet(capture_file *cf, long offset, const struct wtap_pkthdr *whdr,
tree for a single packet without waiting for anything to happen,
it should be as good as line-buffered mode if we're printing
protocol trees. (The whole reason for the "-l" flag in either
tcpdump or Twireshark is to allow the output of a live capture to
tcpdump or TShark is to allow the output of a live capture to
be piped to a program or script and to have that script see the
information for the packet as soon as it's printed, rather than
having to wait until a standard I/O buffer fills up. */
@ -2798,13 +2798,13 @@ cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
case WTAP_ERR_FILE_UNKNOWN_FORMAT:
/* Seen only when opening a capture file for reading. */
errmsg = "The file \"%s\" isn't a capture file in a format Twireshark understands.";
errmsg = "The file \"%s\" isn't a capture file in a format TShark understands.";
break;
case WTAP_ERR_UNSUPPORTED:
/* Seen only when opening a capture file for reading. */
g_snprintf(errmsg_errno, sizeof(errmsg_errno),
"The file \"%%s\" isn't a capture file in a format Twireshark understands.\n"
"The file \"%%s\" isn't a capture file in a format TShark understands.\n"
"(%s)", err_info);
g_free(err_info);
errmsg = errmsg_errno;
@ -2820,15 +2820,15 @@ cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
case WTAP_ERR_UNSUPPORTED_FILE_TYPE:
/* Seen only when opening a capture file for writing. */
errmsg = "Twireshark doesn't support writing capture files in that format.";
errmsg = "TShark doesn't support writing capture files in that format.";
break;
case WTAP_ERR_UNSUPPORTED_ENCAP:
if (for_writing)
errmsg = "Twireshark can't save this capture in that format.";
errmsg = "TShark can't save this capture in that format.";
else {
g_snprintf(errmsg_errno, sizeof(errmsg_errno),
"The file \"%%s\" is a capture for a network type that Twireshark doesn't support.\n"
"The file \"%%s\" is a capture for a network type that TShark doesn't support.\n"
"(%s)", err_info);
g_free(err_info);
errmsg = errmsg_errno;
@ -2837,9 +2837,9 @@ cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
case WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED:
if (for_writing)
errmsg = "Twireshark can't save this capture in that format.";
errmsg = "TShark can't save this capture in that format.";
else
errmsg = "The file \"%s\" is a capture for a network type that Twireshark doesn't support.";
errmsg = "The file \"%s\" is a capture for a network type that TShark doesn't support.";
break;
case WTAP_ERR_BAD_RECORD:
@ -2881,12 +2881,12 @@ cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
}
/*
* Open/create errors are reported with an console message in Twireshark.
* Open/create errors are reported with an console message in TShark.
*/
static void
open_failure_message(const char *filename, int err, gboolean for_writing)
{
fprintf(stderr, "twireshark: ");
fprintf(stderr, "tshark: ");
fprintf(stderr, file_open_error_message(err, for_writing), filename);
fprintf(stderr, "\n");
}
@ -2947,18 +2947,18 @@ fail:
/*
* General errors are reported with an console message in Twireshark.
* General errors are reported with an console message in TShark.
*/
static void
failure_message(const char *msg_format, va_list ap)
{
fprintf(stderr, "twireshark: ");
fprintf(stderr, "tshark: ");
vfprintf(stderr, msg_format, ap);
fprintf(stderr, "\n");
}
/*
* Read errors are reported with an console message in Twireshark.
* Read errors are reported with an console message in TShark.
*/
static void
read_failure_message(const char *filename, int err)
@ -2976,7 +2976,7 @@ cmdarg_err(const char *fmt, ...)
va_list ap;
va_start(ap, fmt);
fprintf(stderr, "twireshark: ");
fprintf(stderr, "tshark: ");
vfprintf(stderr, fmt, ap);
fprintf(stderr, "\n");
va_end(ap);

View File

@ -661,7 +661,7 @@ static void nettl_close(wtap *wth)
/* Returns 0 if we could write the specified encapsulation type,
an error indication otherwise. nettl files are WTAP_ENCAP_UNKNOWN
when they are first opened, so we allow that for tethereal read/write.
when they are first opened, so we allow that for tshark read/write.
*/
int nettl_dump_can_write_encap(int encap)