forked from osmocom/wireshark
Rename the main executable to "wireshark", along with more conversions:
ethereal.com -> wireshark.org mailing lists and addresses ETHEREAL -> WIRESHARK Man pages Automake/Autoconf names svn path=/trunk/; revision=18271
This commit is contained in:
parent
2fd928645b
commit
eb71f7fb96
2
AUTHORS
2
AUTHORS
|
@ -2,7 +2,7 @@
|
|||
|
||||
Original Author
|
||||
-------- ------
|
||||
Gerald Combs <gerald[AT]ethereal.com>
|
||||
Gerald Combs <gerald[AT]wireshark.org>
|
||||
|
||||
|
||||
Contributors
|
||||
|
|
32
FAQ
32
FAQ
|
@ -2,7 +2,7 @@
|
|||
The Wireshark FAQ
|
||||
|
||||
Note: This is just an ASCII snapshot of the faq and may not be up to
|
||||
date. Please go to http://www.ethereal.com/faq.html for the up
|
||||
date. Please go to http://www.wireshark.org/faq.html for the up
|
||||
to date version. The version of this snapshot can be found at
|
||||
the end of this document.
|
||||
|
||||
|
@ -237,9 +237,9 @@
|
|||
|
||||
Q 1.1: Where can I get help?
|
||||
|
||||
A: Community support is available on the ethereal-users mailing list.
|
||||
A: Community support is available on the wireshark-users mailing list.
|
||||
Subscription information and archives for all of Ethereal's mailing lists
|
||||
can be found at http://www.ethereal.com/lists. An IRC channel dedicated to
|
||||
can be found at http://www.wireshark.org/lists. An IRC channel dedicated to
|
||||
Ethereal can be found at irc://irc.freenode.net/ethereal.
|
||||
|
||||
Commercial support, training, and development services are available from
|
||||
|
@ -1080,7 +1080,7 @@ cies
|
|||
it means "we don't know whether it can capture on them"; we expect that it
|
||||
will be able to capture on many of them, but we haven't tried it ourselves -
|
||||
if you try one of those types and it works, please send an update to
|
||||
ethereal-web[AT]ethereal.com).
|
||||
wireshark-web[AT]wireshark.org).
|
||||
|
||||
It can also read a variety of capture file formats, including:
|
||||
* AG Group/WildPackets EtherPeek/TokenPeek/AiroPeek/EtherHelp/Packet
|
||||
|
@ -1177,12 +1177,12 @@ cies
|
|||
nonwithstanding; newer versions make it a bit clearer by giving that RPM a
|
||||
name starting with wireshark-base.
|
||||
|
||||
In those older versions, there's a separate ethereal-gnome RPM that includes
|
||||
In those older versions, there's a separate wireshark-gnome RPM that includes
|
||||
GUI components such as Ethereal itself, the fact that Ethereal doesn't use
|
||||
GNOME nonwithstanding; newer versions make it a bit clearer by giving that
|
||||
RPM a name starting with wireshark-gtk+.
|
||||
|
||||
Find the ethereal-gnome or ethereal-gtk+ RPM, and install that also.
|
||||
Find the wireshark-gnome or wireshark-gtk+ RPM, and install that also.
|
||||
|
||||
4. Building Ethereal
|
||||
|
||||
|
@ -1729,7 +1729,7 @@ cies
|
|||
that release, as, if there's a bug of that sort, it might've been fixed in a
|
||||
release after the one you're running. If the hang occurs in the most recent
|
||||
release of Ethereal, the bug should be reported to the Wireshark developers'
|
||||
mailing list at ethereal-dev@ethereal.com.
|
||||
mailing list at wireshark-dev@wireshark.org.
|
||||
|
||||
On UNIX-flavored OSes, please try to force Ethereal to dump core, by sending
|
||||
it a SIGABRT signal (usually signal 6) with the kill command, and then get a
|
||||
|
@ -1839,7 +1839,7 @@ cies
|
|||
mirror of the WinDump Web site for information on using WinDump.
|
||||
|
||||
You would run WinDump with the -D flag; if it lists the interface, please
|
||||
report this to ethereal-dev@ethereal.com giving full details of the problem,
|
||||
report this to wireshark-dev@wireshark.org giving full details of the problem,
|
||||
including
|
||||
* the operating system you're using, and the version of that operating
|
||||
system;
|
||||
|
@ -1862,7 +1862,7 @@ cies
|
|||
local mirror of the WinDump Web site for information on using WinDump.
|
||||
|
||||
If you can capture on the interface with WinDump, send mail to
|
||||
ethereal-users@ethereal.com giving full details of the problem, including
|
||||
wireshark-users@wireshark.org giving full details of the problem, including
|
||||
* the operating system you're using, and the version of that operating
|
||||
system;
|
||||
* the type of network device you're using;
|
||||
|
@ -1879,7 +1879,7 @@ cies
|
|||
there. If not, then see the WinPcap support page (or the local mirror of
|
||||
that page) - check the "Submitting bugs" section.
|
||||
|
||||
You may also want to ask the ethereal-users@ethereal.com and the
|
||||
You may also want to ask the wireshark-users@wireshark.org and the
|
||||
winpcap-users@winpcap.org mailing lists to see if anybody happens to know
|
||||
about the problem and know a workaround or fix for the problem. (Note that
|
||||
you will have to subscribe to that list in order to be allowed to mail to
|
||||
|
@ -2044,7 +2044,7 @@ cies
|
|||
|
||||
If the attempt to capture on it succeeds, the interface is somehow not being
|
||||
reported by the mechanism Ethereal uses to get a list of interfaces; please
|
||||
report this to ethereal-dev@ethereal.com giving full details of the problem,
|
||||
report this to wireshark-dev@wireshark.org giving full details of the problem,
|
||||
including
|
||||
* the operating system you're using, and the version of that operating
|
||||
system (for Linux, give both the version number of the kernel and the
|
||||
|
@ -2057,7 +2057,7 @@ cies
|
|||
that device with tcpdump.
|
||||
|
||||
If you can capture on the interface with tcpdump, send mail to
|
||||
ethereal-users@ethereal.com giving full details of the problem, including
|
||||
wireshark-users@wireshark.org giving full details of the problem, including
|
||||
* the operating system you're using, and the version of that operating
|
||||
system (for Linux, give both the version number of the kernel and the
|
||||
name and version number of the distribution you're using);
|
||||
|
@ -2074,7 +2074,7 @@ cies
|
|||
produces the OS (in the case of a Linux distribution, report the problem to
|
||||
whoever produces the distribution).
|
||||
|
||||
You may also want to ask the ethereal-users@ethereal.com and the
|
||||
You may also want to ask the wireshark-users@wireshark.org and the
|
||||
tcpdump-workers@tcpdump.org mailing lists to see if anybody happens to know
|
||||
about the problem and know a workaround or fix for the problem. In your
|
||||
mail, please give full details of the problem, as described above, and also
|
||||
|
@ -2187,7 +2187,7 @@ cies
|
|||
boring. Where can I find more interesting captures?
|
||||
|
||||
A: We have a collection of strange and exotic sample capture files at
|
||||
http://wiki.ethereal.com/SampleCaptures
|
||||
http://wiki.wireshark.org/SampleCaptures
|
||||
|
||||
Q 11.3: Why doesn't Ethereal correctly identify RTP packets? It shows them
|
||||
only as UDP.
|
||||
|
@ -2278,8 +2278,8 @@ cies
|
|||
detect various viruses, worms, and the like.
|
||||
|
||||
Please send support questions about Ethereal to the
|
||||
ethereal-users[AT]ethereal.com mailing list.
|
||||
wireshark-users[AT]wireshark.org mailing list.
|
||||
For corrections/additions/suggestions for this web page (and not Ethereal
|
||||
support questions), please send email to ethereal-web[AT]ethereal.com.
|
||||
support questions), please send email to wireshark-web[AT]wireshark.org.
|
||||
Last modified: Thu, February 23 2006.
|
||||
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.
|
||||
|
|
6
INSTALL
6
INSTALL
|
@ -100,7 +100,7 @@ README.win32 for those instructions.
|
|||
is built. Use this switch to avoid building it.
|
||||
|
||||
--disable-idl2wrs
|
||||
By default the IDL-to-ethereal-dissector-source-code converter
|
||||
By default the IDL-to-wireshark-dissector-source-code converter
|
||||
is built. Use this switch to avoid building it.
|
||||
|
||||
--enable-dftest
|
||||
|
@ -212,6 +212,6 @@ README.win32 for those instructions.
|
|||
to make an installable package for your system.
|
||||
|
||||
If you have trouble with the build or installation process, you can
|
||||
find assistance on the ethereal-users and ethereal-dev mailing lists.
|
||||
See http://www.ethereal.com/lists/ for details.
|
||||
find assistance on the wireshark-users and wireshark-dev mailing lists.
|
||||
See http://www.wireshark.org/lists/ for details.
|
||||
|
||||
|
|
84
Makefile.am
84
Makefile.am
|
@ -60,13 +60,13 @@ ACLOCAL_AMFLAGS = `./aclocal-flags`
|
|||
# automake will arrange that the Makefile define it as the union of all
|
||||
# the "man{section}_MANS" variables.
|
||||
#
|
||||
bin_PROGRAMS = @ethereal_bin@ @capinfos_bin@ @editcap_bin@ @mergecap_bin@ @tshark_bin@ @dftest_bin@ @randpkt_bin@ @text2pcap_bin@ @dumpcap_bin@
|
||||
bin_PROGRAMS = @wireshark_bin@ @capinfos_bin@ @editcap_bin@ @mergecap_bin@ @tshark_bin@ @dftest_bin@ @randpkt_bin@ @text2pcap_bin@ @dumpcap_bin@
|
||||
bin_SCRIPTS = @idl2wrs_bin@
|
||||
man1_MANS = @ethereal_man@ @capinfos_man@ @editcap_man@ @mergecap_man@ @tshark_man@ @text2pcap_man@ @dumpcap_man@ @idl2wrs_man@
|
||||
man4_MANS = @etherealfilter_man@
|
||||
man1_MANS = @wireshark_man@ @capinfos_man@ @editcap_man@ @mergecap_man@ @tshark_man@ @text2pcap_man@ @dumpcap_man@ @idl2wrs_man@
|
||||
man4_MANS = @wiresharkfilter_man@
|
||||
man_MANS =
|
||||
|
||||
EXTRA_PROGRAMS = ethereal tshark capinfos editcap mergecap dftest \
|
||||
EXTRA_PROGRAMS = wireshark tshark capinfos editcap mergecap dftest \
|
||||
randpkt text2pcap dumpcap
|
||||
EXTRA_SCRIPTS = idl2wrs
|
||||
|
||||
|
@ -77,8 +77,8 @@ idl2wrs: tools/idl2wrs.sh Makefile
|
|||
#
|
||||
# Ethereal configuration files are put in $(pkgdatadir).
|
||||
#
|
||||
pkgdata_DATA = AUTHORS-SHORT manuf ethereal.html tshark.html \
|
||||
ethereal-filter.html capinfos.html editcap.html \
|
||||
pkgdata_DATA = AUTHORS-SHORT manuf wireshark.html tshark.html \
|
||||
wireshark-filter.html capinfos.html editcap.html \
|
||||
idl2wrs.html mergecap.html text2pcap.html dumpcap.html \
|
||||
cfilters colorfilters dfilters
|
||||
|
||||
|
@ -265,27 +265,27 @@ plugin_ldadd =
|
|||
endif # HAVE_PLUGINS
|
||||
|
||||
# Optional objects that I know how to build. These will be
|
||||
# linked into the ethereal executable.
|
||||
# linked into the wireshark executable.
|
||||
# They will also be linked into the tshark executable; if this
|
||||
# list ever grows to include something that can't be linked with
|
||||
# tshark, or if tshark needs something that wireshark doesn't,
|
||||
# we should probably split this into stuff needed both
|
||||
# by wireshark and tshark and stuff needed only by one or the
|
||||
# other.
|
||||
ethereal_optional_objects = @GETOPT_O@ @SNPRINTF_O@ @STRERROR_O@ \
|
||||
wireshark_optional_objects = @GETOPT_O@ @SNPRINTF_O@ @STRERROR_O@ \
|
||||
@STRCASECMP_O@ @STRNCASECMP_O@ @MKSTEMP_O@ @STRPTIME_O@
|
||||
|
||||
# Additional libs that I know how to build. These will be
|
||||
# linked into the ethereal executable.
|
||||
ethereal_additional_libs = \
|
||||
# linked into the wireshark executable.
|
||||
wireshark_additional_libs = \
|
||||
gtk/libui.a \
|
||||
wiretap/libwiretap.la \
|
||||
epan/libwireshark.la
|
||||
|
||||
# This is the automake dependency variable for the executable
|
||||
ethereal_DEPENDENCIES = \
|
||||
$(ethereal_optional_objects) \
|
||||
$(ethereal_additional_libs) \
|
||||
wireshark_DEPENDENCIES = \
|
||||
$(wireshark_optional_objects) \
|
||||
$(wireshark_additional_libs) \
|
||||
$(plugin_libs)
|
||||
|
||||
# This automake variable adds to the link-line for the executable.
|
||||
|
@ -297,14 +297,14 @@ ethereal_DEPENDENCIES = \
|
|||
# applications are X applications).
|
||||
|
||||
if ENABLE_STATIC
|
||||
ethereal_LDFLAGS = -Wl,-static -all-static
|
||||
wireshark_LDFLAGS = -Wl,-static -all-static
|
||||
else
|
||||
ethereal_LDFLAGS = -export-dynamic
|
||||
wireshark_LDFLAGS = -export-dynamic
|
||||
endif
|
||||
|
||||
ethereal_LDADD = \
|
||||
$(ethereal_optional_objects) \
|
||||
$(ethereal_additional_libs) \
|
||||
wireshark_LDADD = \
|
||||
$(wireshark_optional_objects) \
|
||||
$(wireshark_additional_libs) \
|
||||
@SNMP_LIBS@ @SSL_LIBS@ \
|
||||
$(plugin_ldadd) \
|
||||
@PCRE_LIBS@ \
|
||||
|
@ -319,13 +319,13 @@ tshark_additional_libs = \
|
|||
|
||||
# This is the automake dependency variable for the executable
|
||||
tshark_DEPENDENCIES = \
|
||||
$(ethereal_optional_objects) \
|
||||
$(wireshark_optional_objects) \
|
||||
$(tshark_additional_libs) \
|
||||
$(plugin_libs)
|
||||
|
||||
# This automake variable adds to the link-line for the executable
|
||||
tshark_LDADD = \
|
||||
$(ethereal_optional_objects) \
|
||||
$(wireshark_optional_objects) \
|
||||
$(tshark_additional_libs) \
|
||||
@SNMP_LIBS@ @SSL_LIBS@ \
|
||||
$(plugin_ldadd) \
|
||||
|
@ -436,13 +436,13 @@ dftest_additional_libs = \
|
|||
epan/libwireshark.la
|
||||
|
||||
dftest_DEPENDENCIES = \
|
||||
$(ethereal_optional_objects) \
|
||||
$(wireshark_optional_objects) \
|
||||
$(dftest_additional_libs) \
|
||||
$(plugin_libs)
|
||||
|
||||
# This automake variable adds to the link-line for the executable
|
||||
dftest_LDADD = \
|
||||
$(ethereal_optional_objects) \
|
||||
$(wireshark_optional_objects) \
|
||||
$(dftest_additional_libs) \
|
||||
@SNMP_LIBS@ @SSL_LIBS@ \
|
||||
$(plugin_ldadd) \
|
||||
|
@ -552,8 +552,8 @@ EXTRA_DIST = \
|
|||
doc/capinfos.pod \
|
||||
doc/dfilter2pod.pl \
|
||||
doc/editcap.pod \
|
||||
doc/ethereal-filter.pod.template \
|
||||
doc/ethereal.pod \
|
||||
doc/wireshark-filter.pod.template \
|
||||
doc/wireshark.pod \
|
||||
doc/idl2wrs.pod \
|
||||
doc/mergecap.pod \
|
||||
doc/randpkt.txt \
|
||||
|
@ -565,9 +565,9 @@ EXTRA_DIST = \
|
|||
dumpcap.c \
|
||||
editcap.c \
|
||||
epan/libwireshark.def \
|
||||
ethereal_be.py \
|
||||
ethereal_gen.py \
|
||||
ethereal.desktop \
|
||||
wireshark_be.py \
|
||||
wireshark_gen.py \
|
||||
wireshark.desktop \
|
||||
image/Ethereal.icns \
|
||||
image/Makefile.nmake \
|
||||
image/README.image \
|
||||
|
@ -696,22 +696,22 @@ endif
|
|||
DIST_SUBDIRS = tools wiretap doc epan plugins packaging gtk help
|
||||
|
||||
if HAVE_PLUGINS
|
||||
SUBDIRS = tools wiretap doc epan plugins packaging help @ethereal_SUBDIRS@
|
||||
SUBDIRS = tools wiretap doc epan plugins packaging help @wireshark_SUBDIRS@
|
||||
else
|
||||
SUBDIRS = tools wiretap doc epan packaging help @ethereal_SUBDIRS@
|
||||
SUBDIRS = tools wiretap doc epan packaging help @wireshark_SUBDIRS@
|
||||
endif
|
||||
|
||||
ethereal.1: doc/ethereal.pod AUTHORS-SHORT-FORMAT
|
||||
wireshark.1: doc/wireshark.pod AUTHORS-SHORT-FORMAT
|
||||
(cd doc ; \
|
||||
$(MAKE) ../ethereal.1 )
|
||||
$(MAKE) ../wireshark.1 )
|
||||
|
||||
tshark.1: doc/tshark.pod
|
||||
(cd doc ; \
|
||||
$(MAKE) ../tshark.1 )
|
||||
|
||||
ethereal-filter.4: tshark doc/ethereal-filter.pod.template
|
||||
wireshark-filter.4: tshark doc/wireshark-filter.pod.template
|
||||
(cd doc ; \
|
||||
$(MAKE) ../ethereal-filter.4 )
|
||||
$(MAKE) ../wireshark-filter.4 )
|
||||
|
||||
capinfos.1: doc/capinfos.pod
|
||||
(cd doc ; \
|
||||
|
@ -737,17 +737,17 @@ dumpcap.1: doc/dumpcap.pod
|
|||
(cd doc ; \
|
||||
$(MAKE) ../dumpcap.1 )
|
||||
|
||||
ethereal.html: doc/ethereal.pod AUTHORS-SHORT-FORMAT
|
||||
wireshark.html: doc/wireshark.pod AUTHORS-SHORT-FORMAT
|
||||
(cd doc ; \
|
||||
$(MAKE) ../ethereal.html )
|
||||
$(MAKE) ../wireshark.html )
|
||||
|
||||
tshark.html: doc/tshark.pod
|
||||
(cd doc ; \
|
||||
$(MAKE) ../tshark.html )
|
||||
|
||||
ethereal-filter.html: tshark doc/ethereal-filter.pod.template
|
||||
wireshark-filter.html: tshark doc/wireshark-filter.pod.template
|
||||
(cd doc ; \
|
||||
$(MAKE) ../ethereal-filter.html )
|
||||
$(MAKE) ../wireshark-filter.html )
|
||||
|
||||
capinfos.html: doc/capinfos.pod
|
||||
(cd doc ; \
|
||||
|
@ -805,10 +805,10 @@ rpm-package: dist
|
|||
mkdir -p BUILD RPMS SOURCES ; \
|
||||
cd SOURCES ; \
|
||||
ln -s ../../../$(distdir).tar.gz ; \
|
||||
ln -s ../../../ethereal.desktop ; \
|
||||
ln -s ../../../wireshark.desktop ; \
|
||||
ln -s ../../../image/elogo3d64x64.png ethereal.png ; \
|
||||
cd .. ; \
|
||||
rpmbuild --define "_topdir `cd . && pwd`" -bb SPECS/ethereal.spec && \
|
||||
rpmbuild --define "_topdir `cd . && pwd`" -bb SPECS/wireshark.spec && \
|
||||
echo "Package successfully built in `pwd`/RPMS." ; \
|
||||
else \
|
||||
echo "Error: RPM executable and/or source directory not found." ; \
|
||||
|
@ -819,10 +819,10 @@ srpm-package: dist
|
|||
mkdir -p BUILD SRPMS SOURCES ; \
|
||||
cd SOURCES ; \
|
||||
ln -s ../../../$(distdir).tar.gz ; \
|
||||
ln -s ../../../ethereal.desktop ; \
|
||||
ln -s ../../../image/elogo3d64x64.png ethereal.png ; \
|
||||
ln -s ../../../wireshark.desktop ; \
|
||||
ln -s ../../../image/elogo3d64x64.png wireshark.png ; \
|
||||
cd .. ; \
|
||||
rpmbuild --define "_topdir `cd . && pwd`" -bs SPECS/ethereal.spec && \
|
||||
rpmbuild --define "_topdir `cd . && pwd`" -bs SPECS/wireshark.spec && \
|
||||
echo "Package successfully built in `pwd`/SRPMS." ; \
|
||||
else \
|
||||
echo "Error: RPM executable and/or source directory not found." ; \
|
||||
|
|
|
@ -45,7 +45,7 @@ GENERATED_C_FILES = \
|
|||
GENERATED_FILES = $(GENERATED_C_FILES) $(GENERATED_HEADER_FILES)
|
||||
|
||||
# sources common for ethereal and tshark
|
||||
ETHEREAL_COMMON_SRC = \
|
||||
WIRESHARK_COMMON_SRC = \
|
||||
$(PLATFORM_SRC) \
|
||||
capture_errs.c \
|
||||
capture-pcap-util.c \
|
||||
|
@ -65,7 +65,7 @@ ETHEREAL_COMMON_SRC = \
|
|||
version_info.c
|
||||
|
||||
# corresponding headers
|
||||
ETHEREAL_COMMON_INCLUDES = \
|
||||
WIRESHARK_COMMON_INCLUDES = \
|
||||
svnversion.h \
|
||||
capture_errs.h \
|
||||
capture-pcap-util.h \
|
||||
|
@ -118,7 +118,7 @@ TSHARK_TAP_SRC = \
|
|||
tap-wspstat.c
|
||||
|
||||
# helpers already available on some platforms (and on others not)
|
||||
EXTRA_ethereal_SOURCES = \
|
||||
EXTRA_wireshark_SOURCES = \
|
||||
getopt.c \
|
||||
mkstemp.c \
|
||||
snprintf.c \
|
||||
|
@ -128,7 +128,7 @@ EXTRA_ethereal_SOURCES = \
|
|||
strptime.c
|
||||
|
||||
# corresponding headers
|
||||
EXTRA_ethereal_INCLUDES = \
|
||||
EXTRA_wireshark_INCLUDES = \
|
||||
getopt.h \
|
||||
mkstemp.h \
|
||||
snprintf.h \
|
||||
|
@ -137,8 +137,8 @@ EXTRA_ethereal_INCLUDES = \
|
|||
strptime.h
|
||||
|
||||
# ethereal specifics
|
||||
ethereal_SOURCES = \
|
||||
$(ETHEREAL_COMMON_SRC) \
|
||||
wireshark_SOURCES = \
|
||||
$(WIRESHARK_COMMON_SRC) \
|
||||
alert_box.c \
|
||||
capture.c \
|
||||
capture_info.c \
|
||||
|
@ -156,7 +156,7 @@ ethereal_SOURCES = \
|
|||
tempfile.c
|
||||
|
||||
# corresponding headers
|
||||
ethereal_INCLUDES = \
|
||||
wireshark_INCLUDES = \
|
||||
alert_box.h \
|
||||
capture.h \
|
||||
capture_info.h \
|
||||
|
@ -183,7 +183,7 @@ ethereal_INCLUDES = \
|
|||
|
||||
# tshark specifics
|
||||
tshark_SOURCES = \
|
||||
$(ETHEREAL_COMMON_SRC) \
|
||||
$(WIRESHARK_COMMON_SRC) \
|
||||
$(TSHARK_TAP_SRC) \
|
||||
capture_opts.c \
|
||||
capture_loop.c \
|
||||
|
@ -234,6 +234,6 @@ dumpcap_SOURCES = \
|
|||
|
||||
# this target needed for distribution only
|
||||
noinst_HEADERS = \
|
||||
$(ETHEREAL_COMMON_INCLUDES) \
|
||||
$(ethereal_INCLUDES) \
|
||||
$(EXTRA_ethereal_INCLUDES)
|
||||
$(WIRESHARK_COMMON_INCLUDES) \
|
||||
$(wireshark_INCLUDES) \
|
||||
$(EXTRA_wireshark_INCLUDES)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
## Makefile for building ethereal.exe with Microsoft C and nmake
|
||||
## Makefile for building wireshark.exe with Microsoft C and nmake
|
||||
## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
|
||||
#
|
||||
# $Id$
|
||||
|
@ -28,7 +28,7 @@ PLATFORM_SRC = capture-wpcap.c capture_wpcap_packet.c
|
|||
|
||||
include Makefile.common
|
||||
|
||||
ethereal_OBJECTS = $(ethereal_SOURCES:.c=.obj)
|
||||
wireshark_OBJECTS = $(wireshark_SOURCES:.c=.obj)
|
||||
tshark_OBJECTS = $(tshark_SOURCES:.c=.obj)
|
||||
dftest_OBJECTS = $(dftest_SOURCES:.c=.obj)
|
||||
|
||||
|
@ -46,7 +46,7 @@ EXTRA_OBJECTS = \
|
|||
mkstemp.obj \
|
||||
strptime.obj
|
||||
|
||||
ethereal_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
|
||||
wireshark_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
|
||||
wsock32.lib user32.lib shell32.lib comctl32.lib \
|
||||
$(NET_SNMP_DIR)\win32\lib\release\netsnmp.lib \
|
||||
!IFDEF HHC_DIR
|
||||
|
@ -56,7 +56,7 @@ ethereal_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
|
|||
epan\libwireshark.lib \
|
||||
!ELSE
|
||||
epan\dissectors\dissectors.lib \
|
||||
epan\ethereal.lib \
|
||||
epan\wireshark.lib \
|
||||
epan\dfilter\dfilter.lib epan\ftypes\ftypes.lib \
|
||||
$(ADNS_LIBS) \
|
||||
$(PCRE_LIBS) \
|
||||
|
@ -73,7 +73,7 @@ tshark_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
|
|||
epan\libwireshark.lib \
|
||||
!ELSE
|
||||
epan\dissectors\dissectors.lib \
|
||||
epan\ethereal.lib \
|
||||
epan\wireshark.lib \
|
||||
epan\dfilter\dfilter.lib epan\ftypes\ftypes.lib \
|
||||
$(ADNS_LIBS) \
|
||||
$(PCRE_LIBS) \
|
||||
|
@ -105,7 +105,7 @@ dftest_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
|
|||
epan\libwireshark.lib \
|
||||
!ELSE
|
||||
epan\dissectors\dissectors.lib \
|
||||
epan\ethereal.lib \
|
||||
epan\wireshark.lib \
|
||||
epan\dfilter\dfilter.lib epan\ftypes\ftypes.lib \
|
||||
$(ADNS_LIBS) \
|
||||
$(PCRE_LIBS) \
|
||||
|
@ -118,10 +118,10 @@ randpkt_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
|
|||
$(GLIB_LIBS) \
|
||||
$(NET_SNMP_DIR)\win32\lib\release\netsnmp.lib
|
||||
|
||||
EXECUTABLES=ethereal.exe ethereal-gtk2.exe tshark.exe \
|
||||
EXECUTABLES=wireshark.exe wireshark-gtk2.exe tshark.exe \
|
||||
capinfos.exe editcap.exe mergecap.exe text2pcap.exe randpkt.exe dumpcap.exe
|
||||
|
||||
RESOURCES=image\ethereal.res image\libwireshark.res image\tshark.res \
|
||||
RESOURCES=image\wireshark.res image\libwireshark.res image\tshark.res \
|
||||
image\capinfos.res image\editcap.res image\mergecap.res \
|
||||
image\text2pcap.res image\wiretap.res image\dumpcap.res
|
||||
|
||||
|
@ -151,22 +151,22 @@ $(RESOURCES): image
|
|||
wiretap\wiretap-$(WTAP_VERSION).lib: wiretap
|
||||
|
||||
!IFNDEF GTK1_DIR
|
||||
ethereal.exe :
|
||||
wireshark.exe :
|
||||
!ELSE
|
||||
ethereal.exe : config.h svnversion.h $(ethereal_OBJECTS) $(command_line_OBJECTS) epan gtk image\ethereal.res wiretap\wiretap-$(WTAP_VERSION).lib gtk\libui.lib plugins
|
||||
wireshark.exe : config.h svnversion.h $(wireshark_OBJECTS) $(command_line_OBJECTS) epan gtk image\wireshark.res wiretap\wiretap-$(WTAP_VERSION).lib gtk\libui.lib plugins
|
||||
@echo Linking $@
|
||||
$(LINK) @<<
|
||||
/OUT:ethereal.exe $(guiflags) $(guilibsdll) $(LDFLAGS) /SUBSYSTEM:windows $(ethereal_LIBS) $(GTK1_LIBS) gtk\libui.lib $(ethereal_OBJECTS) image\ethereal.res
|
||||
/OUT:wireshark.exe $(guiflags) $(guilibsdll) $(LDFLAGS) /SUBSYSTEM:windows $(wireshark_LIBS) $(GTK1_LIBS) gtk\libui.lib $(wireshark_OBJECTS) image\wireshark.res
|
||||
<<
|
||||
!ENDIF
|
||||
|
||||
!IFNDEF GTK2_DIR
|
||||
ethereal-gtk2.exe :
|
||||
wireshark-gtk2.exe :
|
||||
!ELSE
|
||||
ethereal-gtk2.exe : config.h svnversion.h $(ethereal_OBJECTS) $(command_line_OBJECTS) epan gtk2 image\ethereal.res wiretap\wiretap-$(WTAP_VERSION).lib gtk2.tmp\libui.lib plugins
|
||||
wireshark-gtk2.exe : config.h svnversion.h $(wireshark_OBJECTS) $(command_line_OBJECTS) epan gtk2 image\wireshark.res wiretap\wiretap-$(WTAP_VERSION).lib gtk2.tmp\libui.lib plugins
|
||||
@echo Linking $@
|
||||
$(LINK) @<<
|
||||
/OUT:ethereal-gtk2.exe $(guiflags) $(guilibsdll) $(LDFLAGS) /SUBSYSTEM:windows $(ethereal_LIBS) $(GTK2_LIBS) gtk2.tmp\libui.lib $(ethereal_OBJECTS) image\ethereal.res
|
||||
/OUT:wireshark-gtk2.exe $(guiflags) $(guilibsdll) $(LDFLAGS) /SUBSYSTEM:windows $(wireshark_LIBS) $(GTK2_LIBS) gtk2.tmp\libui.lib $(wireshark_OBJECTS) image\wireshark.res
|
||||
<<
|
||||
!ENDIF
|
||||
|
||||
|
@ -287,7 +287,7 @@ gtk2_distclean:
|
|||
if exist gtk2.tmp rmdir gtk2.tmp
|
||||
|
||||
clean: gtk2_distclean
|
||||
rm -f $(ethereal_OBJECTS) $(tshark_OBJECTS) $(EXTRA_OBJECTS) \
|
||||
rm -f $(wireshark_OBJECTS) $(tshark_OBJECTS) $(EXTRA_OBJECTS) \
|
||||
$(EXECUTABLES) $(PDB_FILE) \
|
||||
capinfos.obj editcap.obj mergecap.obj text2pcap.obj getopt.obj\
|
||||
text2pcap-scanner.obj text2pcap-scanner.c rdps.obj \
|
||||
|
@ -604,12 +604,12 @@ clean_setup:
|
|||
rm -r -f $(WIRESHARK_LIBS)/gtk-wimp
|
||||
|
||||
################################################################################
|
||||
# Prepare the source tree for running (t)ethereal directly from there.
|
||||
# Prepare the source tree for running (t)wireshark directly from there.
|
||||
################################################################################
|
||||
|
||||
# "install-deps" will copy all dlls needed to run (t)ethereal
|
||||
# to the source tree, so you can run (t)ethereal directly from there.
|
||||
# Note that the gtk2 version of ethereal is called ethereal-gtk2.exe
|
||||
# "install-deps" will copy all dlls needed to run (t)wireshark
|
||||
# to the source tree, so you can run (t)wireshark directly from there.
|
||||
# Note that the gtk2 version of wireshark is called wireshark-gtk2.exe
|
||||
|
||||
install-deps: clean-deps install-gtk1-deps install-gtk2-deps
|
||||
cd plugins
|
||||
|
|
60
README.win32
60
README.win32
|
@ -6,7 +6,7 @@ These are the instructions for installing Ethereal
|
|||
from the installation executable that is provided on
|
||||
the Wireshark website at:
|
||||
|
||||
http://www.ethereal.com/distribution/win32
|
||||
http://www.wireshark.org/download/win32
|
||||
|
||||
and any of its mirrors.
|
||||
|
||||
|
@ -96,7 +96,7 @@ Developer's Guide
|
|||
You can find a comprehensive guide how to develop Ethereal in the
|
||||
Developer's Guide, which you can find (and much more info) at:
|
||||
|
||||
http://wiki.ethereal.com/Development
|
||||
http://wiki.wireshark.org/Development
|
||||
|
||||
The guide contains detailed information how to setup the development
|
||||
environment and it's usage.
|
||||
|
@ -153,7 +153,7 @@ This will first check the availability of all required tools and then uses
|
|||
the tool wget to download each package file (together around 30MB!) from the
|
||||
server location at:
|
||||
|
||||
http://anonsvn.ethereal.com/ethereal-win32-libs/trunk/packages/
|
||||
http://anonsvn.wireshark.org/wireshark-win32-libs/trunk/packages/
|
||||
|
||||
and unpack it in the $WIRESHARK_LIBS directory.
|
||||
|
||||
|
@ -174,7 +174,7 @@ packages contain header files and stub libraries to link against.
|
|||
|
||||
PRECOMPILED VERSIONS OF ALL OF THESE PACKAGES ARE AVAILABLE AT:
|
||||
|
||||
http://anonsvn.ethereal.com/ethereal-win32-libs/trunk/packages/
|
||||
http://anonsvn.wireshark.org/wireshark-win32-libs/trunk/packages/
|
||||
|
||||
|
||||
The GLIB, GTK+, iconv, gettext packages for win32 can be found at the home
|
||||
|
@ -207,7 +207,7 @@ The optional zlib package for win32 is available at its homepage:
|
|||
|
||||
|
||||
By default, the build process looks for these packages in
|
||||
C:\ethereal-win32-libs. You can place them in a different directory, but
|
||||
C:\wireshark-win32-libs. You can place them in a different directory, but
|
||||
you must update the WIRESHARK_LIBS variable in config.nmake accordingly.
|
||||
|
||||
The following lists the packages needed to compile Ethereal and the default
|
||||
|
@ -215,28 +215,28 @@ locations where to unpack them, when the above method isn't used.
|
|||
|
||||
Package Default Location
|
||||
------- ----------------
|
||||
glib-2.4.7.zip C:\ethereal-win32-libs\glib
|
||||
glib-dev-2.4.7.zip C:\ethereal-win32-libs\glib
|
||||
gtk+-1.3.0-20030717.zip C:\ethereal-win32-libs\gtk+
|
||||
gtk+-dev-1.3.0-20030115.zip C:\ethereal-win32-libs\gtk+
|
||||
libiconv-1.9.1.bin.woe32.zip C:\ethereal-win32-libs\libiconv-1.9.1.bin.woe32
|
||||
gettext-runtime-0.13.1.zip C:\ethereal-win32-libs\gettext-runtime-0.13.1
|
||||
net-snmp-5.2.1.2.zip C:\ethereal-win32-libs
|
||||
wpdpack_3_0.zip C:\ethereal-win32-libs
|
||||
glib-2.4.7.zip C:\wireshark-win32-libs\glib
|
||||
glib-dev-2.4.7.zip C:\wireshark-win32-libs\glib
|
||||
gtk+-1.3.0-20030717.zip C:\wireshark-win32-libs\gtk+
|
||||
gtk+-dev-1.3.0-20030115.zip C:\wireshark-win32-libs\gtk+
|
||||
libiconv-1.9.1.bin.woe32.zip C:\wireshark-win32-libs\libiconv-1.9.1.bin.woe32
|
||||
gettext-runtime-0.13.1.zip C:\wireshark-win32-libs\gettext-runtime-0.13.1
|
||||
net-snmp-5.2.1.2.zip C:\wireshark-win32-libs
|
||||
wpdpack_3_0.zip C:\wireshark-win32-libs
|
||||
|
||||
and optional:
|
||||
|
||||
adns-1.0-win32-04.zip C:\ethereal-win32-libs
|
||||
pcre-4.4.zip C:\ethereal-win32-libs
|
||||
zlib123-dll.zip C:\ethereal-win32-libs\zlib123-dll
|
||||
adns-1.0-win32-04.zip C:\wireshark-win32-libs
|
||||
pcre-4.4.zip C:\wireshark-win32-libs
|
||||
zlib123-dll.zip C:\wireshark-win32-libs\zlib123-dll
|
||||
|
||||
(to use the default locations, the directories in question should be
|
||||
created, and each zip file should be unpacked into the corresponding
|
||||
directory). If you only want to change the C:\ethereal-win32-libs
|
||||
directory). If you only want to change the C:\wireshark-win32-libs
|
||||
part, you just change the setting of WIRESHARK_LIBS in config.nmake; if
|
||||
you want to change subdirectories, you'll have to change the individual
|
||||
item for a package. (Note that some zip files create the subdirectory -
|
||||
those zip files just have C:\ethereal-win32-libs in the list above - so
|
||||
those zip files just have C:\wireshark-win32-libs in the list above - so
|
||||
if you don't want the package to be in that subdirectory, you'd have to
|
||||
rename the directory.)
|
||||
|
||||
|
@ -254,7 +254,7 @@ GTK+2 will look better in various ways, especially for WIN32 users.
|
|||
|
||||
You can get the required libraries from:
|
||||
|
||||
http://www.ethereal.com/distribution/win32/development/gtk2
|
||||
http://www.wireshark.org/distribution/win32/development/gtk2
|
||||
|
||||
or (like the GTK+1 libraries from the GTK+ for Win32 project):
|
||||
|
||||
|
@ -264,16 +264,16 @@ If you want to try a build with GTK+2.x these Extra libraries are needed
|
|||
|
||||
Package Default Location
|
||||
------- ----------------
|
||||
gtk+-2.4.14.zip C:\ethereal-win32-libs\gtk2
|
||||
gtk+-dev-2.4.14.zip C:\ethereal-win32-libs\gtk2
|
||||
pango-1.4.1.zip C:\ethereal-win32-libs\gtk2
|
||||
pango-dev-1.4.1.zip C:\ethereal-win32-libs\gtk2
|
||||
atk-1.6.0.zip C:\ethereal-win32-libs\gtk2
|
||||
atk-dev-1.6.0.zip C:\ethereal-win32-libs\gtk2
|
||||
gtk+-2.4.14.zip C:\wireshark-win32-libs\gtk2
|
||||
gtk+-dev-2.4.14.zip C:\wireshark-win32-libs\gtk2
|
||||
pango-1.4.1.zip C:\wireshark-win32-libs\gtk2
|
||||
pango-dev-1.4.1.zip C:\wireshark-win32-libs\gtk2
|
||||
atk-1.6.0.zip C:\wireshark-win32-libs\gtk2
|
||||
atk-dev-1.6.0.zip C:\wireshark-win32-libs\gtk2
|
||||
|
||||
and optional:
|
||||
|
||||
gtk-wimp-0.7.0-bin.zip C:\ethereal-win32-libs\gtk-wimp
|
||||
gtk-wimp-0.7.0-bin.zip C:\wireshark-win32-libs\gtk-wimp
|
||||
|
||||
Be sure to set GTK2_DIR in config.nmake correct, to be able to compile.
|
||||
|
||||
|
@ -381,7 +381,7 @@ make-reg-dotc.py, packet*.c register.c Python
|
|||
|
||||
make-tapreg-dotc, tap-*.c tshark-tap-register.c
|
||||
Bash + grep + sed
|
||||
make-tapreg-dotc, tap files gtk/ethereal-tap-register.c
|
||||
make-tapreg-dotc, tap files gtk/wireshark-tap-register.c
|
||||
in the gtk subdirectory Bash + grep + sed
|
||||
|
||||
The Makefile.nmake supplied with the Wireshark distribution will, if
|
||||
|
@ -434,7 +434,7 @@ and for a much smaller installer (using the lzma compression).
|
|||
In the ethereal directory, type "nmake -f makefile.nmake packaging" to build the installer.
|
||||
Please be patient while the compression is done, it will take some time even on fast machines.
|
||||
|
||||
You will hopefully now see something like ethereal-setup-0.10.12.exe in the dir packaging/nsis.
|
||||
You will hopefully now see something like wireshark-setup-0.10.12.exe in the dir packaging/nsis.
|
||||
|
||||
|
||||
Installing GTK-Wimp
|
||||
|
@ -542,7 +542,7 @@ To get it running, execute the following steps:
|
|||
$ make check
|
||||
$ make install
|
||||
|
||||
5. Patch Makefile.am in <ethereal-src>/gtk/Makefile.am by
|
||||
5. Patch Makefile.am in <wireshark-src>/gtk/Makefile.am by
|
||||
removing "ethclist.c" from the dependencies.
|
||||
|
||||
This patch is required since the private GTK+ clist widget
|
||||
|
@ -567,7 +567,7 @@ To get it running, execute the following steps:
|
|||
|
||||
8. Run wireshark (add /opt/gnome/bin to $PATH if this is not yet done)
|
||||
|
||||
$ <ethereal-src>/ethereal
|
||||
$ <wireshark-src>/ethereal
|
||||
|
||||
And voila! Behold the mighty sniffer in all its glory!
|
||||
|
||||
|
|
202
acinclude.m4
202
acinclude.m4
|
@ -51,7 +51,7 @@ dnl Franc,ois Pinard, Karl Berry, Richard Pixley, Ian Lance Taylor,
|
|||
dnl Roland McGrath, Noah Friedman, david d zuhn, and many others.
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_ADD_DASH_L
|
||||
# AC_WIRESHARK_ADD_DASH_L
|
||||
#
|
||||
# Add to the variable specified as the first argument a "-L" flag for the
|
||||
# directory specified as the second argument, and, on Solaris, add a
|
||||
|
@ -60,7 +60,7 @@ dnl Roland McGrath, Noah Friedman, david d zuhn, and many others.
|
|||
# XXX - IRIX, and other OSes, may require some flag equivalent to
|
||||
# "-R" here.
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_ADD_DASH_L],
|
||||
AC_DEFUN([AC_WIRESHARK_ADD_DASH_L],
|
||||
[$1="$$1 -L$2"
|
||||
case "$host_os" in
|
||||
solaris*)
|
||||
|
@ -71,23 +71,23 @@ esac
|
|||
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_STRUCT_SA_LEN
|
||||
# AC_WIRESHARK_STRUCT_SA_LEN
|
||||
#
|
||||
dnl AC_STRUCT_ST_BLKSIZE extracted from the file in question,
|
||||
dnl "acspecific.m4" in GNU Autoconf 2.12, and turned into
|
||||
dnl AC_ETHEREAL_STRUCT_SA_LEN, which checks if "struct sockaddr"
|
||||
dnl AC_WIRESHARK_STRUCT_SA_LEN, which checks if "struct sockaddr"
|
||||
dnl has the 4.4BSD "sa_len" member, and defines HAVE_SA_LEN; that's
|
||||
dnl what's in this file.
|
||||
dnl Done by Guy Harris <guy@alum.mit.edu> on 1998-11-14.
|
||||
|
||||
dnl ### Checks for structure members
|
||||
|
||||
AC_DEFUN([AC_ETHEREAL_STRUCT_SA_LEN],
|
||||
[AC_CACHE_CHECK([for sa_len in struct sockaddr], ac_cv_ethereal_struct_sa_len,
|
||||
AC_DEFUN([AC_WIRESHARK_STRUCT_SA_LEN],
|
||||
[AC_CACHE_CHECK([for sa_len in struct sockaddr], ac_cv_wireshark_struct_sa_len,
|
||||
[AC_TRY_COMPILE([#include <sys/types.h>
|
||||
#include <sys/socket.h>], [struct sockaddr s; s.sa_len;],
|
||||
ac_cv_ethereal_struct_sa_len=yes, ac_cv_ethereal_struct_sa_len=no)])
|
||||
if test $ac_cv_ethereal_struct_sa_len = yes; then
|
||||
ac_cv_wireshark_struct_sa_len=yes, ac_cv_wireshark_struct_sa_len=no)])
|
||||
if test $ac_cv_wireshark_struct_sa_len = yes; then
|
||||
AC_DEFINE(HAVE_SA_LEN, 1, [Define if sa_len field exists in struct sockaddr])
|
||||
fi
|
||||
])
|
||||
|
@ -96,7 +96,7 @@ fi
|
|||
dnl
|
||||
dnl Check whether a given format can be used to print 64-bit integers
|
||||
dnl
|
||||
AC_DEFUN([AC_ETHEREAL_CHECK_64BIT_FORMAT],
|
||||
AC_DEFUN([AC_WIRESHARK_CHECK_64BIT_FORMAT],
|
||||
[
|
||||
AC_MSG_CHECKING([whether %$1x can be used to format 64-bit integers])
|
||||
AC_RUN_IFELSE(
|
||||
|
@ -137,11 +137,11 @@ AC_DEFUN([AC_ETHEREAL_CHECK_64BIT_FORMAT],
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_IPV6_STACK
|
||||
# AC_WIRESHARK_IPV6_STACK
|
||||
#
|
||||
# By Jun-ichiro "itojun" Hagino, <itojun@iijlab.net>
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_IPV6_STACK],
|
||||
AC_DEFUN([AC_WIRESHARK_IPV6_STACK],
|
||||
[
|
||||
v6type=unknown
|
||||
v6lib=none
|
||||
|
@ -243,7 +243,7 @@ yes
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_GETHOSTBY_LIB_CHECK
|
||||
# AC_WIRESHARK_GETHOSTBY_LIB_CHECK
|
||||
#
|
||||
# Checks whether we need "-lnsl" to get "gethostby*()", which we use
|
||||
# in "resolv.c".
|
||||
|
@ -252,7 +252,7 @@ yes
|
|||
# GNU Autoconf 2.13; the comment came from there.
|
||||
# Done by Guy Harris <guy@alum.mit.edu> on 2000-01-14.
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_GETHOSTBY_LIB_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_GETHOSTBY_LIB_CHECK],
|
||||
[
|
||||
# msh@cis.ufl.edu says -lnsl (and -lsocket) are needed for his 386/AT,
|
||||
# to get the SysV transport functions.
|
||||
|
@ -266,7 +266,7 @@ AC_DEFUN([AC_ETHEREAL_GETHOSTBY_LIB_CHECK],
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_SOCKET_LIB_CHECK
|
||||
# AC_WIRESHARK_SOCKET_LIB_CHECK
|
||||
#
|
||||
# Checks whether we need "-lsocket" to get "socket()", which is used
|
||||
# by libpcap on some platforms - and, in effect, "gethostby*()" on
|
||||
|
@ -279,7 +279,7 @@ AC_DEFUN([AC_ETHEREAL_GETHOSTBY_LIB_CHECK],
|
|||
#
|
||||
# We use "connect" because that's what AC_PATH_XTRA did.
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_SOCKET_LIB_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_SOCKET_LIB_CHECK],
|
||||
[
|
||||
# lieder@skyler.mavd.honeywell.com says without -lsocket,
|
||||
# socket/setsockopt and other routines are undefined under SCO ODT
|
||||
|
@ -295,9 +295,9 @@ AC_DEFUN([AC_ETHEREAL_SOCKET_LIB_CHECK],
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_PCAP_CHECK
|
||||
# AC_WIRESHARK_PCAP_CHECK
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_PCAP_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_PCAP_CHECK],
|
||||
[
|
||||
if test -z "$pcap_dir"
|
||||
then
|
||||
|
@ -355,7 +355,7 @@ AC_DEFUN([AC_ETHEREAL_PCAP_CHECK],
|
|||
#
|
||||
CFLAGS="$CFLAGS -I$pcap_dir/include"
|
||||
CPPFLAGS="$CPPFLAGS -I$pcap_dir/include"
|
||||
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, $pcap_dir/lib)
|
||||
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, $pcap_dir/lib)
|
||||
fi
|
||||
|
||||
# Pcap header check
|
||||
|
@ -375,7 +375,7 @@ and did you also install that package?]]))
|
|||
PCAP_LIBS=-lpcap
|
||||
AC_DEFINE(HAVE_LIBPCAP, 1, [Define to use libpcap library])
|
||||
], [
|
||||
ac_ethereal_extras_found=no
|
||||
ac_wireshark_extras_found=no
|
||||
ac_save_LIBS="$LIBS"
|
||||
for extras in "-lcfg -lodm" "-lpfring"
|
||||
do
|
||||
|
@ -392,7 +392,7 @@ and did you also install that package?]]))
|
|||
pcap_open_live(NULL, 0, 0, 0, NULL);
|
||||
],
|
||||
[
|
||||
ac_ethereal_extras_found=yes
|
||||
ac_wireshark_extras_found=yes
|
||||
AC_MSG_RESULT([yes])
|
||||
PCAP_LIBS="-lpcap $extras"
|
||||
AC_DEFINE(HAVE_LIBPCAP, 1, [Define to use libpcap library])
|
||||
|
@ -400,12 +400,12 @@ and did you also install that package?]]))
|
|||
[
|
||||
AC_MSG_RESULT([no])
|
||||
])
|
||||
if test x$ac_ethereal_extras_found = xyes
|
||||
if test x$ac_wireshark_extras_found = xyes
|
||||
then
|
||||
break
|
||||
fi
|
||||
done
|
||||
if test x$ac_ethereal_extras_found = xno
|
||||
if test x$ac_wireshark_extras_found = xno
|
||||
then
|
||||
AC_MSG_ERROR([Can't link with library libpcap.])
|
||||
fi
|
||||
|
@ -493,9 +493,9 @@ and did you also install that package?]]))
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_ZLIB_CHECK
|
||||
# AC_WIRESHARK_ZLIB_CHECK
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_ZLIB_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_ZLIB_CHECK],
|
||||
[
|
||||
if test "x$zlib_dir" != "x"
|
||||
then
|
||||
|
@ -511,12 +511,12 @@ AC_DEFUN([AC_ETHEREAL_ZLIB_CHECK],
|
|||
# as the compiler and/or linker will search that other
|
||||
# directory before it searches the specified directory.
|
||||
#
|
||||
ethereal_save_CFLAGS="$CFLAGS"
|
||||
wireshark_save_CFLAGS="$CFLAGS"
|
||||
CFLAGS="$CFLAGS -I$zlib_dir/include"
|
||||
ethereal_save_CPPFLAGS="$CPPFLAGS"
|
||||
wireshark_save_CPPFLAGS="$CPPFLAGS"
|
||||
CPPFLAGS="$CPPFLAGS -I$zlib_dir/include"
|
||||
ethereal_save_LIBS="$LIBS"
|
||||
AC_ETHEREAL_ADD_DASH_L(LIBS, $zlib_dir/lib)
|
||||
wireshark_save_LIBS="$LIBS"
|
||||
AC_WIRESHARK_ADD_DASH_L(LIBS, $zlib_dir/lib)
|
||||
fi
|
||||
|
||||
#
|
||||
|
@ -589,8 +589,8 @@ AC_DEFUN([AC_ETHEREAL_ZLIB_CHECK],
|
|||
# LIBS.
|
||||
#
|
||||
LIBS=""
|
||||
AC_ETHEREAL_ADD_DASH_L(LIBS, $zlib_dir/lib)
|
||||
LIBS="$LIBS -lz $ethereal_save_LIBS"
|
||||
AC_WIRESHARK_ADD_DASH_L(LIBS, $zlib_dir/lib)
|
||||
LIBS="$LIBS -lz $wireshark_save_LIBS"
|
||||
else
|
||||
LIBS="-lz $LIBS"
|
||||
fi
|
||||
|
@ -605,9 +605,9 @@ AC_DEFUN([AC_ETHEREAL_ZLIB_CHECK],
|
|||
# zlib there, or didn't find a zlib that
|
||||
# contains gzgets there.
|
||||
#
|
||||
CFLAGS="$ethereal_save_CFLAGS"
|
||||
CPPFLAGS="$ethereal_save_CPPFLAGS"
|
||||
LIBS="$ethereal_save_LIBS"
|
||||
CFLAGS="$wireshark_save_CFLAGS"
|
||||
CPPFLAGS="$wireshark_save_CPPFLAGS"
|
||||
LIBS="$wireshark_save_LIBS"
|
||||
fi
|
||||
want_zlib=no
|
||||
])
|
||||
|
@ -647,9 +647,9 @@ AC_DEFUN([AC_ETHEREAL_ZLIB_CHECK],
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_LIBPCRE_CHECK
|
||||
# AC_WIRESHARK_LIBPCRE_CHECK
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_LIBPCRE_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_LIBPCRE_CHECK],
|
||||
[
|
||||
if test "x$pcre_dir" != "x"
|
||||
then
|
||||
|
@ -665,13 +665,13 @@ AC_DEFUN([AC_ETHEREAL_LIBPCRE_CHECK],
|
|||
# as the compiler and/or linker will search that other
|
||||
# directory before it searches the specified directory.
|
||||
#
|
||||
ethereal_save_CFLAGS="$CFLAGS"
|
||||
wireshark_save_CFLAGS="$CFLAGS"
|
||||
CFLAGS="$CFLAGS -I$pcre_dir/include"
|
||||
ethereal_save_CPPFLAGS="$CPPFLAGS"
|
||||
wireshark_save_CPPFLAGS="$CPPFLAGS"
|
||||
CPPFLAGS="$CPPFLAGS -I$pcre_dir/include"
|
||||
ethereal_save_LIBS="$LIBS"
|
||||
wireshark_save_LIBS="$LIBS"
|
||||
LIBS="$LIBS -lpcre"
|
||||
ethereal_save_LDFLAGS="$LDFLAGS"
|
||||
wireshark_save_LDFLAGS="$LDFLAGS"
|
||||
LDFLAGS="$LDFLAGS -L$pcre_dir/lib"
|
||||
fi
|
||||
|
||||
|
@ -726,7 +726,7 @@ AC_DEFUN([AC_ETHEREAL_LIBPCRE_CHECK],
|
|||
# the beginning of CFLAGS, CPPFLAGS,
|
||||
# LDFLAGS, and LIBS.
|
||||
#
|
||||
PCRE_LIBS="-L$pcre_dir/lib -lpcre $ethereal_save_LIBS"
|
||||
PCRE_LIBS="-L$pcre_dir/lib -lpcre $wireshark_save_LIBS"
|
||||
else
|
||||
PCRE_LIBS="-lpcre"
|
||||
fi
|
||||
|
@ -740,10 +740,10 @@ AC_DEFUN([AC_ETHEREAL_LIBPCRE_CHECK],
|
|||
# "--with-pcre=" directory, as we didn't
|
||||
# actually find pcre there.
|
||||
#
|
||||
CFLAGS="$ethereal_save_CFLAGS"
|
||||
CPPFLAGS="$ethereal_save_CPPFLAGS"
|
||||
LDFLAGS="$ethereal_save_LDFLAGS"
|
||||
LIBS="$ethereal_save_LIBS"
|
||||
CFLAGS="$wireshark_save_CFLAGS"
|
||||
CPPFLAGS="$wireshark_save_CPPFLAGS"
|
||||
LDFLAGS="$wireshark_save_LDFLAGS"
|
||||
LIBS="$wireshark_save_LIBS"
|
||||
PCRE_LIBS=""
|
||||
fi
|
||||
want_pcre=no
|
||||
|
@ -753,9 +753,9 @@ AC_DEFUN([AC_ETHEREAL_LIBPCRE_CHECK],
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_LIBLUA_CHECK
|
||||
# AC_WIRESHARK_LIBLUA_CHECK
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
|
||||
AC_DEFUN([AC_WIRESHARK_LIBLUA_CHECK],[
|
||||
|
||||
if test "x$lua_dir" != "x"
|
||||
then
|
||||
|
@ -771,23 +771,23 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
|
|||
# as the compiler and/or linker will search that other
|
||||
# directory before it searches the specified directory.
|
||||
#
|
||||
ethereal_save_CFLAGS="$CFLAGS"
|
||||
wireshark_save_CFLAGS="$CFLAGS"
|
||||
CFLAGS="$CFLAGS -I$lua_dir/include"
|
||||
ethereal_save_CPPFLAGS="$CPPFLAGS"
|
||||
wireshark_save_CPPFLAGS="$CPPFLAGS"
|
||||
CPPFLAGS="$CPPFLAGS -I$lua_dir/include"
|
||||
ethereal_save_LIBS="$LIBS"
|
||||
wireshark_save_LIBS="$LIBS"
|
||||
LIBS="$LIBS -L$lua_dir/lib -llua"
|
||||
ethereal_save_LDFLAGS="$LDFLAGS"
|
||||
wireshark_save_LDFLAGS="$LDFLAGS"
|
||||
LDFLAGS="$LDFLAGS -L$lua_dir/lib"
|
||||
else
|
||||
#
|
||||
# The user specified no directory in which liblua resides,
|
||||
# so just add "-llua -lliblua" to the used libs.
|
||||
#
|
||||
ethereal_save_CFLAGS="$CFLAGS"
|
||||
ethereal_save_CPPFLAGS="$CPPFLAGS"
|
||||
ethereal_save_LDFLAGS="$LDFLAGS"
|
||||
ethereal_save_LIBS="$LIBS"
|
||||
wireshark_save_CFLAGS="$CFLAGS"
|
||||
wireshark_save_CPPFLAGS="$CPPFLAGS"
|
||||
wireshark_save_LDFLAGS="$LDFLAGS"
|
||||
wireshark_save_LIBS="$LIBS"
|
||||
LIBS="$LIBS -llua"
|
||||
fi
|
||||
|
||||
|
@ -868,7 +868,7 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
|
|||
# do we have 5.1?
|
||||
#
|
||||
|
||||
LIBS="$ethereal_save_LIBS $LUA_LIBS"
|
||||
LIBS="$wireshark_save_LIBS $LUA_LIBS"
|
||||
|
||||
AC_CHECK_LIB(lua, luaL_register,
|
||||
[
|
||||
|
@ -888,10 +888,10 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
|
|||
# "--with-lua=" directory, as we didn't
|
||||
# actually find lua there.
|
||||
#
|
||||
CFLAGS="$ethereal_save_CFLAGS"
|
||||
CPPFLAGS="$ethereal_save_CPPFLAGS"
|
||||
LDFLAGS="$ethereal_save_LDFLAGS"
|
||||
LIBS="$ethereal_save_LIBS"
|
||||
CFLAGS="$wireshark_save_CFLAGS"
|
||||
CPPFLAGS="$wireshark_save_CPPFLAGS"
|
||||
LDFLAGS="$wireshark_save_LDFLAGS"
|
||||
LIBS="$wireshark_save_LIBS"
|
||||
LUA_LIBS=""
|
||||
fi
|
||||
# User requested --with-lua but it isn't available
|
||||
|
@ -909,10 +909,10 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
|
|||
# "--with-lua=" directory, as we didn't
|
||||
# actually find lua there.
|
||||
#
|
||||
CFLAGS="$ethereal_save_CFLAGS"
|
||||
CPPFLAGS="$ethereal_save_CPPFLAGS"
|
||||
LDFLAGS="$ethereal_save_LDFLAGS"
|
||||
LIBS="$ethereal_save_LIBS"
|
||||
CFLAGS="$wireshark_save_CFLAGS"
|
||||
CPPFLAGS="$wireshark_save_CPPFLAGS"
|
||||
LDFLAGS="$wireshark_save_LDFLAGS"
|
||||
LIBS="$wireshark_save_LIBS"
|
||||
LUA_LIBS=""
|
||||
# User requested --with-lua but it isn't available
|
||||
if test "x$want_lua" = "xyes"
|
||||
|
@ -922,10 +922,10 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
|
|||
want_lua=no
|
||||
])
|
||||
|
||||
CFLAGS="$ethereal_save_CFLAGS"
|
||||
CPPFLAGS="$ethereal_save_CPPFLAGS"
|
||||
LDFLAGS="$ethereal_save_LDFLAGS"
|
||||
LIBS="$ethereal_save_LIBS"
|
||||
CFLAGS="$wireshark_save_CFLAGS"
|
||||
CPPFLAGS="$wireshark_save_CPPFLAGS"
|
||||
LDFLAGS="$wireshark_save_LDFLAGS"
|
||||
LIBS="$wireshark_save_LIBS"
|
||||
AC_SUBST(LUA_LIBS)
|
||||
AC_SUBST(LUA_INCLUDES)
|
||||
|
||||
|
@ -933,9 +933,9 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_NETSNMP_CHECK
|
||||
# AC_WIRESHARK_NETSNMP_CHECK
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_NETSNMP_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_NETSNMP_CHECK],
|
||||
[
|
||||
dnl get the net-snmp-config binary
|
||||
if test "x$netsnmpconfig" = "x" ; then
|
||||
|
@ -970,8 +970,8 @@ AC_DEFUN([AC_ETHEREAL_NETSNMP_CHECK],
|
|||
# searching for the Net-SNMP headers, we look in whatever
|
||||
# directory that output specifies.
|
||||
#
|
||||
ethereal_save_CFLAGS="$CFLAGS"
|
||||
ethereal_save_CPPFLAGS="$CPPFLAGS"
|
||||
wireshark_save_CFLAGS="$CFLAGS"
|
||||
wireshark_save_CPPFLAGS="$CPPFLAGS"
|
||||
CFLAGS="$CFLAGS `$NETSNMPCONFIG --cflags`"
|
||||
CPPFLAGS="$CPPFLAGS `$NETSNMPCONFIG --cflags`"
|
||||
|
||||
|
@ -984,8 +984,8 @@ AC_DEFUN([AC_ETHEREAL_NETSNMP_CHECK],
|
|||
else
|
||||
AC_MSG_RESULT(Net-SNMP requires openssl but ssl not enabled - disabling Net-SNMP)
|
||||
fi
|
||||
CFLAGS="$ethereal_save_CFLAGS"
|
||||
CPPFLAGS="$ethereal_save_CPPFLAGS"
|
||||
CFLAGS="$wireshark_save_CFLAGS"
|
||||
CPPFLAGS="$wireshark_save_CPPFLAGS"
|
||||
SNMP_LIBS=
|
||||
else
|
||||
AC_DEFINE(HAVE_NET_SNMP, 1, [Define to enable support for Net-SNMP])
|
||||
|
@ -1001,17 +1001,17 @@ AC_DEFUN([AC_ETHEREAL_NETSNMP_CHECK],
|
|||
# of '$NETSNMPCONFIG --cflags", as we
|
||||
# didn't actually find Net-SNMP there.
|
||||
#
|
||||
CFLAGS="$ethereal_save_CFLAGS"
|
||||
CPPFLAGS="$ethereal_save_CPPFLAGS"
|
||||
CFLAGS="$wireshark_save_CFLAGS"
|
||||
CPPFLAGS="$wireshark_save_CPPFLAGS"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_UCDSNMP_CHECK
|
||||
# AC_WIRESHARK_UCDSNMP_CHECK
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_UCDSNMP_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_UCDSNMP_CHECK],
|
||||
[
|
||||
if test "x$ucdsnmp_dir" != "x"
|
||||
then
|
||||
|
@ -1029,7 +1029,7 @@ AC_DEFUN([AC_ETHEREAL_UCDSNMP_CHECK],
|
|||
#
|
||||
CFLAGS="$CFLAGS -I$ucdsnmp_dir/include"
|
||||
CPPFLAGS="$CPPFLAGS -I$ucdsnmp_dir/include"
|
||||
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, $ucdsnmp_dir/lib)
|
||||
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, $ucdsnmp_dir/lib)
|
||||
fi
|
||||
|
||||
#
|
||||
|
@ -1059,7 +1059,7 @@ AC_DEFUN([AC_ETHEREAL_UCDSNMP_CHECK],
|
|||
# needed after the library *and* to cache all that
|
||||
# information.
|
||||
#
|
||||
ethereal_save_LIBS="$LIBS"
|
||||
wireshark_save_LIBS="$LIBS"
|
||||
found_sprint_realloc_objid=no
|
||||
for extras in "" "-L/usr/kerberos/lib -ldes425" "-lkstat"
|
||||
do
|
||||
|
@ -1116,7 +1116,7 @@ AC_DEFUN([AC_ETHEREAL_UCDSNMP_CHECK],
|
|||
fi
|
||||
])
|
||||
done
|
||||
LIBS="$ethereal_save_LIBS"
|
||||
LIBS="$wireshark_save_LIBS"
|
||||
|
||||
#
|
||||
# If we didn't find "sprint_realloc_objid()", fail.
|
||||
|
@ -1146,13 +1146,13 @@ AC_DEFUN([AC_ETHEREAL_UCDSNMP_CHECK],
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_RPM_CHECK
|
||||
# AC_WIRESHARK_RPM_CHECK
|
||||
# Looks for the rpm program, and checks to see if we can redefine "_topdir".
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_RPM_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_RPM_CHECK],
|
||||
[
|
||||
AC_CHECK_PROG(ac_cv_ethereal_have_rpm, rpm, "yes", "no")
|
||||
if test "x$ac_cv_ethereal_have_rpm" = "xyes"; then
|
||||
AC_CHECK_PROG(ac_cv_wireshark_have_rpm, rpm, "yes", "no")
|
||||
if test "x$ac_cv_wireshark_have_rpm" = "xyes"; then
|
||||
rpm --define '_topdir /tmp' > /dev/null 2>&1
|
||||
AC_MSG_CHECKING(to see if we can redefine _topdir)
|
||||
if test $? -eq 0 ; then
|
||||
|
@ -1166,10 +1166,10 @@ AC_DEFUN([AC_ETHEREAL_RPM_CHECK],
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_GNU_SED_CHECK
|
||||
# AC_WIRESHARK_GNU_SED_CHECK
|
||||
# Checks if GNU sed is the first sed in PATH.
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_GNU_SED_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_GNU_SED_CHECK],
|
||||
[
|
||||
AC_MSG_CHECKING(for GNU sed as first sed in PATH)
|
||||
if ( sh -c "sed --version" </dev/null 2> /dev/null | grep "GNU sed" 2>&1 > /dev/null ) ; then
|
||||
|
@ -1182,9 +1182,9 @@ AC_DEFUN([AC_ETHEREAL_GNU_SED_CHECK],
|
|||
])
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_ADNS_CHECK
|
||||
# AC_WIRESHARK_ADNS_CHECK
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_ADNS_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_ADNS_CHECK],
|
||||
[
|
||||
want_adns=defaultyes
|
||||
|
||||
|
@ -1192,7 +1192,7 @@ AC_DEFUN([AC_ETHEREAL_ADNS_CHECK],
|
|||
want_adns=yes
|
||||
withval=/usr/local
|
||||
if test -d "$withval"; then
|
||||
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, ${withval}/lib)
|
||||
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, ${withval}/lib)
|
||||
fi
|
||||
fi
|
||||
|
||||
|
@ -1211,12 +1211,12 @@ AC_DEFUN([AC_ETHEREAL_ADNS_CHECK],
|
|||
|
||||
|
||||
#
|
||||
# AC_ETHEREAL_KRB5_CHECK
|
||||
# AC_WIRESHARK_KRB5_CHECK
|
||||
#
|
||||
AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
|
||||
AC_DEFUN([AC_WIRESHARK_KRB5_CHECK],
|
||||
[
|
||||
ethereal_save_CFLAGS="$CFLAGS"
|
||||
ethereal_save_CPPFLAGS="$CPPFLAGS"
|
||||
wireshark_save_CFLAGS="$CFLAGS"
|
||||
wireshark_save_CPPFLAGS="$CPPFLAGS"
|
||||
if test "x$krb5_dir" != "x"
|
||||
then
|
||||
#
|
||||
|
@ -1332,7 +1332,7 @@ AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
|
|||
# the Kerberos library.
|
||||
#
|
||||
AC_MSG_RESULT($ac_krb5_version)
|
||||
ethereal_save_LIBS="$LIBS"
|
||||
wireshark_save_LIBS="$LIBS"
|
||||
found_krb5_kt_resolve=no
|
||||
for extras in "" "-lresolv"
|
||||
do
|
||||
|
@ -1391,8 +1391,8 @@ AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
|
|||
# from before we added the flags for Kerberos.
|
||||
#
|
||||
AC_MSG_RESULT(Usable $ac_krb5_version not found - disabling dissection for some kerberos data in packet decoding)
|
||||
CFLAGS="$ethereal_save_CFLAGS"
|
||||
CPPFLAGS="$ethereal_save_CPPFLAGS"
|
||||
CFLAGS="$wireshark_save_CFLAGS"
|
||||
CPPFLAGS="$wireshark_save_CPPFLAGS"
|
||||
KRB5_LIBS=""
|
||||
want_krb5=no
|
||||
fi
|
||||
|
@ -1424,7 +1424,7 @@ AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
|
|||
AC_MSG_RESULT(no)
|
||||
])
|
||||
fi
|
||||
LIBS="$ethereal_save_LIBS"
|
||||
LIBS="$wireshark_save_LIBS"
|
||||
else
|
||||
#
|
||||
# It's not Heimdal or MIT.
|
||||
|
@ -1443,8 +1443,8 @@ AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
|
|||
# from before we added the flags for Kerberos.
|
||||
#
|
||||
AC_MSG_RESULT(Kerberos not found - disabling dissection for some kerberos data in packet decoding)
|
||||
CFLAGS="$ethereal_save_CFLAGS"
|
||||
CPPFLAGS="$ethereal_save_CPPFLAGS"
|
||||
CFLAGS="$wireshark_save_CFLAGS"
|
||||
CPPFLAGS="$wireshark_save_CPPFLAGS"
|
||||
KRB5_LIBS=""
|
||||
want_krb5=no
|
||||
fi
|
||||
|
@ -1458,8 +1458,8 @@ AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
|
|||
# Restore the versions of CFLAGS and CPPFLAGS
|
||||
# from before we added the flags for Kerberos.
|
||||
#
|
||||
CFLAGS="$ethereal_save_CFLAGS"
|
||||
CPPFLAGS="$ethereal_save_CPPFLAGS"
|
||||
CFLAGS="$wireshark_save_CFLAGS"
|
||||
CPPFLAGS="$wireshark_save_CPPFLAGS"
|
||||
KRB5_LIBS=""
|
||||
want_krb5=no
|
||||
fi
|
||||
|
|
2
cfilters
2
cfilters
|
@ -10,4 +10,4 @@
|
|||
"TCP or UDP port 80 (HTTP)" port 80
|
||||
"HTTP TCP port (80)" tcp port http
|
||||
"No ARP and no DNS" not arp and port not 53
|
||||
"Non-HTTP and non-SMTP to/from www.ethereal.com" not port 80 and not port 25 and host www.ethereal.com
|
||||
"Non-HTTP and non-SMTP to/from www.wireshark.org" not port 80 and not port 25 and host www.wireshark.org
|
||||
|
|
76
configure.in
76
configure.in
|
@ -116,7 +116,7 @@ else
|
|||
fi
|
||||
AC_SUBST(HAVE_SVR4_PACKAGING)
|
||||
|
||||
AC_ETHEREAL_RPM_CHECK
|
||||
AC_WIRESHARK_RPM_CHECK
|
||||
AC_SUBST(HAVE_RPM)
|
||||
|
||||
#
|
||||
|
@ -134,12 +134,12 @@ AC_ARG_WITH(extra-gcc-checks,
|
|||
[
|
||||
if test $withval != no
|
||||
then
|
||||
ethereal_extra_gcc_flags=" -Wcast-qual -Wcast-align -Wbad-function-cast -pedantic -Wstrict-prototypes -Wmissing-declarations -Wwrite-strings"
|
||||
wireshark_extra_gcc_flags=" -Wcast-qual -Wcast-align -Wbad-function-cast -pedantic -Wstrict-prototypes -Wmissing-declarations -Wwrite-strings"
|
||||
fi
|
||||
],)
|
||||
AC_MSG_CHECKING(to see if we can add '-Wall -W $ethereal_extra_gcc_flags' to CFLAGS)
|
||||
AC_MSG_CHECKING(to see if we can add '-Wall -W $wireshark_extra_gcc_flags' to CFLAGS)
|
||||
if test x$GCC != x ; then
|
||||
CFLAGS="-D_U_=\"__attribute__((unused))\" -Wall -Wpointer-arith -W $ethereal_extra_gcc_flags $CFLAGS"
|
||||
CFLAGS="-D_U_=\"__attribute__((unused))\" -Wall -Wpointer-arith -W $wireshark_extra_gcc_flags $CFLAGS"
|
||||
AC_MSG_RESULT(yes)
|
||||
else
|
||||
CFLAGS="-D_U_=\"\" $CFLAGS"
|
||||
|
@ -281,7 +281,7 @@ if test "x$ac_cv_enable_usr_local" = "xyes" ; then
|
|||
#
|
||||
# Arrange that we search for libraries in "/usr/local/lib".
|
||||
#
|
||||
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, /usr/local/lib)
|
||||
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, /usr/local/lib)
|
||||
else
|
||||
AC_MSG_RESULT(no)
|
||||
fi
|
||||
|
@ -314,7 +314,7 @@ esac
|
|||
#
|
||||
# Add any checks here that are necessary for other OSes.
|
||||
#
|
||||
AC_ETHEREAL_GNU_SED_CHECK
|
||||
AC_WIRESHARK_GNU_SED_CHECK
|
||||
if test "$HAVE_GNU_SED" = no ; then
|
||||
case "$host_os" in
|
||||
solaris*)
|
||||
|
@ -401,8 +401,8 @@ fi
|
|||
#
|
||||
if test "$GTK_OK" = "no" ; then
|
||||
enable_ethereal="no"
|
||||
ethereal_bin=""
|
||||
ethereal_man=""
|
||||
wireshark_bin=""
|
||||
wireshark_man=""
|
||||
# Honor GLIB_CFLAGS
|
||||
if test "x$enable_gtk2" = "xyes" ; then
|
||||
AM_PATH_GLIB_2_0(2.0.0, CFLAGS="$CFLAGS $GLIB_CFLAGS", AC_MSG_ERROR(GLib2 distribution not found.), gmodule)
|
||||
|
@ -410,9 +410,9 @@ if test "$GTK_OK" = "no" ; then
|
|||
AM_PATH_GLIB(1.2.0, CFLAGS="$CFLAGS $GLIB_CFLAGS", AC_MSG_ERROR(GLib distribution not found.), gmodule)
|
||||
fi
|
||||
else
|
||||
ethereal_bin="ethereal\$(EXEEXT)"
|
||||
ethereal_man="ethereal.1"
|
||||
ethereal_SUBDIRS="gtk"
|
||||
wireshark_bin="ethereal\$(EXEEXT)"
|
||||
wireshark_man="ethereal.1"
|
||||
wireshark_SUBDIRS="gtk"
|
||||
# Honor GLIB_CFLAGS
|
||||
if test "$GTK_OK" = "two" ; then
|
||||
AM_PATH_GLIB_2_0(2.0.0, , AC_MSG_ERROR(GLib distribution not found.), gmodule)
|
||||
|
@ -488,11 +488,11 @@ AC_CHECK_HEADERS(inttypes.h,
|
|||
],
|
||||
[
|
||||
AC_MSG_RESULT(yes)
|
||||
ac_ethereal_inttypes_h_defines_formats=yes
|
||||
ac_wireshark_inttypes_h_defines_formats=yes
|
||||
],
|
||||
[
|
||||
AC_MSG_RESULT(no)
|
||||
ac_ethereal_inttypes_h_defines_formats=no
|
||||
ac_wireshark_inttypes_h_defines_formats=no
|
||||
])
|
||||
],
|
||||
[
|
||||
|
@ -500,16 +500,16 @@ AC_CHECK_HEADERS(inttypes.h,
|
|||
# We don't have inttypes.h, so it obviously can't define those
|
||||
# macros.
|
||||
#
|
||||
ac_ethereal_inttypes_h_defines_formats=no
|
||||
ac_wireshark_inttypes_h_defines_formats=no
|
||||
])
|
||||
if test "$ac_ethereal_inttypes_h_defines_formats" = yes; then
|
||||
if test "$ac_wireshark_inttypes_h_defines_formats" = yes; then
|
||||
AC_DEFINE(INTTYPES_H_DEFINES_FORMATS,,[Define if <inttypes.h> defines PRI[doxu]64 macros])
|
||||
else
|
||||
AC_ETHEREAL_CHECK_64BIT_FORMAT(ll,
|
||||
AC_WIRESHARK_CHECK_64BIT_FORMAT(ll,
|
||||
[
|
||||
AC_ETHEREAL_CHECK_64BIT_FORMAT(L,
|
||||
AC_WIRESHARK_CHECK_64BIT_FORMAT(L,
|
||||
[
|
||||
AC_ETHEREAL_CHECK_64BIT_FORMAT(q,
|
||||
AC_WIRESHARK_CHECK_64BIT_FORMAT(q,
|
||||
[
|
||||
AC_MSG_ERROR([neither %llx nor %Lx nor %qx worked on a 64-bit integer])
|
||||
])
|
||||
|
@ -517,8 +517,8 @@ else
|
|||
])
|
||||
fi
|
||||
|
||||
AC_SUBST(ethereal_bin)
|
||||
AC_SUBST(ethereal_man)
|
||||
AC_SUBST(wireshark_bin)
|
||||
AC_SUBST(wireshark_man)
|
||||
|
||||
rdps_bin="rdps\$(EXEEXT)"
|
||||
AC_SUBST(rdps_bin)
|
||||
|
@ -532,14 +532,14 @@ AC_ARG_ENABLE(tshark,
|
|||
if test "x$enable_tshark" = "xyes" ; then
|
||||
tshark_bin="tshark\$(EXEEXT)"
|
||||
tshark_man="tshark.1"
|
||||
etherealfilter_man="ethereal-filter.4"
|
||||
wiresharkfilter_man="wireshark-filter.4"
|
||||
else
|
||||
tshark_bin=""
|
||||
tshark_man=""
|
||||
fi
|
||||
AC_SUBST(tshark_bin)
|
||||
AC_SUBST(tshark_man)
|
||||
AC_SUBST(etherealfilter_man)
|
||||
AC_SUBST(wiresharkfilter_man)
|
||||
|
||||
|
||||
|
||||
|
@ -666,11 +666,11 @@ AC_SUBST(randpkt_bin)
|
|||
|
||||
dnl Checks for "gethostbyname()" - and "-lnsl", if we need it to get
|
||||
dnl "gethostbyname()".
|
||||
AC_ETHEREAL_GETHOSTBY_LIB_CHECK
|
||||
AC_WIRESHARK_GETHOSTBY_LIB_CHECK
|
||||
|
||||
dnl Checks for "connect()", used as a proxy for "socket()" - and
|
||||
dnl "-lsocket", if we need it to get "connect()".
|
||||
AC_ETHEREAL_SOCKET_LIB_CHECK
|
||||
AC_WIRESHARK_SOCKET_LIB_CHECK
|
||||
|
||||
dnl pcap check
|
||||
AC_MSG_CHECKING(whether to use libpcap for packet capture)
|
||||
|
@ -696,7 +696,7 @@ if test "x$want_pcap" = "xno" ; then
|
|||
AC_MSG_RESULT(no)
|
||||
else
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_ETHEREAL_PCAP_CHECK
|
||||
AC_WIRESHARK_PCAP_CHECK
|
||||
fi
|
||||
|
||||
dnl zlib check
|
||||
|
@ -726,7 +726,7 @@ if test "x$want_zlib" = "xno" ; then
|
|||
AC_MSG_RESULT(no)
|
||||
else
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_ETHEREAL_ZLIB_CHECK
|
||||
AC_WIRESHARK_ZLIB_CHECK
|
||||
if test "x$want_zlib" = "xno" ; then
|
||||
AC_MSG_RESULT(zlib not found - disabling compressed capture file support)
|
||||
fi
|
||||
|
@ -760,7 +760,7 @@ if test "x$want_pcre" = "xno" ; then
|
|||
AC_MSG_RESULT(no)
|
||||
else
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_ETHEREAL_LIBPCRE_CHECK
|
||||
AC_WIRESHARK_LIBPCRE_CHECK
|
||||
if test "x$want_pcre" = "xno" ; then
|
||||
AC_MSG_RESULT(libpcre not found - disabling support for perl compatible regular expressions in dfilters)
|
||||
fi
|
||||
|
@ -794,7 +794,7 @@ if test "x$want_lua" = "xno" ; then
|
|||
AC_MSG_RESULT(no)
|
||||
else
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_ETHEREAL_LIBLUA_CHECK
|
||||
AC_WIRESHARK_LIBLUA_CHECK
|
||||
if test "x$want_lua" = "xno" ; then
|
||||
AC_MSG_RESULT(liblua not found - disabling support for the lua scripting plugin)
|
||||
fi
|
||||
|
@ -811,7 +811,7 @@ if test "x$enable_ipv6" = "xno" ; then
|
|||
AC_MSG_RESULT(no)
|
||||
else
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_ETHEREAL_IPV6_STACK
|
||||
AC_WIRESHARK_IPV6_STACK
|
||||
fi
|
||||
|
||||
|
||||
|
@ -853,7 +853,7 @@ elif test "x$withval" = "xyes"; then
|
|||
want_ssl=yes
|
||||
elif test -d "$withval"; then
|
||||
want_ssl=yes
|
||||
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, ${withval}/lib)
|
||||
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, ${withval}/lib)
|
||||
fi
|
||||
],[
|
||||
want_ssl=no
|
||||
|
@ -930,7 +930,7 @@ else
|
|||
else
|
||||
AC_MSG_RESULT(yes)
|
||||
fi
|
||||
AC_ETHEREAL_NETSNMP_CHECK
|
||||
AC_WIRESHARK_NETSNMP_CHECK
|
||||
fi
|
||||
|
||||
#
|
||||
|
@ -946,7 +946,7 @@ if test "x$have_net_snmp" != "xyes" ; then
|
|||
else
|
||||
AC_MSG_RESULT(yes)
|
||||
fi
|
||||
AC_ETHEREAL_UCDSNMP_CHECK
|
||||
AC_WIRESHARK_UCDSNMP_CHECK
|
||||
fi
|
||||
fi
|
||||
|
||||
|
@ -984,7 +984,7 @@ if test "x$want_krb5" = "xno" ; then
|
|||
AC_MSG_RESULT(no)
|
||||
else
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_ETHEREAL_KRB5_CHECK
|
||||
AC_WIRESHARK_KRB5_CHECK
|
||||
fi
|
||||
|
||||
|
||||
|
@ -1001,14 +1001,14 @@ elif test "x$withval" = "xyes"; then
|
|||
want_adns=yes
|
||||
elif test -d "$withval"; then
|
||||
want_adns=yes
|
||||
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, ${withval}/lib)
|
||||
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, ${withval}/lib)
|
||||
fi
|
||||
])
|
||||
if test "x$with_adns" = "xno" ; then
|
||||
AC_MSG_RESULT(no)
|
||||
else
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_ETHEREAL_ADNS_CHECK
|
||||
AC_WIRESHARK_ADNS_CHECK
|
||||
fi
|
||||
AC_SUBST(ADNS_LIBS)
|
||||
|
||||
|
@ -1024,7 +1024,7 @@ dnl Checks for typedefs, structures, and compiler characteristics.
|
|||
# We need to know whether "struct sockaddr" has an "sa_len" member
|
||||
# for get_interface_list().
|
||||
|
||||
AC_ETHEREAL_STRUCT_SA_LEN
|
||||
AC_WIRESHARK_STRUCT_SA_LEN
|
||||
|
||||
# We must know our byte order
|
||||
AC_C_BIGENDIAN
|
||||
|
@ -1221,7 +1221,7 @@ AC_CHECK_FUNCS(issetugid)
|
|||
AC_CHECK_FUNCS(mmap mprotect sysconf)
|
||||
|
||||
dnl blank for now, but will be used in future
|
||||
AC_SUBST(ethereal_SUBDIRS)
|
||||
AC_SUBST(wireshark_SUBDIRS)
|
||||
|
||||
dnl
|
||||
dnl check whether plugins should be enabled and, if they should be,
|
||||
|
@ -1312,7 +1312,7 @@ AC_OUTPUT(
|
|||
packaging/nsis/Makefile
|
||||
packaging/rpm/Makefile
|
||||
packaging/rpm/SPECS/Makefile
|
||||
packaging/rpm/SPECS/ethereal.spec
|
||||
packaging/rpm/SPECS/wireshark.spec
|
||||
packaging/svr4/Makefile
|
||||
packaging/svr4/checkinstall
|
||||
packaging/svr4/pkginfo
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
editcap.1
|
||||
mergecap.1
|
||||
text2pcap.1
|
||||
ethereal-filter.4
|
||||
wireshark-filter.4
|
||||
|
||||
editcap.1
|
||||
mergecap.1
|
||||
text2pcap.1
|
||||
ethereal-filter.4
|
||||
wireshark-filter.4
|
||||
|
||||
editcap.1
|
||||
mergecap.1
|
||||
|
|
|
@ -62,7 +62,7 @@ clean: unpatch-stamp
|
|||
|
||||
cp /usr/share/misc/config.guess /usr/share/misc/config.sub .
|
||||
-$(MAKE) distclean
|
||||
rm -f rdps ethereal.1 tshark.1 idl2deb.1 ethereal-filter.4 asn2deb.1
|
||||
rm -f rdps ethereal.1 tshark.1 idl2deb.1 wireshark-filter.4 asn2deb.1
|
||||
rm -f conftest conftest.c
|
||||
rm -f config.guess config.sub config.log
|
||||
|
||||
|
@ -88,7 +88,7 @@ binary-arch: build
|
|||
$(MAKE) install DESTDIR=`pwd`/debian/tmp
|
||||
mkdir -p `pwd`/debian/tmp/usr/share/applications/
|
||||
cp ethereal.desktop `pwd`/debian/tmp/usr/share/applications/
|
||||
cp debian/ethereal-root.desktop `pwd`/debian/tmp/usr/share/applications/
|
||||
cp debian/wireshark-root.desktop `pwd`/debian/tmp/usr/share/applications/
|
||||
mkdir -p `pwd`/debian/tmp/usr/share/pixmaps/
|
||||
cp image/hi48-app-ethereal.png `pwd`/debian/tmp/usr/share/pixmaps/
|
||||
cp image/eicon3d32.xpm `pwd`/debian/tmp/usr/share/pixmaps/
|
||||
|
@ -98,7 +98,7 @@ binary-arch: build
|
|||
cp `pwd`/ethereal_be.py `pwd`/ethereal_gen.py \
|
||||
`pwd`/debian/tmp/usr/lib/$(PYTHON_VERSION)/site-packages/
|
||||
mkdir -p `pwd`/debian/tmp/usr/include/ethereal/
|
||||
for F in `cat debian/ethereal-dev.header-files`; do \
|
||||
for F in `cat debian/wireshark-dev.header-files`; do \
|
||||
cp --parents $$F `pwd`/debian/tmp/usr/include/ethereal; \
|
||||
done
|
||||
# .a is no longer built; why was is used ?
|
||||
|
|
|
@ -24,20 +24,20 @@
|
|||
# We include dependencies on ../config.h in order to
|
||||
# capture when $(VERSION) changes.
|
||||
|
||||
ethereal-tmp.pod: $(srcdir)/ethereal.pod $(top_builddir)/AUTHORS-SHORT-FORMAT
|
||||
cat $(srcdir)/ethereal.pod $(top_builddir)/AUTHORS-SHORT-FORMAT > ethereal-tmp.pod
|
||||
wireshark-tmp.pod: $(srcdir)/wireshark.pod $(top_builddir)/AUTHORS-SHORT-FORMAT
|
||||
cat $(srcdir)/wireshark.pod $(top_builddir)/AUTHORS-SHORT-FORMAT > wireshark-tmp.pod
|
||||
|
||||
../ethereal.1: ethereal-tmp.pod ../config.h
|
||||
../wireshark.1: wireshark-tmp.pod ../config.h
|
||||
$(POD2MAN) \
|
||||
--center="The Wireshark Network Analyzer" \
|
||||
--release=$(VERSION) \
|
||||
ethereal-tmp.pod | sed 's/ETHEREAL-TMP/ETHEREAL/' > ../ethereal.1
|
||||
wireshark-tmp.pod | sed 's/WIRESHARK-TMP/WIRESHARK/' > ../wireshark.1
|
||||
|
||||
../ethereal.html: ethereal-tmp.pod ../config.h
|
||||
../wireshark.html: wireshark-tmp.pod ../config.h
|
||||
$(POD2HTML) \
|
||||
--title="The Wireshark Network Analyzer $(VERSION)" \
|
||||
--noindex \
|
||||
ethereal-tmp.pod > ../ethereal.html
|
||||
wireshark-tmp.pod > ../wireshark.html
|
||||
|
||||
../tshark.1: tshark.pod ../config.h
|
||||
$(POD2MAN) \
|
||||
|
@ -51,21 +51,21 @@ ethereal-tmp.pod: $(srcdir)/ethereal.pod $(top_builddir)/AUTHORS-SHORT-FORMAT
|
|||
--noindex \
|
||||
$(srcdir)/tshark.pod > ../tshark.html
|
||||
|
||||
../ethereal-filter.4: ethereal-filter.pod ../config.h
|
||||
../wireshark-filter.4: wireshark-filter.pod ../config.h
|
||||
$(POD2MAN) \
|
||||
--section=4 \
|
||||
--center="The Wireshark Network Analyzer" \
|
||||
--release=$(VERSION) \
|
||||
ethereal-filter.pod > ../ethereal-filter.4
|
||||
wireshark-filter.pod > ../wireshark-filter.4
|
||||
|
||||
../ethereal-filter.html: ethereal-filter.pod ../config.h
|
||||
../wireshark-filter.html: wireshark-filter.pod ../config.h
|
||||
$(POD2HTML) \
|
||||
--title="ethereal-filter - The Wireshark Network Analyzer $(VERSION)" \
|
||||
--title="wireshark-filter - The Wireshark Network Analyzer $(VERSION)" \
|
||||
--noindex \
|
||||
ethereal-filter.pod > ../ethereal-filter.html
|
||||
wireshark-filter.pod > ../wireshark-filter.html
|
||||
|
||||
ethereal-filter.pod: ethereal-filter.pod.template ../tshark
|
||||
../tshark -G fields | $(PERL) $(srcdir)/dfilter2pod.pl $(srcdir)/ethereal-filter.pod.template > ethereal-filter.pod
|
||||
wireshark-filter.pod: wireshark-filter.pod.template ../tshark
|
||||
../tshark -G fields | $(PERL) $(srcdir)/dfilter2pod.pl $(srcdir)/wireshark-filter.pod.template > wireshark-filter.pod
|
||||
|
||||
../capinfos.1: capinfos.pod ../config.h
|
||||
$(POD2MAN) \
|
||||
|
@ -140,12 +140,12 @@ ethereal-filter.pod: ethereal-filter.pod.template ../tshark
|
|||
$(srcdir)/dumpcap.pod > ../dumpcap.html
|
||||
|
||||
CLEANFILES = \
|
||||
ethereal-filter.pod \
|
||||
ethereal-tmp.pod \
|
||||
../ethereal-filter.4 \
|
||||
../ethereal-filter.html \
|
||||
../ethereal.1 \
|
||||
../ethereal.html \
|
||||
wireshark-filter.pod \
|
||||
wireshark-tmp.pod \
|
||||
../wireshark-filter.4 \
|
||||
../wireshark-filter.html \
|
||||
../wireshark.1 \
|
||||
../wireshark.html \
|
||||
../capinfos.1 \
|
||||
../capinfos.html \
|
||||
../editcap.1 \
|
||||
|
|
|
@ -26,31 +26,31 @@
|
|||
|
||||
include ../config.nmake
|
||||
|
||||
doc: ethereal.html tshark.html ethereal-filter.html capinfos.html \
|
||||
doc: wireshark.html tshark.html wireshark-filter.html capinfos.html \
|
||||
editcap.html idl2wrs.html mergecap.html text2pcap.html dumpcap.html
|
||||
|
||||
man: ethereal.1 tshark.1 ethereal-filter.4 capinfos.1 editcap.1 \
|
||||
man: wireshark.1 tshark.1 wireshark-filter.4 capinfos.1 editcap.1 \
|
||||
idl2wrs.1 mergecap.1 text2pcap.1 dumpcap.1
|
||||
|
||||
ethereal-tmp.pod: ethereal.pod ../AUTHORS-SHORT-FORMAT
|
||||
copy /B ethereal.pod + ..\AUTHORS-SHORT-FORMAT ethereal-tmp.pod
|
||||
wireshark-tmp.pod: wireshark.pod ../AUTHORS-SHORT-FORMAT
|
||||
copy /B wireshark.pod + ..\AUTHORS-SHORT-FORMAT wireshark-tmp.pod
|
||||
|
||||
../AUTHORS-SHORT-FORMAT:
|
||||
cd ..
|
||||
$(MAKE) -f makefile.nmake AUTHORS-SHORT-FORMAT
|
||||
cd doc
|
||||
|
||||
ethereal.1: ethereal.pod ../config.h
|
||||
wireshark.1: wireshark.pod ../config.h
|
||||
$(POD2MAN) \
|
||||
--center="The Wireshark Network Analyzer" \
|
||||
--release=$(VERSION) \
|
||||
ethereal-tmp.pod > ethereal.1
|
||||
wireshark-tmp.pod > wireshark.1
|
||||
|
||||
ethereal.html: ethereal-tmp.pod ../config.h
|
||||
wireshark.html: wireshark-tmp.pod ../config.h
|
||||
$(POD2HTML) \
|
||||
--title="The Wireshark Network Analyzer $(VERSION)" \
|
||||
--noindex \
|
||||
ethereal-tmp.pod > ethereal.html
|
||||
wireshark-tmp.pod > wireshark.html
|
||||
|
||||
../tshark.exe:
|
||||
cd ..
|
||||
|
@ -69,22 +69,22 @@ tshark.html: tshark.pod ../config.h
|
|||
--noindex \
|
||||
tshark.pod > tshark.html
|
||||
|
||||
ethereal-filter.4: ethereal-filter.pod ../config.h
|
||||
wireshark-filter.4: wireshark-filter.pod ../config.h
|
||||
$(POD2MAN) \
|
||||
--center="The Wireshark Network Analyzer" \
|
||||
--release=$(VERSION) \
|
||||
ethereal-filter.pod > ethereal.4
|
||||
wireshark-filter.pod > wireshark.4
|
||||
|
||||
ethereal-filter.html: ethereal-filter.pod ../config.h
|
||||
wireshark-filter.html: wireshark-filter.pod ../config.h
|
||||
$(POD2HTML) \
|
||||
--title="ethereal-filter - The Wireshark Network Analyzer $(VERSION)" \
|
||||
--title="wireshark-filter - The Wireshark Network Analyzer $(VERSION)" \
|
||||
--noindex \
|
||||
ethereal-filter.pod > ethereal-filter.html
|
||||
wireshark-filter.pod > wireshark-filter.html
|
||||
|
||||
ethereal-filter.pod: ethereal-filter.pod.template ../tshark.exe
|
||||
wireshark-filter.pod: wireshark-filter.pod.template ../tshark.exe
|
||||
cd ..
|
||||
$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake install-deps
|
||||
tshark.exe -G | $(PERL) doc\dfilter2pod.pl doc\ethereal-filter.pod.template > doc\ethereal-filter.pod
|
||||
tshark.exe -G | $(PERL) doc\dfilter2pod.pl doc\wireshark-filter.pod.template > doc\wireshark-filter.pod
|
||||
$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake clean-deps
|
||||
cd doc
|
||||
|
||||
|
@ -162,9 +162,9 @@ dumpcap.html: dumpcap.pod ../config.h
|
|||
dumpcap.pod > dumpcap.html
|
||||
|
||||
clean:
|
||||
rm -f ethereal.html ethereal.1 ethereal-tmp.pod
|
||||
rm -f wireshark.html wireshark.1 wireshark-tmp.pod
|
||||
rm -f tshark.html tshark.1
|
||||
rm -f ethereal-filter.html ethereal-filter.4 ethereal-filter.pod
|
||||
rm -f wireshark-filter.html wireshark-filter.4 wireshark-filter.pod
|
||||
rm -f capinfos.html capinfos.1
|
||||
rm -f editcap.html editcap.1
|
||||
rm -f idl2wrs.html idl2wrs.1
|
||||
|
|
|
@ -13,12 +13,12 @@ Benefits of using binary trees are that they are incredibly fast for
|
|||
accessing data and they scale very well with good characteristics even to
|
||||
very large number of objects.
|
||||
|
||||
Ethereal provides its own version of red black binary trees designed in
|
||||
Wireshark provides its own version of red black binary trees designed in
|
||||
particular to be easy to use and to eliminate most of the memory management
|
||||
often associated with such trees.
|
||||
|
||||
The trees supported by wireshark are currently all created using SEasonal
|
||||
storage which means that when you load a new trace into ethereal, the SEasonal
|
||||
storage which means that when you load a new trace into wireshark, the SEasonal
|
||||
memory management will automatically release every single byte of data
|
||||
associated with the tree.
|
||||
|
||||
|
@ -34,8 +34,8 @@ void *se_tree_lookup32(se_tree_t *se_tree, guint32 key);
|
|||
|
||||
2.1 se_tree_create(int type, char *name);
|
||||
se_tree_create() is used to initialize a tree that will be automatically
|
||||
cleared and reset everytime ethereal is resetting all SEasonal storage,
|
||||
that is every time you load a new capture file into ethereal or when
|
||||
cleared and reset everytime wireshark is resetting all SEasonal storage,
|
||||
that is every time you load a new capture file into wireshark or when
|
||||
you rescan the entire capture file from scratch.
|
||||
|
||||
Name is just a literal text string and serves no other purpose than making
|
||||
|
@ -58,7 +58,7 @@ void proto_register_...(void) {
|
|||
}
|
||||
|
||||
That is how easy it is to create a binary tree. You only need to create it once
|
||||
when ethereal starts and the tree will remain there until you exit ethereal.
|
||||
when wireshark starts and the tree will remain there until you exit wireshark.
|
||||
Everytime a new capture is loaded, all nodes allocated to the tree is
|
||||
automatically and the tree is reset without you having to do anything at all.
|
||||
|
||||
|
@ -89,7 +89,7 @@ This is very neat and makes real difficult to have memory leaks in your code.
|
|||
NOTE: When you insert items in the tree, it is very likely that you only
|
||||
want to add any data to the tree during the very first time you process
|
||||
a particular packet.
|
||||
Ethereal may reprocess the same packet multiple times afterwards by the user
|
||||
Wireshark may reprocess the same packet multiple times afterwards by the user
|
||||
clicking on the packet or for other reasons.
|
||||
You probably DO want to protect the insert call within an if statement such
|
||||
as
|
||||
|
@ -175,7 +175,7 @@ until an array element where length==0 is found indicating the end of the
|
|||
array.
|
||||
|
||||
NOTE: you MUST terminate the se_tree_key_t array by {0, NULL}
|
||||
If you forget to do this ethereal will immediately crash.
|
||||
If you forget to do this wireshark will immediately crash.
|
||||
|
||||
NOTE: length indicates the number of guint32 values in the vector, not number
|
||||
of bytes.
|
||||
|
|
|
@ -3,7 +3,7 @@ $Id$
|
|||
This document is an attempt, to bring some light to the things done, when
|
||||
packet capturing is performed. There might be things missing, and others
|
||||
maybe wrong :-( The following will concentrate a bit on the win32 gtk
|
||||
port of ethereal.
|
||||
port of wireshark.
|
||||
|
||||
|
||||
XXX: when ongoing file reorganisation will be completed, the following
|
||||
|
|
|
@ -1,21 +1,21 @@
|
|||
$Id$
|
||||
|
||||
Unfortunately, the closest thing to a design document is the
|
||||
"README.developer" document in the "doc" directory of the Ethereal
|
||||
"README.developer" document in the "doc" directory of the Wireshark
|
||||
source tree; however, although that's useful for people adding new
|
||||
protocol dissectors to Ethereal, it doesn't describe the operations of
|
||||
the "core" of Ethereal.
|
||||
protocol dissectors to Wireshark, it doesn't describe the operations of
|
||||
the "core" of Wireshark.
|
||||
|
||||
We have no document describing that; however, a quick summary of the
|
||||
part of the code you'd probably be working with is:
|
||||
|
||||
for every capture file that Ethereal has open, there's a
|
||||
"capture_file" structure - Ethereal currently supports only one
|
||||
for every capture file that Wireshark has open, there's a
|
||||
"capture_file" structure - Wireshark currently supports only one
|
||||
open capture file at a time, and that structure is named
|
||||
"cfile" (see the "file.h" header file);
|
||||
|
||||
that structure has a member "plist", which points to a
|
||||
"frame_data" structure - every link-layer frame that Ethereal
|
||||
"frame_data" structure - every link-layer frame that Wireshark
|
||||
has read in has a "frame_data" structure (see the
|
||||
"epan/packet.h" header file), the "plist" member of "cfile"
|
||||
points to the first frame, and each frame has a "next" member
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
$Id$
|
||||
|
||||
This file is a HOWTO for Wireshark developers. It describes how to start coding
|
||||
a Ethereal protocol dissector and the use some of the important functions and
|
||||
a Wireshark protocol dissector and the use some of the important functions and
|
||||
variables.
|
||||
|
||||
1. Setting up your protocol dissector code.
|
||||
|
@ -14,12 +14,12 @@ add to the protocol tree, and work with registered header fields.
|
|||
|
||||
1.1.1 Portability.
|
||||
|
||||
Ethereal runs on many platforms, and can be compiled with a number of
|
||||
Wireshark runs on many platforms, and can be compiled with a number of
|
||||
different compilers; here are some rules for writing code that will work
|
||||
on multiple platforms.
|
||||
|
||||
Don't use C++-style comments (comments beginning with "//" and running
|
||||
to the end of the line); Ethereal's dissectors are written in C, and
|
||||
to the end of the line); Wireshark's dissectors are written in C, and
|
||||
thus run through C rather than C++ compilers, and not all C compilers
|
||||
support C++-style comments (GCC does, but IBM's C compiler for AIX, for
|
||||
example, doesn't do so by default).
|
||||
|
@ -154,14 +154,14 @@ you might be able to get away with not including the appropriate header
|
|||
file on your platform but that might not work on other platforms.
|
||||
Instead, use "g_ntohs()", "g_ntohl()", "g_htons()", and "g_htonl()";
|
||||
those are declared by <glib.h>, and you'll need to include that anyway,
|
||||
as Ethereal header files that all dissectors must include use stuff from
|
||||
as Wireshark header files that all dissectors must include use stuff from
|
||||
<glib.h>.
|
||||
|
||||
Don't fetch a little-endian value using "tvb_get_ntohs() or
|
||||
"tvb_get_ntohl()" and then using "g_ntohs()", "g_htons()", "g_ntohl()",
|
||||
or "g_htonl()" on the resulting value - the g_ routines in question
|
||||
convert between network byte order (big-endian) and *host* byte order,
|
||||
not *little-endian* byte order; not all machines on which Ethereal runs
|
||||
not *little-endian* byte order; not all machines on which Wireshark runs
|
||||
are little-endian, even though PC's are. Fetch those values using
|
||||
"tvb_get_letohs()" and "tvb_get_letohl()".
|
||||
|
||||
|
@ -280,7 +280,7 @@ snprintf() is not available on all platforms, so it's a good idea to use the
|
|||
g_snprintf() function declared by <glib.h> instead.
|
||||
|
||||
tmpnam() -> mkstemp()
|
||||
tmpnam is insecure and should not be used any more. Ethereal brings its
|
||||
tmpnam is insecure and should not be used any more. Wireshark brings its
|
||||
own mkstemp implementation for use on platforms that lack mkstemp.
|
||||
Note: mkstemp does not accept NULL as a parameter.
|
||||
|
||||
|
@ -295,7 +295,7 @@ cause a trap, which will, at best, result in the OS slowly performing an
|
|||
unaligned access for you, and will, on at least some platforms, cause
|
||||
the program to be terminated.
|
||||
|
||||
Ethereal supports both platforms with GLib 1.2[.x]/GTK+ 1.2[.x] and GLib
|
||||
Wireshark supports both platforms with GLib 1.2[.x]/GTK+ 1.2[.x] and GLib
|
||||
2.x/GTK+ 1.3[.x] and 2.x. If at all possible, either use only
|
||||
mechanisms that are present in GLib 1.2[.x] and GTK+ 1.2[.x], use #if's
|
||||
to conditionally use older or newer mechanisms depending on the platform
|
||||
|
@ -406,7 +406,7 @@ the chunk of memory is derived from a size field in the packet, make
|
|||
sure all the data is present in the packet before allocating the buffer.
|
||||
Doing so means that
|
||||
|
||||
1) Ethereal won't leak that chunk of memory if an attempt to
|
||||
1) Wireshark won't leak that chunk of memory if an attempt to
|
||||
fetch data not present in the packet throws an exception
|
||||
|
||||
and
|
||||
|
@ -426,7 +426,7 @@ from the buffer, and the string has a specified size, you can use
|
|||
string is present before allocating a buffer for the string, and will also
|
||||
put a trailing '\0' at the end of the buffer. The resulting string will be
|
||||
a sequence of single-byte characters; the only Unicode characters that
|
||||
will be handled correctly are those in the ASCII range. (Ethereal's
|
||||
will be handled correctly are those in the ASCII range. (Wireshark's
|
||||
ability to handle non-ASCII strings is limited; it needs to be
|
||||
improved.)
|
||||
|
||||
|
@ -447,7 +447,7 @@ buffer are fetched ("the protocol ensures" isn't good enough, as
|
|||
protocol specifications can't ensure only packets that conform to the
|
||||
specification will be transmitted or that only packets for the protocol
|
||||
in question will be interpreted as packets for that protocol by
|
||||
Ethereal). If there's no maximum length of string data to be fetched,
|
||||
Wireshark). If there's no maximum length of string data to be fetched,
|
||||
routines such as "tvb_get_*_string()" are safer, as they allocate a buffer
|
||||
large enough to hold the string. (Note that some variants of this call
|
||||
require you to free the string once you're finished with it.)
|
||||
|
@ -496,8 +496,8 @@ much better to use the g_snprintf() function declared by <glib.h> instead.
|
|||
|
||||
You should test your dissector against incorrectly-formed packets. This
|
||||
can be done using the randpkt and editcap utilities that come with the
|
||||
Ethereal distribution. Testing using randpkt can be done by generating
|
||||
output at the same layer as your protocol, and forcing Ethereal/TShark
|
||||
Wireshark distribution. Testing using randpkt can be done by generating
|
||||
output at the same layer as your protocol, and forcing Wireshark/TShark
|
||||
to decode it as your protocol, e.g. if your protocol sits on top of UDP:
|
||||
|
||||
randpkt -c 50000 -t dns randpkt.pcap
|
||||
|
@ -511,7 +511,7 @@ Testing using editcap can be done using preexisting capture files and the
|
|||
|
||||
1.1.4 Name convention.
|
||||
|
||||
Ethereal uses the underscore_convention rather than the InterCapConvention for
|
||||
Wireshark uses the underscore_convention rather than the InterCapConvention for
|
||||
function names, so new code should probably use underscores rather than
|
||||
intercaps for functions and variable names. This is especially important if you
|
||||
are writing code that will be called from outside your code. We are just
|
||||
|
@ -533,7 +533,7 @@ existing file.
|
|||
|
||||
1.2 Skeleton code.
|
||||
|
||||
Ethereal requires certain things when setting up a protocol dissector.
|
||||
Wireshark requires certain things when setting up a protocol dissector.
|
||||
Below is skeleton code for a dissector that you can copy to a file and
|
||||
fill in. Your dissector should follow the naming convention of packet-
|
||||
followed by the abbreviated name for the protocol. It is recommended
|
||||
|
@ -692,14 +692,14 @@ dissect_PROTOABBREV(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
In this mode, Wireshark is only interested in the way protocols
|
||||
interact, protocol conversations are created, packets are reassembled
|
||||
and handed over to higher-level protocol dissectors.
|
||||
In this mode Ethereal does not build a so-called "protocol tree".
|
||||
In this mode Wireshark does not build a so-called "protocol tree".
|
||||
|
||||
(b) Detailed dissection
|
||||
|
||||
In this mode, Wireshark is also interested in all details of a given
|
||||
protocol, so a "protocol tree" is created.
|
||||
|
||||
Ethereal distinguishes between the 2 modes with the proto_tree pointer:
|
||||
Wireshark distinguishes between the 2 modes with the proto_tree pointer:
|
||||
(a) <=> tree == NULL
|
||||
(b) <=> tree != NULL
|
||||
|
||||
|
@ -751,7 +751,7 @@ dissect_PROTOABBREV(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
}
|
||||
|
||||
|
||||
/* Register the protocol with Ethereal */
|
||||
/* Register the protocol with Wireshark */
|
||||
|
||||
/* this format is require because a script is used to build the C function
|
||||
that calls all the protocol registration.
|
||||
|
@ -1227,7 +1227,7 @@ registration of protocols and fields at run-time, loadable modules of
|
|||
protocol dissectors (perhaps even user-supplied) is feasible.
|
||||
|
||||
To do this, each protocol should have a register routine, which will be
|
||||
called when Ethereal starts. The code to call the register routines is
|
||||
called when Wireshark starts. The code to call the register routines is
|
||||
generated automatically; to arrange that a protocol's register routine
|
||||
be called at startup:
|
||||
|
||||
|
@ -1463,7 +1463,7 @@ field would be set to NULL.
|
|||
FT_BOOLEANS have a default map of 0 = "False", 1 (or anything else) = "True".
|
||||
Sometimes it is useful to change the labels for boolean values (e.g.,
|
||||
to "Yes"/"No", "Fast"/"Slow", etc.). For these mappings, a struct called
|
||||
true_false_string is used. (This struct is new as of Ethereal 0.7.6).
|
||||
true_false_string is used. (This struct is new as of Wireshark 0.7.6).
|
||||
|
||||
typedef struct true_false_string {
|
||||
char *true_string;
|
||||
|
@ -1546,7 +1546,7 @@ Also be sure to use the handy array_length() macro found in packet.h
|
|||
to have the compiler compute the array length for you at compile time.
|
||||
|
||||
If you don't have any fields to register, do *NOT* create a zero-length
|
||||
"hf" array; not all compilers used to compile Ethereal support them.
|
||||
"hf" array; not all compilers used to compile Wireshark support them.
|
||||
Just omit the "hf" array, and the "proto_register_field_array()" call,
|
||||
entirely.
|
||||
|
||||
|
@ -1918,7 +1918,7 @@ The final implication of this is that display filters work the way you'd
|
|||
naturally expect them to. You'd type "sna.th.fid == 0xf" to find Adjacent
|
||||
Subarea Nodes. The user does not have to shift the value of the FID to
|
||||
the high nibble of the byte ("sna.th.fid == 0xf0") as was necessary
|
||||
before Ethereal 0.7.6.
|
||||
before Wireshark 0.7.6.
|
||||
|
||||
proto_tree_add_item_hidden()
|
||||
----------------------------
|
||||
|
@ -2146,9 +2146,9 @@ proto_tree_add_text()
|
|||
proto_tree_add_text() is used to add a label to the GUI tree. It will
|
||||
contain no value, so it is not searchable in the display filter process.
|
||||
This function was needed in the transition from the old-style proto_tree
|
||||
to this new-style proto_tree so that Ethereal would still decode all
|
||||
to this new-style proto_tree so that Wireshark would still decode all
|
||||
protocols w/o being able to filter on all protocols and fields.
|
||||
Otherwise we would have had to cripple Ethereal's functionality while we
|
||||
Otherwise we would have had to cripple Wireshark's functionality while we
|
||||
converted all the old-style proto_tree calls to the new-style proto_tree
|
||||
calls.
|
||||
|
||||
|
@ -2306,7 +2306,7 @@ dissect_ipx(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
|
||||
1.9 Editing Makefile.common to add your dissector.
|
||||
|
||||
To arrange that your dissector will be built as part of Ethereal, you
|
||||
To arrange that your dissector will be built as part of Wireshark, you
|
||||
must add the name of the source file for your dissector to the
|
||||
'DISSECTOR_SRC' macro in the 'Makefile.common' file in the 'epan/dissectors'
|
||||
directory. (Note that this is for modern versions of UNIX, so there
|
||||
|
@ -2321,31 +2321,31 @@ compile).
|
|||
|
||||
1.10 Using the SVN source code tree.
|
||||
|
||||
See <http://www.ethereal.com/development.html#source>
|
||||
See <http://www.wireshark.org/development.html#source>
|
||||
|
||||
1.11 Submitting code for your new dissector.
|
||||
|
||||
- TEST YOUR DISSECTOR BEFORE SUBMITTING IT.
|
||||
Use fuzz-test.sh and/or randpkt against your dissector. These are
|
||||
described at <http://wiki.ethereal.com/FuzzTesting>.
|
||||
described at <http://wiki.wireshark.org/FuzzTesting>.
|
||||
|
||||
- Subscribe to <mailto:ethereal-dev@ethereal.com> by sending an email to
|
||||
<mailto:ethereal-dev-request@ethereal.com?body="help"> or visiting
|
||||
<http://www.ethereal.com/lists/>.
|
||||
- Subscribe to <mailto:wireshark-dev@wireshark.org> by sending an email to
|
||||
<mailto:wireshark-dev-request@wireshark.org?body="help"> or visiting
|
||||
<http://www.wireshark.org/lists/>.
|
||||
|
||||
- 'svn add' all the files of your new dissector.
|
||||
|
||||
- 'svn diff' the workspace and save the result to a file.
|
||||
|
||||
- Send the diff file along with a note requesting it's inclusion to
|
||||
<mailto:ethereal-dev@ethereal.com>. You can also use this procedure for
|
||||
providing patches to your dissector or any other part of ethereal.
|
||||
<mailto:wireshark-dev@wireshark.org>. You can also use this procedure for
|
||||
providing patches to your dissector or any other part of wireshark.
|
||||
|
||||
- If possible, add sample capture files to the sample captures page at
|
||||
<http://wiki.ethereal.com/SampleCaptures>. These files are used by
|
||||
<http://wiki.wireshark.org/SampleCaptures>. These files are used by
|
||||
the automated build system for fuzz testing.
|
||||
|
||||
- If you find that you are contributing a lot to ethereal on an ongoing
|
||||
- If you find that you are contributing a lot to wireshark on an ongoing
|
||||
basis you can request to become a committer which will allow you to
|
||||
commit files to subversion directly.
|
||||
|
||||
|
@ -2355,7 +2355,7 @@ compile).
|
|||
|
||||
2.2 Following "conversations".
|
||||
|
||||
In ethereal a conversation is defined as a series of data packet between two
|
||||
In wireshark a conversation is defined as a series of data packet between two
|
||||
address:port combinations. A conversation is not sensitive to the direction of
|
||||
the packet. The same conversation will be returned for a packet bound from
|
||||
ServerA:1000 to ClientA:2000 and the packet from ClientA:2000 to ServerA:1000.
|
||||
|
@ -2811,8 +2811,8 @@ conversation already exists or not and if it exists we also check whether the
|
|||
registered dissector_handle for that conversation is "our" dissector or not.
|
||||
If not we create a new conversation ontop of the previous one and set this new
|
||||
conversation to use our protocol.
|
||||
Since ethereal keeps track of the frame number where a conversation started
|
||||
ethereal will still be able to keep the packets apart eventhough they do use
|
||||
Since wireshark keeps track of the frame number where a conversation started
|
||||
wireshark will still be able to keep the packets apart eventhough they do use
|
||||
the same socketpair.
|
||||
(See packet-tftp.c and packet-snmp.c for examples of this)
|
||||
|
||||
|
@ -3064,9 +3064,9 @@ how many bytes it will need to read in order to determine the size of a PDU.
|
|||
For this mode it is reccommended that your dissector be the newer dissector
|
||||
type which returns "int" rather than the older type which returned "void".
|
||||
|
||||
This reassembly mode relies on Ethereal's mechanism for processing multiple PDUs
|
||||
This reassembly mode relies on Wireshark's mechanism for processing multiple PDUs
|
||||
per frame. When a dissector processes a PDU from a tvbuff the PDU may not be
|
||||
aligned to a frame of the underlying protocol. Ethereal allows dissectors to
|
||||
aligned to a frame of the underlying protocol. Wireshark allows dissectors to
|
||||
process PDUs in an idempotent way--dissectors only need to consider one PDU at a
|
||||
time. If your dissector discovers that it can not process a complete PDU from
|
||||
the current tvbuff the dissector should halt processing and request additional
|
||||
|
|
|
@ -9,7 +9,7 @@ What is it ?
|
|||
As you have probably guessed from the name, "idl2wrs" takes a
|
||||
user specified IDL file and attempts to build a dissector that
|
||||
can decode the IDL traffic over GIOP. The resulting file is
|
||||
"C" code, that should compile okay as an ethereal dissector.
|
||||
"C" code, that should compile okay as an wireshark dissector.
|
||||
|
||||
idl2wrs basically parses the data struct given to it by
|
||||
the omniidl compiler, and using the GIOP API available in packet-giop.[ch],
|
||||
|
@ -18,8 +18,8 @@ generates get_CDR_xxx calls to decode the CORBA traffic on the wire.
|
|||
It consists of 4 main files.
|
||||
|
||||
README.idl2wrs - This document
|
||||
ethereal_be.py - The main compiler backend
|
||||
ethereal_gen.py - A helper class, that generates the C code.
|
||||
wireshark_be.py - The main compiler backend
|
||||
wireshark_gen.py - A helper class, that generates the C code.
|
||||
idl2wrs - A simple shell script wrapper that the end user should
|
||||
use to generate the dissector from the IDL file(s).
|
||||
|
||||
|
@ -37,13 +37,13 @@ a CORBA class when teaching students how CORBA traffic looks like
|
|||
"on the wire".
|
||||
|
||||
It is also COOL to work on a great Open Source project such as
|
||||
the case with "Ethereal" (http://www.ethereal.com)
|
||||
the case with "Wireshark" (http://www.wireshark.org)
|
||||
|
||||
|
||||
How to use idl2wrs
|
||||
==================
|
||||
|
||||
To use the idl2wrs to generate ethereal dissectors, you
|
||||
To use the idl2wrs to generate wireshark dissectors, you
|
||||
need the following.
|
||||
|
||||
|
||||
|
@ -53,9 +53,9 @@ need the following.
|
|||
2. omniidl from the the omniORB package must be available.
|
||||
http://omniorb.sourceforge.net/
|
||||
|
||||
3 Of course you need ethereal installed to compile the
|
||||
3 Of course you need wireshark installed to compile the
|
||||
code an tweak it if required. idl2wrs is part of the
|
||||
standard Ethereal distribution
|
||||
standard Wireshark distribution
|
||||
|
||||
|
||||
Procedure
|
||||
|
@ -81,23 +81,23 @@ steps 3 or 4 instead.
|
|||
|
||||
3. To write the C code to stdout.
|
||||
|
||||
Usage: omniidl -p ./ -b ethereal_be <your file.idl>
|
||||
Usage: omniidl -p ./ -b wireshark_be <your file.idl>
|
||||
|
||||
eg: omniidl -p ./ -b ethereal_be echo.idl
|
||||
eg: omniidl -p ./ -b wireshark_be echo.idl
|
||||
|
||||
|
||||
4. To write to a file, just redirect the output.
|
||||
|
||||
omniidl -p ./ -b ethereal_be echo.idl > packet-test-idl.c
|
||||
omniidl -p ./ -b wireshark_be echo.idl > packet-test-idl.c
|
||||
|
||||
You may wish to comment out the register_giop_user_module() code
|
||||
and that will leave you with heuristic dissection.
|
||||
|
||||
|
||||
5. Copy the resulting C code to your ethereal src directory, edit the 2 make files
|
||||
5. Copy the resulting C code to your wireshark src directory, edit the 2 make files
|
||||
to include the packet-test-idl.c
|
||||
|
||||
cp packet-test-idl.c /dir/where/ethereal/lives/
|
||||
cp packet-test-idl.c /dir/where/wireshark/lives/
|
||||
edit Makefile.am
|
||||
edit Makefile.nmake
|
||||
|
||||
|
@ -130,8 +130,8 @@ See TODO list inside packet-giop.c
|
|||
Notes
|
||||
=====
|
||||
|
||||
1. The "-p ./" option passed to omniidl indicates that the ethereal_be.py
|
||||
and ethereal_gen.py are residing in the current directory. This may need
|
||||
1. The "-p ./" option passed to omniidl indicates that the wireshark_be.py
|
||||
and wireshark_gen.py are residing in the current directory. This may need
|
||||
tweaking if you place these files somewhere else.
|
||||
|
||||
2. If it complains about being unable to find some modules (eg tempfile.py),
|
||||
|
|
|
@ -3,7 +3,7 @@ $Id$
|
|||
1. Introduction
|
||||
|
||||
In order to make memory management easier and to reduce the probability of
|
||||
memory leaks ethereal provides its own memory management API. This API is
|
||||
memory leaks wireshark provides its own memory management API. This API is
|
||||
implemented inside epan/emem.c and provides memory allocation functions
|
||||
where the allocated memory is automatically freed at certain points.
|
||||
|
||||
|
@ -32,7 +32,7 @@ where the data is to still be available in some later packet.
|
|||
|
||||
The seasonal functions allocate memory that will stay around a lot longer
|
||||
but will be automatically freed once the current capture is closed and
|
||||
Ethereal opens a new capture (either by reading a new capture file or by
|
||||
Wireshark opens a new capture (either by reading a new capture file or by
|
||||
starting a new capture on some interface). These functions are useful for
|
||||
allocations with longer scope for example if you need some buffers or data to
|
||||
keep state between packets.
|
||||
|
|
|
@ -1,32 +1,31 @@
|
|||
Here's a brief list of information that might be useful to anyone
|
||||
distributing a software package containing Ethereal:
|
||||
distributing a software package containing Wireshark:
|
||||
|
||||
1. The canonical location for every Ethereal source release is
|
||||
1. The canonical location for every Wireshark source release is
|
||||
|
||||
http://www.ethereal.com/distribution/all-versions/, e.g.
|
||||
http://www.wireshark.org/download/all-versions/, e.g.
|
||||
|
||||
http://www.ethereal.com/distribution/all-versions/ethereal-0.55.71.tar.bz2
|
||||
http://www.wireshark.org/download/all-versions/wireshark-0.55.71.tar.bz2
|
||||
|
||||
If your packaging system downloads a copy of the Wireshark sources,
|
||||
use this location.
|
||||
|
||||
2. The Wireshark web site URL is http://www.ethereal.com/ .
|
||||
2. The Wireshark web site URL is http://www.wireshark.org/ .
|
||||
|
||||
3. Wireshark is released under the GNU General Public License. Make sure
|
||||
your package complies with this license, or we send in the marmots.
|
||||
|
||||
4. Ethereal and the "e" logo are registered trademarks of Ethereal, Inc.
|
||||
4. Wireshark and the "e" logo are registered trademarks of Wireshark, Inc.
|
||||
|
||||
5. Custom version information can be added by creating a file called
|
||||
"version.conf". See make-version.pl for details. We recommend that
|
||||
you use this to differentiate your package from official Ethereal
|
||||
you use this to differentiate your package from official Wireshark
|
||||
releases.
|
||||
|
||||
6. Ethereal icons can be found in the "image" directory of the Wireshark
|
||||
sources. Larger versions of the logo can be found at
|
||||
http://www.ethereal.com/~gerald/ethereal_logo/povray/ .
|
||||
6. Wireshark icons and logoscan be found in the "image" directory of the
|
||||
Wireshark sources.
|
||||
|
||||
If you have a question not addressed here, send it to
|
||||
ethereal-dev@ethereal.com.
|
||||
wireshark-dev@wireshark.org.
|
||||
|
||||
$Id$
|
||||
|
|
|
@ -7,7 +7,7 @@ standard one. In fact all of the functions described in
|
|||
README.developer can be used in the plugins exactly as the are used in
|
||||
standard dissectors.
|
||||
|
||||
(Note, however, that not all OSes on which Ethereal runs can support
|
||||
(Note, however, that not all OSes on which Wireshark runs can support
|
||||
plugins.)
|
||||
|
||||
If you've chosen "xxx" as the name of your plugin (typically, that would
|
||||
|
@ -68,7 +68,7 @@ information for the plugin. An example follows:
|
|||
/* Version number of package */
|
||||
#define VERSION "0.0.8"
|
||||
|
||||
3. Changes to existing Ethereal files
|
||||
3. Changes to existing Wireshark files
|
||||
|
||||
You will also need to change the plugins/Makefile.am toplevel
|
||||
Makefile.am, the plugins/Makefile.nmake toplevel Makefile.nmake, the
|
||||
|
@ -175,7 +175,7 @@ AC_OUTPUT(
|
|||
packaging/Makefile
|
||||
packaging/nsis/Makefile
|
||||
packaging/rpm/Makefile
|
||||
packaging/rpm/ethereal.spec
|
||||
packaging/rpm/wireshark.spec
|
||||
packaging/svr4/Makefile
|
||||
packaging/svr4/checkinstall
|
||||
packaging/svr4/pkginfo
|
||||
|
@ -194,13 +194,13 @@ Plugins make some aspects of development easier and some harder.
|
|||
|
||||
The good news is that if you are working on a single plugin
|
||||
then you will find recompiling the plugin MUCH faster than
|
||||
recompiling a dissector and then linking it back into ethereal.
|
||||
recompiling a dissector and then linking it back into wireshark.
|
||||
|
||||
The bad news is that wireshark will not use the plugin unless the
|
||||
plugin is installed in one of the places it expects to look.
|
||||
|
||||
One way to deal with this problem is to set up a working root for
|
||||
ethereal, say in $HOME/build/root and build ethereal to install
|
||||
wireshark, say in $HOME/build/root and build wireshark to install
|
||||
there
|
||||
|
||||
./configure --prefix=${HOME}/build/root;make install
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
#
|
||||
# Ethereal/TShark Regression Testing
|
||||
# Wireshark/TShark Regression Testing
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
# This is a sample Makefile for regression testing of the
|
||||
# Ethereal engine. These tests use that uses 'tshark -V' to analyze all
|
||||
# Wireshark engine. These tests use that uses 'tshark -V' to analyze all
|
||||
# the frames of a capture file.
|
||||
#
|
||||
# You should probably rename this file as 'Makefile' in a separate directory
|
||||
|
@ -33,7 +33,7 @@
|
|||
# 'make accept' Accept current tests; make them the reference test results
|
||||
# 'make clean' Cleans any tests (but not references!)
|
||||
|
||||
TSHARK=/home/gram/prj/ethereal/debug/linux-ix86/tshark
|
||||
TSHARK=/home/gram/prj/wireshark/debug/linux-ix86/tshark
|
||||
|
||||
CAPTURE_DIR=/home/gram/prj/sniff
|
||||
|
||||
|
|
|
@ -4,9 +4,9 @@ tapping with stats_tree
|
|||
Let's suppose that you want to write a tap only to keep counters, and you
|
||||
don't want to get involved with GUI programming or maybe you'd like to make
|
||||
it a plugin. A stats_tree might be the way to go. The stats_tree module takes
|
||||
care of the representation (GUI for ethereal and text for tshark) of the
|
||||
care of the representation (GUI for wireshark and text for tshark) of the
|
||||
tap data. So there's very little code to write to make a tap listener usable
|
||||
from both ethereal and tshark.
|
||||
from both wireshark and tshark.
|
||||
|
||||
First, you should add the TAP to the dissector in question as described in
|
||||
README.tapping .
|
||||
|
@ -31,7 +31,7 @@ Other than that the stats_tree should be registered.
|
|||
|
||||
If you want to make it a plugin, stats_tree_register() should be called by
|
||||
plugin_register_tap_listener() read README.plugin for other information
|
||||
regarding ethereal plugins.
|
||||
regarding wireshark plugins.
|
||||
|
||||
If you want it as part of the dissector stats_tree_register() can be called
|
||||
either by proto_register_xxx() or if you prefer by proto_reg_handoff_xxx().
|
||||
|
|
|
@ -2,12 +2,12 @@ $Id$
|
|||
|
||||
The TAP system in wireshark is a powerful and flexible mechanism to get event
|
||||
driven notification on packets matching certain protocols and/or filters.
|
||||
In order to use the tapping system, very little knowledge of ethereal
|
||||
In order to use the tapping system, very little knowledge of wireshark
|
||||
internals are required.
|
||||
|
||||
As examples on how to use the tap system see the implementation of
|
||||
tap-rpcstat.c (tshark version)
|
||||
gtk/gtk-rpcstat.c (gtk-ethereal version)
|
||||
gtk/gtk-rpcstat.c (gtk-wireshark version)
|
||||
|
||||
If all you need is to keep some counters, there's the stats_tree API,
|
||||
which offers a simple way to make a GUI and tshark tap-listener; see
|
||||
|
@ -100,13 +100,13 @@ matched the filter to your listener.
|
|||
The syntax for the filter string is identical to normal display filters.
|
||||
|
||||
NOTE: Specifying filter strings will have a significant performance impact
|
||||
on your application and ethereal. If possible it is MUCH better to take
|
||||
on your application and wireshark. If possible it is MUCH better to take
|
||||
unfiltered data and just filter it yourself in the packet-callback than
|
||||
to specify a filter string.
|
||||
ONLY use a filter string if no other option exist.
|
||||
|
||||
void (*reset)(void *tapdata)
|
||||
This callback is called whenever ethereal wants to inform your
|
||||
This callback is called whenever wireshark wants to inform your
|
||||
listener that it is about to start [re]reading a capture file or a new capture
|
||||
from an interface and that your application should reset any state it has
|
||||
in the *tapdata instance.
|
||||
|
@ -125,10 +125,10 @@ or GUI updates down in (*draw) instead.
|
|||
|
||||
|
||||
void (*draw)(void *tapdata)
|
||||
This callback is used when ethereal wants your application to redraw its
|
||||
This callback is used when wireshark wants your application to redraw its
|
||||
output. It will usually not be called unless your application has received
|
||||
new data through the (*packet) callback.
|
||||
On some ports of ethereal (gtk2) (*draw) will be called asynchronously
|
||||
On some ports of wireshark (gtk2) (*draw) will be called asynchronously
|
||||
from a separate thread up to once every 2-3 seconds.
|
||||
On other ports it might only be called once when the capture is finished
|
||||
or the file has been [re]read completely.
|
||||
|
@ -140,14 +140,14 @@ So, create three callbacks:
|
|||
2, packet to update these state variables.
|
||||
3, draw to take these state variables and draw them on the screen.
|
||||
|
||||
then just make ethereal call register_tap_listener() when you want to tap
|
||||
then just make wireshark call register_tap_listener() when you want to tap
|
||||
and call remove_tap_listener() when you are finished.
|
||||
|
||||
|
||||
WHEN DO TAP LISTENERS GET CALLED?
|
||||
===================================
|
||||
Tap listeners are only called when ethereal reads a new capture for
|
||||
the first time or whenever ethereal needs to rescan/redissect
|
||||
Tap listeners are only called when wireshark reads a new capture for
|
||||
the first time or whenever wireshark needs to rescan/redissect
|
||||
the capture.
|
||||
Redissection occurs when you apply a new display filter or if you
|
||||
change and Save/Apply a preference setting that might affect how
|
||||
|
@ -158,7 +158,7 @@ to receive tap data during the dissection of the frame will be called in
|
|||
sequence.
|
||||
The order of which the tap listeners will be called is not defined.
|
||||
Not until all tap listeners for the frame has been called and returned
|
||||
will ethereal continue to dissect the next packet.
|
||||
will wireshark continue to dissect the next packet.
|
||||
This is why it is important to make the *_packet() callbacks execute as
|
||||
quickly as possible, else we create an extra delay until the next packet
|
||||
is dissected.
|
||||
|
@ -204,7 +204,7 @@ Well, try this :
|
|||
register_tap_listener("tcp", struct, "tcp.port==57", NULL, packet, NULL);
|
||||
|
||||
Let struct contain an email address?
|
||||
Then you have something simple that will make ethereal send an email
|
||||
Then you have something simple that will make wireshark send an email
|
||||
out automagically for each and every time it dissects
|
||||
a packet containing TCP traffic to port 57.
|
||||
Please put in some rate limitation if you do this.
|
||||
|
|
|
@ -4,7 +4,7 @@ $Id$
|
|||
Copyright (c) 2003 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
||||
|
||||
Ethereal has the ability to export its protocol dissection in an
|
||||
Wireshark has the ability to export its protocol dissection in an
|
||||
XML format, tshark has similar functionality by using the "-Tpdml"
|
||||
option.
|
||||
|
||||
|
@ -17,7 +17,7 @@ http://analyzer.polito.it/30alpha/docs/dissectors/PDMLSpec.htm
|
|||
A related XML format, the Packet Summary Markup Language (PSML), is
|
||||
also defined by the Analyzer group to provide packet summary information.
|
||||
The PSML format is not documented in a publicly-available HTML document,
|
||||
but its format is simple. Ethereal can export this format too. Some day it
|
||||
but its format is simple. Wireshark can export this format too. Some day it
|
||||
may be added to tshark so that "-Tpsml" would produce PSML.
|
||||
|
||||
One wonders if the "-T" option should read "-Txml" instead of "-Tpdml"
|
||||
|
@ -31,7 +31,7 @@ The PDML that wireshark produces is known not to be loadable into Analyzer.
|
|||
It causes Analyzer to crash. As such, the PDML that wireshark produces
|
||||
is be labled with a version number of "0", which means that the PDML does
|
||||
not fully follow the PDML spec. Furthemore, a creator attribute in the
|
||||
"<pdml>" tag gives the version number of [t]ethereal that produced the PDML.
|
||||
"<pdml>" tag gives the version number of wireshark/tshark that produced the PDML.
|
||||
In that way, as the PDML produced by wireshark matures, but still does not
|
||||
meet the PDML spec, scripts can make intelligent decisions about how to
|
||||
best parse the PDML, based on the "creator" attribute.
|
||||
|
@ -43,17 +43,17 @@ A protocol might contain one or more fields, denoted by the "<field>" tag.
|
|||
|
||||
A pseudo-protocol named "geninfo" is produced, as is required by the PDML
|
||||
spec, and exported as the first protocol after the opening "<packet>" tag.
|
||||
Its information comes from ethereal's "frame" protocol, which servers
|
||||
Its information comes from wireshark's "frame" protocol, which servers
|
||||
the similar purpose of storing packet meta-data. Both "geninfo" and
|
||||
"frame" protocols are provided in the PDML output.
|
||||
|
||||
The "<pdml>" tag
|
||||
================
|
||||
Example:
|
||||
<pdml version="0" creator="ethereal/0.9.17">
|
||||
<pdml version="0" creator="wireshark/0.9.17">
|
||||
|
||||
The creator is "ethereal" (i.e., the "ethereal" engine. It will always say
|
||||
"ethereal", not "tshark") version 0.9.17.
|
||||
The creator is "wireshark" (i.e., the "wireshark" engine. It will always say
|
||||
"wireshark", not "tshark") version 0.9.17.
|
||||
|
||||
|
||||
The "<proto>" tag
|
||||
|
@ -135,7 +135,7 @@ In PDML, the "Data" protocol would become another field under HTTP:
|
|||
|
||||
|
||||
|
||||
tools/EtherealXML.py
|
||||
tools/WiresharkXML.py
|
||||
====================
|
||||
This is a python module which provides some infrastructor for
|
||||
Python developers who wish to parse PDML. It is designed to read
|
||||
|
@ -146,20 +146,20 @@ The python user should import the module, define a callback function
|
|||
which accepts one argument, and call the parse_fh function:
|
||||
|
||||
------------------------------------------------------------
|
||||
import EtherealXML
|
||||
import WiresharkXML
|
||||
|
||||
def my_callback(packet):
|
||||
# do something
|
||||
|
||||
fh = open(xml_filename)
|
||||
EtherealXML.parse_fh(fh, my_callback)
|
||||
WiresharkXML.parse_fh(fh, my_callback)
|
||||
|
||||
# Now that the script has the packet data, do someting.
|
||||
------------------------------------------------------------
|
||||
|
||||
The object that is passed to the callback function is an
|
||||
EtherealXML.Packet object, which corresponds to a single packet.
|
||||
EtherealXML Provides 3 classes, each of which corresponds to a PDML tag:
|
||||
WiresharkXML.Packet object, which corresponds to a single packet.
|
||||
WiresharkXML Provides 3 classes, each of which corresponds to a PDML tag:
|
||||
|
||||
Packet - "<packet>" tag
|
||||
Protocol - "<proto>" tag
|
||||
|
@ -196,7 +196,7 @@ the PDML output of tshark, pass a read filter with "-R" to tshark to
|
|||
try to reduce as much as possible the number of packets coming out of tshark.
|
||||
The less your script has to process, the faster it will be.
|
||||
|
||||
'tools/msnchat' is a sample Python program that uses EtherealXML to parse PDML.
|
||||
'tools/msnchat' is a sample Python program that uses WiresharkXML to parse PDML.
|
||||
Given one or more capture files, it runs tshark on each of them, providing
|
||||
a read filter to reduce tshark's output. It finds MSN Chat conversations
|
||||
in the capture file and produces nice HTML showing the conversations. It has
|
||||
|
|
|
@ -30,11 +30,11 @@ corresponding to the statistic. If no flags are specified, B<Capinfos>
|
|||
will report all statistics available.
|
||||
|
||||
B<Capinfos> is able to detect and read the same capture files that are
|
||||
supported by B<Ethereal>.
|
||||
supported by B<Wireshark>.
|
||||
The input files don't need a specific filename extension, the file
|
||||
format and an optional gzip compression will be automatically detected.
|
||||
The I<capture file format> section of I<ethereal(1)> or
|
||||
I<http://www.ethereal.com/docs/man-pages/ethereal.1.html>
|
||||
The I<capture file format> section of I<wireshark(1)> or
|
||||
I<http://www.wireshark.org/docs/man-pages/wireshark.1.html>
|
||||
provides a detailed description.
|
||||
|
||||
=head1 OPTIONS
|
||||
|
@ -106,15 +106,15 @@ Prints the help listing and exits.
|
|||
|
||||
=head1 SEE ALSO
|
||||
|
||||
I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)>, I<editcap(1)>, I<tshark(1)>
|
||||
I<tcpdump(8)>, I<pcap(3)>, I<wireshark(1)>, I<mergecap(1)>, I<editcap(1)>, I<tshark(1)>
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
B<Capinfos> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
B<Capinfos> is part of the B<Wireshark> distribution. The latest version
|
||||
of B<Wireshark> can be found at B<http://www.wireshark.org>.
|
||||
|
||||
HTML versions of the Wireshark project man pages are available at:
|
||||
http://www.ethereal.com/docs/man-pages
|
||||
http://www.wireshark.org/docs/man-pages
|
||||
|
||||
=head1 AUTHORS
|
||||
|
||||
|
@ -125,4 +125,4 @@ http://www.ethereal.com/docs/man-pages
|
|||
|
||||
Contributors
|
||||
------------
|
||||
Gerald Combs <gerald[AT]ethereal.com>
|
||||
Gerald Combs <gerald[AT]wireshark.org>
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
#!/usr/bin/perl
|
||||
#
|
||||
# Reads the display filter keyword dump produced by 'ethereal -G' and
|
||||
# Reads the display filter keyword dump produced by 'wireshark -G' and
|
||||
# formats it for a pod document. The pod document is then used to
|
||||
# make a manpage
|
||||
#
|
||||
# STDIN is the ethereal glossary
|
||||
# STDIN is the wireshark glossary
|
||||
# arg1 is the pod template file. The =insert_dfilter_table token
|
||||
# will be replaced by the pod-formatted glossary
|
||||
# STDOUT is the output
|
||||
|
|
|
@ -26,7 +26,7 @@ S<[ B<-y> E<lt>capture link typeE<gt> ]>
|
|||
B<Dumpcap> is a network traffic dump tool. It lets you capture packet
|
||||
data from a live network and write the packets to a file. B<Dumpcap>'s
|
||||
native capture file format is B<libpcap> format, which is also the format
|
||||
used by B<Ethereal>, B<tcpdump> and various other tools.
|
||||
used by B<Wireshark>, B<tcpdump> and various other tools.
|
||||
|
||||
Without any options set it will
|
||||
use the pcap library to capture traffic from the first available network
|
||||
|
@ -198,18 +198,18 @@ See the manual page of I<tcpdump(8)>.
|
|||
|
||||
=head1 SEE ALSO
|
||||
|
||||
I<ethereal(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
|
||||
I<wireshark(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
B<Dumpcap> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
B<Dumpcap> is part of the B<Wireshark> distribution. The latest version
|
||||
of B<Wireshark> can be found at B<http://www.wireshark.org>.
|
||||
|
||||
HTML versions of the Wireshark project man pages are available at:
|
||||
http://www.ethereal.com/docs/man-pages
|
||||
http://www.wireshark.org/docs/man-pages
|
||||
|
||||
=head1 AUTHORS
|
||||
|
||||
B<Dumpcap> is derived from the B<Ethereal> capturing engine code;
|
||||
B<Dumpcap> is derived from the B<Wireshark> capturing engine code;
|
||||
see the list of
|
||||
authors in the B<Ethereal> man page for a list of authors of that code.
|
||||
authors in the B<Wireshark> man page for a list of authors of that code.
|
||||
|
|
|
@ -40,11 +40,11 @@ If the B<-r> flag is specified, the whole packet selection is reversed;
|
|||
in that case I<only> the selected packets will be written to the capture file.
|
||||
|
||||
B<Editcap> is able to detect, read and write the same capture files that
|
||||
are supported by B<Ethereal>.
|
||||
are supported by B<Wireshark>.
|
||||
The input file doesn't need a specific filename extension, the file
|
||||
format and an optional gzip compression will be automatically detected.
|
||||
The I<capture file format> section of I<ethereal(1)> or
|
||||
I<http://www.ethereal.com/docs/man-pages/ethereal.1.html>
|
||||
The I<capture file format> section of I<wireshark(1)> or
|
||||
I<http://www.wireshark.org/docs/man-pages/wireshark.1.html>
|
||||
provides a detailed description.
|
||||
|
||||
B<Editcap> can write the file in several output formats. The B<-F>
|
||||
|
@ -199,15 +199,15 @@ To introduce 5% random errors in a capture file use:
|
|||
|
||||
=head1 SEE ALSO
|
||||
|
||||
I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)>
|
||||
I<tcpdump(8)>, I<pcap(3)>, I<wireshark(1)>, I<mergecap(1)>
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
B<Editcap> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
B<Editcap> is part of the B<Wireshark> distribution. The latest version
|
||||
of B<Wireshark> can be found at B<http://www.wireshark.org>.
|
||||
|
||||
HTML versions of the Wireshark project man pages are available at:
|
||||
http://www.ethereal.com/docs/man-pages
|
||||
http://www.wireshark.org/docs/man-pages
|
||||
|
||||
=head1 AUTHORS
|
||||
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
#!/usr/bin/perl
|
||||
#
|
||||
# Reads the display filter keyword dump produced by 'ethereal -G' and
|
||||
# Reads the display filter keyword dump produced by 'wireshark -G' and
|
||||
# formats it as an SGML bulleted list of protocols.
|
||||
#
|
||||
# STDIN is the ethereal glossary
|
||||
# STDIN is the wireshark glossary
|
||||
# arg1 is the pod template file. The =insert_dfilter_table token
|
||||
# will be replaced by the pod-formatted glossary
|
||||
# STDOUT is the output
|
||||
|
@ -53,7 +53,7 @@ close(TEMPLATE) || die "Can't close $template: $!\n";
|
|||
|
||||
sub create_dfilter_table {
|
||||
|
||||
print "<itemizedlist id=\"EtherealListOfProtos\">\n";
|
||||
print "<itemizedlist id=\"WiresharkListOfProtos\">\n";
|
||||
|
||||
# Print each protocol
|
||||
for $proto_name (sort keys %proto_abbrev) {
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
|
||||
=head1 NAME
|
||||
|
||||
idl2wrs - CORBA IDL to Ethereal Plugin Generator
|
||||
idl2wrs - CORBA IDL to Wireshark Plugin Generator
|
||||
|
||||
=head1 SYNOPSYS
|
||||
|
||||
|
@ -10,9 +10,9 @@ B<idl2wrs> filename
|
|||
=head1 DESCRIPTION
|
||||
|
||||
B<idl2wrs> is a program that takes a user specified B<CORBA IDL>
|
||||
file and generates B<"C"> source code for an B<Ethereal> "plugin".
|
||||
file and generates B<"C"> source code for an B<Wireshark> "plugin".
|
||||
|
||||
This resulting file can be compiled as an B<Ethereal> plugin, and
|
||||
This resulting file can be compiled as an B<Wireshark> plugin, and
|
||||
used to monitor B<GIOP/IIOP> traffic that is using this IDL.
|
||||
|
||||
B<idl2wrs> is actually a shell script wrapper for two B<Python> programs.
|
||||
|
@ -21,9 +21,9 @@ These programs are:
|
|||
|
||||
=over 4
|
||||
|
||||
B<ethereal_be.py> - Contains the main IDL Visitor Class
|
||||
B<wireshark_be.py> - Contains the main IDL Visitor Class
|
||||
|
||||
B<ethereal_gen.py> - Contains the Source Code Generator Class
|
||||
B<wireshark_gen.py> - Contains the Source Code Generator Class
|
||||
|
||||
=back
|
||||
|
||||
|
@ -55,12 +55,12 @@ Currently there are no options. B<idl2wrs> can be invoked as follows.
|
|||
|
||||
=head1 ENVIRONMENT
|
||||
|
||||
B<idl2wrs> will look for B<ethereal_be.py> and B<ethereal_gen.py> in
|
||||
B<idl2wrs> will look for B<wireshark_be.py> and B<wireshark_gen.py> in
|
||||
B<$PYTHONPATH/site-packages/> and if not found, will try the current
|
||||
directory B<./>
|
||||
|
||||
The B<-p> option passed to omniidl (inside B<idl2wrs>) indicates where
|
||||
B<ethereal_be.py> and B<ethereal_gen.py> will be searched. This may
|
||||
B<wireshark_be.py> and B<wireshark_gen.py> will be searched. This may
|
||||
need tweaking if you place these files somewhere else.
|
||||
|
||||
If it complains about being unable to find some modules (eg tempfile.py),
|
||||
|
@ -71,14 +71,14 @@ eg: PYTHONPATH=/usr/lib/python1.5/
|
|||
|
||||
=head1 SEE ALSO
|
||||
|
||||
I<ethereal(1)>
|
||||
I<wireshark(1)>
|
||||
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
B<idl2wrs> (including B<ethereal_be.py> and B<ethereal_gen.py>) are part of
|
||||
the B<Ethereal> distribution. The latest version of B<Ethereal> can
|
||||
be found at B<http://www.ethereal.com>.
|
||||
B<idl2wrs> (including B<wireshark_be.py> and B<wireshark_gen.py>) are part of
|
||||
the B<Wireshark> distribution. The latest version of B<Wireshark> can
|
||||
be found at B<http://www.wireshark.org>.
|
||||
|
||||
B<idl2wrs> uses B<omniidl>, and IDL parser, and can be found at
|
||||
B<http://omniorb.sourceforge.net/>
|
||||
|
|
|
@ -21,17 +21,17 @@ I<...>
|
|||
B<Mergecap> is a program that combines multiple saved capture files into
|
||||
a single output file specified by the B<-w> argument. B<Mergecap> knows
|
||||
how to read B<libpcap> capture files, including those of B<tcpdump>,
|
||||
B<Ethereal>, and other tools that write captures in that format.
|
||||
B<Wireshark>, and other tools that write captures in that format.
|
||||
|
||||
By default, it writes the capture file in B<libpcap> format, and writes
|
||||
all of the packets in both input capture files to the output file.
|
||||
|
||||
B<Mergecap> is able to detect, read and write the same capture files that
|
||||
are supported by B<Ethereal>.
|
||||
are supported by B<Wireshark>.
|
||||
The input files don't need a specific filename extension, the file
|
||||
format and an optional gzip compression will be automatically detected.
|
||||
The I<capture file format> section of I<ethereal(1)> or
|
||||
I<http://www.ethereal.com/docs/man-pages/ethereal.1.html>
|
||||
The I<capture file format> section of I<wireshark(1)> or
|
||||
I<http://www.wireshark.org/docs/man-pages/wireshark.1.html>
|
||||
provides a detailed description.
|
||||
|
||||
B<Mergecap> can write the file in several output formats.
|
||||
|
@ -120,18 +120,18 @@ fddi>' is specified).
|
|||
|
||||
=head1 SEE ALSO
|
||||
|
||||
I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<editcap(1)>
|
||||
I<tcpdump(8)>, I<pcap(3)>, I<wireshark(1)>, I<editcap(1)>
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
B<Mergecap> is based heavily upon B<editcap> by Richard Sharpe
|
||||
<sharpe[AT]ns.aus.com> and Guy Harris <guy[AT]alum.mit.edu>.
|
||||
|
||||
B<Mergecap> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
B<Mergecap> is part of the B<Wireshark> distribution. The latest version
|
||||
of B<Wireshark> can be found at B<http://www.wireshark.org>.
|
||||
|
||||
HTML versions of the Wireshark project man pages are available at:
|
||||
http://www.ethereal.com/docs/man-pages
|
||||
http://www.wireshark.org/docs/man-pages
|
||||
|
||||
=head1 AUTHORS
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ $Id$
|
|||
randpkt is a small utility creates a libpcap trace file full of random packets.
|
||||
You can control the number of packets, the maximum size of each packet,
|
||||
and the type of each packet. It is not build by default, but you
|
||||
can create it in the top-level Ethereal directory by typing:
|
||||
can create it in the top-level Wireshark directory by typing:
|
||||
|
||||
make randpkt
|
||||
|
||||
|
|
|
@ -77,7 +77,7 @@ B<Text2pcap> also allows the user to read in dumps of
|
|||
application-level data, by inserting dummy L2, L3 and L4 headers
|
||||
before each packet. The user can elect to insert Ethernet headers,
|
||||
Ethernet and IP, or Ethernet, IP and UDP/TCP headers before each
|
||||
packet. This allows Ethereal or any other full-packet decoder to
|
||||
packet. This allows Wireshark or any other full-packet decoder to
|
||||
handle these dumps.
|
||||
|
||||
=head1 OPTIONS
|
||||
|
@ -118,7 +118,7 @@ for the Ethernet header in hex. Use this option if your dump has Layer
|
|||
encapsulation. Example: I<-e 0x806> to specify an ARP packet.
|
||||
|
||||
For IP packets, instead of generating a fake Ethernet header you can
|
||||
also use I<-l 12> to indicate a raw IP packet to Ethereal. Note that
|
||||
also use I<-l 12> to indicate a raw IP packet to Wireshark. Note that
|
||||
I<-l 12> does not work for any non-IP Layer 3 packet (e.g. ARP),
|
||||
whereas generating a dummy Ethernet header with I<-e> works for any
|
||||
sort of L3 packet.
|
||||
|
@ -195,12 +195,12 @@ a second.
|
|||
|
||||
=head1 SEE ALSO
|
||||
|
||||
I<od(1)>, I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<editcap(1)>, I<strptime(3)>.
|
||||
I<od(1)>, I<tcpdump(8)>, I<pcap(3)>, I<wireshark(1)>, I<editcap(1)>, I<strptime(3)>.
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
B<Text2pcap> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
B<Text2pcap> is part of the B<Wireshark> distribution. The latest version
|
||||
of B<Wireshark> can be found at B<http://www.wireshark.org>.
|
||||
|
||||
=head1 AUTHORS
|
||||
|
||||
|
|
|
@ -51,11 +51,11 @@ use the pcap library to capture traffic from the first available network
|
|||
interface and displays a summary line on stdout for each received packet.
|
||||
|
||||
B<TShark> is able to detect, read and write the same capture files that
|
||||
are supported by B<Ethereal>.
|
||||
are supported by B<Wireshark>.
|
||||
The input file doesn't need a specific filename extension, the file
|
||||
format and an optional gzip compression will be automatically detected.
|
||||
The I<capture file format> section of I<ethereal(1)> or
|
||||
I<http://www.ethereal.com/docs/man-pages/ethereal.1.html>
|
||||
The I<capture file format> section of I<wireshark(1)> or
|
||||
I<http://www.wireshark.org/docs/man-pages/wireshark.1.html>
|
||||
provides a detailed description.
|
||||
|
||||
Compressed file support uses (and therefore requires) the zlib library.
|
||||
|
@ -71,7 +71,7 @@ packets' time stamps.
|
|||
When writing a decoded form of packets, B<TShark> writes, by
|
||||
default, a summary line containing the fields specified by the
|
||||
preferences file (which are also the fields displayed in the packet list
|
||||
pane in B<Ethereal>), although if it's writing packets as it captures
|
||||
pane in B<Wireshark>), although if it's writing packets as it captures
|
||||
them, rather than writting packets from a saved capture file, it won't
|
||||
show the "frame number" field. If the B<-V> option is specified, it
|
||||
writes instead a view of the details of the packet, showing all the
|
||||
|
@ -132,7 +132,7 @@ B<duration>:I<value> Stop writing to a capture file after I<value> seconds have
|
|||
|
||||
B<filesize>:I<value> Stop writing to a capture file after it reaches a size of I<value>
|
||||
kilobytes (where a kilobyte is 1024 bytes). If this option
|
||||
is used together with the -b option, Ethereal will stop writing to the
|
||||
is used together with the -b option, Wireshark will stop writing to the
|
||||
current capture file and switch to the next one if filesize is reached.
|
||||
|
||||
B<files>:I<value> Stop writing to capture files after I<value> number of files were written.
|
||||
|
@ -414,7 +414,7 @@ after printing the summary or details.
|
|||
Specify an option to be passed to a B<TShark> module. The eXtension option
|
||||
is in the form I<extension_key>B<:>I<value>, where I<extension_key> can be:
|
||||
|
||||
B<lua_script>:I<lua_script_filename> tells B<Ethereal> to load the given script in addition to the
|
||||
B<lua_script>:I<lua_script_filename> tells B<Wireshark> to load the given script in addition to the
|
||||
default Lua scripts.
|
||||
|
||||
|
||||
|
@ -715,11 +715,11 @@ See the manual page of I<tcpdump(8)>.
|
|||
=head1 READ FILTER SYNTAX
|
||||
|
||||
For a complete table of protocol and protocol fields that are filterable
|
||||
in B<TShark> see the I<ethereal-filter(4)> manual page.
|
||||
in B<TShark> see the I<wireshark-filter(4)> manual page.
|
||||
|
||||
=head1 FILES
|
||||
|
||||
These files contains various B<Ethereal> configuration values.
|
||||
These files contains various B<Wireshark> configuration values.
|
||||
|
||||
=over 4
|
||||
|
||||
|
@ -745,17 +745,17 @@ starts a comment that runs to the end of the line:
|
|||
# TRUE or FALSE (case-insensitive).
|
||||
capture.prom_mode: TRUE
|
||||
|
||||
The global preferences file is looked for in the F<ethereal> directory
|
||||
The global preferences file is looked for in the F<wireshark> directory
|
||||
under the F<share> subdirectory of the main installation directory (for
|
||||
example, F</usr/local/share/ethereal/preferences>) on UNIX-compatible
|
||||
example, F</usr/local/share/wireshark/preferences>) on UNIX-compatible
|
||||
systems, and in the main installation directory (for example,
|
||||
F<C:\Program Files\Ethereal\preferences>) on Windows systems.
|
||||
F<C:\Program Files\Wireshark\preferences>) on Windows systems.
|
||||
|
||||
The personal preferences file is looked for in
|
||||
F<$HOME/.ethereal/preferences> on
|
||||
UNIX-compatible systems and F<%APPDATA%\Ethereal\preferences> (or, if
|
||||
F<$HOME/.wireshark/preferences> on
|
||||
UNIX-compatible systems and F<%APPDATA%\Wireshark\preferences> (or, if
|
||||
%APPDATA% isn't defined, F<%USERPROFILE%\Application
|
||||
Data\Ethereal\preferences>) on Windows systems.
|
||||
Data\Wireshark\preferences>) on Windows systems.
|
||||
|
||||
=item Disabled (Enabled) Protocols
|
||||
|
||||
|
@ -801,7 +801,7 @@ lines of an F<ethers> file:
|
|||
|
||||
The global F<ethers> file is looked for in the F</etc> directory on
|
||||
UNIX-compatible systems, and in the main installation directory (for
|
||||
example, F<C:\Program Files\Ethereal>) on Windows systems.
|
||||
example, F<C:\Program Files\Wireshark>) on Windows systems.
|
||||
|
||||
The personal F<ethers> file is looked for in the same directory as the personal
|
||||
preferences file.
|
||||
|
@ -848,7 +848,7 @@ For example, these four lines are valid lines of an F<ipxnets> file:
|
|||
|
||||
The global F<ipxnets> file is looked for in the F</etc> directory on
|
||||
UNIX-compatible systems, and in the main installation directory (for
|
||||
example, F<C:\Program Files\Ethereal>) on Windows systems.
|
||||
example, F<C:\Program Files\Wireshark>) on Windows systems.
|
||||
|
||||
The personal F<ipxnets> file is looked for in the same directory as the
|
||||
personal preferences file.
|
||||
|
@ -857,18 +857,18 @@ personal preferences file.
|
|||
|
||||
=head1 SEE ALSO
|
||||
|
||||
I<ethereal-filter(4)> I<ethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
|
||||
I<wireshark-filter(4)> I<wireshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
B<TShark> is part of the B<Ethereal> distribution. The latest version
|
||||
of B<Ethereal> can be found at B<http://www.ethereal.com>.
|
||||
B<TShark> is part of the B<Wireshark> distribution. The latest version
|
||||
of B<Wireshark> can be found at B<http://www.wireshark.org>.
|
||||
|
||||
HTML versions of the Wireshark project man pages are available at:
|
||||
http://www.ethereal.com/docs/man-pages
|
||||
http://www.wireshark.org/docs/man-pages
|
||||
|
||||
=head1 AUTHORS
|
||||
|
||||
B<TShark> uses the same packet dissection code that B<Ethereal> does,
|
||||
as well as using many other modules from B<Ethereal>; see the list of
|
||||
authors in the B<Ethereal> man page for a list of authors of that code.
|
||||
B<TShark> uses the same packet dissection code that B<Wireshark> does,
|
||||
as well as using many other modules from B<Wireshark>; see the list of
|
||||
authors in the B<Wireshark> man page for a list of authors of that code.
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
=head1 NAME
|
||||
|
||||
ethereal-filter - Ethereal filter syntax and reference
|
||||
wireshark-filter - Wireshark filter syntax and reference
|
||||
|
||||
=head1 SYNOPSYS
|
||||
|
||||
B<ethereal> [other options]
|
||||
B<wireshark> [other options]
|
||||
S<[ B<-R> "filter expression" ]>
|
||||
|
||||
B<tshark> [other options]
|
||||
|
@ -12,7 +12,7 @@ S<[ B<-R> "filter expression" ]>
|
|||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
B<Ethereal> and B<TShark> share a powerful filter engine that helps remove
|
||||
B<Wireshark> and B<TShark> share a powerful filter engine that helps remove
|
||||
the noise from a packet trace and lets you see only the packets that interest
|
||||
you. If a packet meets the requirements expressed in your filter, then it
|
||||
is displayed in the list of packets. Display filters let you compare the
|
||||
|
@ -20,7 +20,7 @@ fields within a protocol against a specific value, compare fields against
|
|||
fields, and check the existence of specified fields or protocols.
|
||||
|
||||
Filters are also used by other features such as statistics generation and
|
||||
packet list colorization (the latter is only available to B<Ethereal>). This
|
||||
packet list colorization (the latter is only available to B<Wireshark>). This
|
||||
manual page describes their syntax and provides a comprehensive reference of
|
||||
filter fields.
|
||||
|
||||
|
@ -36,7 +36,7 @@ that contain a Token-Ring RIF field, use "tr.rif".
|
|||
Think of a protocol or field in a filter as implicitly having the "exists"
|
||||
operator.
|
||||
|
||||
Note: all protocol and field names that are available in B<Ethereal> and
|
||||
Note: all protocol and field names that are available in B<Wireshark> and
|
||||
B<TShark> filters are listed in the comprehensive B<FILTER PROTOCOL
|
||||
REFERENCE> (see below).
|
||||
|
||||
|
@ -66,7 +66,7 @@ characters, expressed as a string (quoted or unquoted), or bytes,
|
|||
expressed as a byte array. For example, to search for a given HTTP
|
||||
URL in a capture, the following filter can be used:
|
||||
|
||||
http contains "http://www.ethereal.com"
|
||||
http contains "http://www.wireshark.org"
|
||||
|
||||
The "contains" operator cannot be used on atomic fields,
|
||||
such as numbers or IP addresses.
|
||||
|
@ -85,13 +85,13 @@ a case-insensitive pattern match. More information on PCRE can be found in the
|
|||
pcrepattern(3) man page (Perl Regular Expressions are explained in
|
||||
B<http://www.perldoc.com/perl5.8.0/pod/perlre.html>).
|
||||
|
||||
Note: the "matches" operator is only available if B<Ethereal> or B<TShark>
|
||||
Note: the "matches" operator is only available if B<Wireshark> or B<TShark>
|
||||
have been compiled with the PCRE library. This can be checked by running:
|
||||
|
||||
ethereal -v
|
||||
wireshark -v
|
||||
tshark -v
|
||||
|
||||
or selecting the "About Ethereal" item from the "Help" menu in B<Ethereal>.
|
||||
or selecting the "About Wireshark" item from the "Help" menu in B<Wireshark>.
|
||||
|
||||
=head2 Functions
|
||||
|
||||
|
@ -221,11 +221,11 @@ Another example is:
|
|||
|
||||
You can use the slice operator on a protocol name, too.
|
||||
The "frame" protocol can be useful, encompassing all the data captured
|
||||
by B<Ethereal> or B<TShark>.
|
||||
by B<Wireshark> or B<TShark>.
|
||||
|
||||
token[0:5] ne 0.0.0.1.1
|
||||
llc[0] eq aa
|
||||
frame[100-199] contains "ethereal"
|
||||
frame[100-199] contains "wireshark"
|
||||
|
||||
The following syntax governs slices:
|
||||
|
||||
|
@ -309,7 +309,7 @@ all valid display filter expressions:
|
|||
|
||||
tcp.port == 80 and ip.src == 192.168.2.1
|
||||
not llc
|
||||
http and frame[100-199] contains "ethereal"
|
||||
http and frame[100-199] contains "wireshark"
|
||||
(ipx.src.net == 0xbad && ipx.src.node == 0.0.0.0.0.1) || ip
|
||||
|
||||
Remember that whenever a protocol or field name occurs in an expression, the
|
||||
|
@ -378,9 +378,9 @@ field is also given.
|
|||
|
||||
=head1 NOTES
|
||||
|
||||
The B<ethereal-filters> manpage is part of the B<Ethereal> distribution.
|
||||
The latest version of B<Ethereal> can be found at
|
||||
B<http://www.ethereal.com>.
|
||||
The B<wireshark-filters> manpage is part of the B<Wireshark> distribution.
|
||||
The latest version of B<Wireshark> can be found at
|
||||
B<http://www.wireshark.org>.
|
||||
|
||||
Regular expressions in the "matches" operator are provided with B<libpcre>,
|
||||
the Perl-Compatible Regular Expressions library: see B<http://www.pcre.org/>.
|
||||
|
@ -393,9 +393,9 @@ in B<http://www.winpcap.org/docs/man/html/group__language.html>.
|
|||
|
||||
=head1 SEE ALSO
|
||||
|
||||
I<ethereal(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
|
||||
I<wireshark(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
|
||||
|
||||
=head1 AUTHORS
|
||||
|
||||
See the list of authors in the B<Ethereal> man page for a list of authors of
|
||||
See the list of authors in the B<Wireshark> man page for a list of authors of
|
||||
that code.
|
|
@ -1,11 +1,11 @@
|
|||
|
||||
=head1 NAME
|
||||
|
||||
ethereal - Interactively dump and analyze network traffic
|
||||
wireshark - Interactively dump and analyze network traffic
|
||||
|
||||
=head1 SYNOPSYS
|
||||
|
||||
B<ethereal>
|
||||
B<wireshark>
|
||||
S<[ B<-a> E<lt>capture autostop conditionE<gt> ] ...>
|
||||
S<[ B<-b> E<lt>capture ring buffer optionE<gt> ] ...>
|
||||
S<[ B<-B> E<lt>capture buffer size (Win32 only)E<gt> ] >
|
||||
|
@ -38,13 +38,13 @@ S<[ E<lt>infileE<gt> ]>
|
|||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
B<Ethereal> is a GUI network protocol analyzer. It lets you
|
||||
B<Wireshark> is a GUI network protocol analyzer. It lets you
|
||||
interactively browse packet data from a live network or from a
|
||||
previously saved capture file. B<Ethereal>'s native capture file format
|
||||
previously saved capture file. B<Wireshark>'s native capture file format
|
||||
is B<libpcap> format, which is also the format used by B<tcpdump> and
|
||||
various other tools.
|
||||
|
||||
B<Ethereal> can read / import the following file formats:
|
||||
B<Wireshark> can read / import the following file formats:
|
||||
|
||||
=over 4
|
||||
|
||||
|
@ -131,25 +131,25 @@ Catapult DCT2000 .out files
|
|||
|
||||
=back 4
|
||||
|
||||
There is no need to tell B<Ethereal> what type of
|
||||
There is no need to tell B<Wireshark> what type of
|
||||
file you are reading; it will determine the file type by itself.
|
||||
B<Ethereal> is also capable of reading any of these file formats if they
|
||||
are compressed using gzip. B<Ethereal> recognizes this directly from
|
||||
B<Wireshark> is also capable of reading any of these file formats if they
|
||||
are compressed using gzip. B<Wireshark> recognizes this directly from
|
||||
the file; the '.gz' extension is not required for this purpose.
|
||||
|
||||
Like other protocol analyzers, B<Ethereal>'s main window shows 3 views
|
||||
Like other protocol analyzers, B<Wireshark>'s main window shows 3 views
|
||||
of a packet. It shows a summary line, briefly describing what the
|
||||
packet is. A packet details display is shown, allowing you to drill
|
||||
down to exact protocol or field that you interested in. Finally, a hex
|
||||
dump shows you exactly what the packet looks like when it goes over the
|
||||
wire.
|
||||
|
||||
In addition, B<Ethereal> has some features that make it unique. It can
|
||||
In addition, B<Wireshark> has some features that make it unique. It can
|
||||
assemble all the packets in a TCP conversation and show you the ASCII
|
||||
(or EBCDIC, or hex) data in that conversation. Display filters in
|
||||
B<Ethereal> are very powerful; more fields are filterable in B<Ethereal>
|
||||
B<Wireshark> are very powerful; more fields are filterable in B<Wireshark>
|
||||
than in other protocol analyzers, and the syntax you can use to create
|
||||
your filters is richer. As B<Ethereal> progresses, expect more and more
|
||||
your filters is richer. As B<Wireshark> progresses, expect more and more
|
||||
protocol fields to be allowed in display filters.
|
||||
|
||||
Packet capturing is performed with the pcap library. The capture filter
|
||||
|
@ -157,7 +157,7 @@ syntax follows the rules of the pcap library. This syntax is different
|
|||
from the display filter syntax.
|
||||
|
||||
Compressed file support uses (and therefore requires) the zlib library.
|
||||
If the zlib library is not present, B<Ethereal> will compile, but will
|
||||
If the zlib library is not present, B<Wireshark> will compile, but will
|
||||
be unable to read compressed files.
|
||||
|
||||
The pathname of a capture file to be read can be specified with the
|
||||
|
@ -167,12 +167,12 @@ B<-r> option or can be specified as a command-line argument.
|
|||
|
||||
=over 4
|
||||
|
||||
Most users will want to start B<Ethereal> without options and configure
|
||||
Most users will want to start B<Wireshark> without options and configure
|
||||
it from the menus instead. Those users may just skip this section.
|
||||
|
||||
=item -a E<lt>capture autostop conditionE<gt>
|
||||
|
||||
Specify a criterion that specifies when B<Ethereal> is to stop writing
|
||||
Specify a criterion that specifies when B<Wireshark> is to stop writing
|
||||
to a capture file. The criterion is of the form I<test>B<:>I<value>,
|
||||
where I<test> is one of:
|
||||
|
||||
|
@ -180,16 +180,16 @@ B<duration>:I<value> Stop writing to a capture file after I<value> seconds have
|
|||
|
||||
B<filesize>:I<value> Stop writing to a capture file after it reaches a size of I<value>
|
||||
kilobytes (where a kilobyte is 1024 bytes). If this option
|
||||
is used together with the -b option, Ethereal will stop writing to the
|
||||
is used together with the -b option, Wireshark will stop writing to the
|
||||
current capture file and switch to the next one if filesize is reached.
|
||||
|
||||
B<files>:I<value> Stop writing to capture files after I<value> number of files were written.
|
||||
|
||||
=item -b E<lt>capture ring buffer optionE<gt>
|
||||
|
||||
Cause B<Ethereal> to run in "multiple files" mode. In "multiple files" mode,
|
||||
B<Ethereal> will write to several capture files. When the first capture file
|
||||
fills up, B<Ethereal> will switch writing to the next file and so on.
|
||||
Cause B<Wireshark> to run in "multiple files" mode. In "multiple files" mode,
|
||||
B<Wireshark> will write to several capture files. When the first capture file
|
||||
fills up, B<Wireshark> will switch writing to the next file and so on.
|
||||
|
||||
The created filenames are based on the filename given with the B<-w> flag, the number of
|
||||
the file and on the creation date and time,
|
||||
|
@ -197,7 +197,7 @@ e.g. outfile_00001_20050604120117.pcap, outfile_00001_20050604120523.pcap, ...
|
|||
|
||||
With the I<files> option it's also possible to form a "ring buffer".
|
||||
This will fill up new files until the number of files specified,
|
||||
at which point B<Ethereal> will discard the data in the first file and start
|
||||
at which point B<Wireshark> will discard the data in the first file and start
|
||||
writing to that file and so on. If the I<files> option is not set,
|
||||
new files filled up until one of the capture stop conditions match (or
|
||||
until the disk if full).
|
||||
|
@ -227,7 +227,7 @@ data.
|
|||
|
||||
=item -D
|
||||
|
||||
Print a list of the interfaces on which B<Ethereal> can capture, and
|
||||
Print a list of the interfaces on which B<Wireshark> can capture, and
|
||||
exit. For each network interface, a number and an
|
||||
interface name, possibly followed by a text description of the
|
||||
interface, is printed. The interface name or the number can be supplied
|
||||
|
@ -238,10 +238,10 @@ This can be useful on systems that don't have a command to list them
|
|||
the number can be useful on Windows 2000 and later systems, where the
|
||||
interface name is a somewhat complex string.
|
||||
|
||||
Note that "can capture" means that B<Ethereal> was able to open
|
||||
Note that "can capture" means that B<Wireshark> was able to open
|
||||
that device to do a live capture; if, on your system, a program doing a
|
||||
network capture must be run from an account with special privileges (for
|
||||
example, as root), then, if B<Ethereal> is run with the B<-D> flag and
|
||||
example, as root), then, if B<Wireshark> is run with the B<-D> flag and
|
||||
is not run from such an account, it will not list any interfaces.
|
||||
|
||||
=item -f E<lt>capture filterE<gt>
|
||||
|
@ -262,32 +262,32 @@ Set the name of the network interface or pipe to use for live packet
|
|||
capture.
|
||||
|
||||
Network interface names should match one of the names listed in
|
||||
"B<ethereal -D>" (described above); a number, as reported by
|
||||
"B<ethereal -D>", can also be used. If you're using UNIX, "B<netstat
|
||||
"B<wireshark -D>" (described above); a number, as reported by
|
||||
"B<wireshark -D>", can also be used. If you're using UNIX, "B<netstat
|
||||
-i>" or "B<ifconfig -a>" might also work to list interface names,
|
||||
although not all versions of UNIX support the B<-a> flag to B<ifconfig>.
|
||||
|
||||
If no interface is specified, B<Ethereal> searches the list of
|
||||
If no interface is specified, B<Wireshark> searches the list of
|
||||
interfaces, choosing the first non-loopback interface if there are any
|
||||
non-loopback interfaces, and choosing the first loopback interface if
|
||||
there are no non-loopback interfaces. If there are no interfaces at all,
|
||||
B<Ethereal> reports an error and doesn't start the capture.
|
||||
B<Wireshark> reports an error and doesn't start the capture.
|
||||
|
||||
Pipe names should be either the name of a FIFO (named pipe) or ``-'' to
|
||||
read data from the standard input. Data read from pipes must be in
|
||||
standard libpcap format.
|
||||
|
||||
Note: the Win32 version of B<Ethereal> doesn't support capturing from
|
||||
Note: the Win32 version of B<Wireshark> doesn't support capturing from
|
||||
pipes or stdin!
|
||||
|
||||
=item -k
|
||||
|
||||
Start the capture session immediately. If the B<-i> flag was
|
||||
specified, the capture uses the specified interface. Otherwise,
|
||||
B<Ethereal> searches the list of interfaces, choosing the first
|
||||
B<Wireshark> searches the list of interfaces, choosing the first
|
||||
non-loopback interface if there are any non-loopback interfaces, and
|
||||
choosing the first loopback interface if there are no non-loopback
|
||||
interfaces; if there are no interfaces, B<Ethereal> reports an error and
|
||||
interfaces; if there are no interfaces, B<Wireshark> reports an error and
|
||||
doesn't start the capture.
|
||||
|
||||
=item -l
|
||||
|
@ -302,7 +302,7 @@ List the data link types supported by the interface and exit.
|
|||
|
||||
=item -m E<lt>fontE<gt>
|
||||
|
||||
Set the name of the font used by B<Ethereal> for most text. B<Ethereal>
|
||||
Set the name of the font used by B<Wireshark> for most text. B<Wireshark>
|
||||
will construct the name of the bold font used for the data in the byte
|
||||
view pane that corresponds to the field selected in the packet details
|
||||
pane from the name of the main text font.
|
||||
|
@ -337,7 +337,7 @@ read from a preference/recent file. The argument to the flag is a string of
|
|||
the form I<prefname>B<:>I<value>, where I<prefname> is the name of the
|
||||
preference/recent value (which is the same name that would appear in the
|
||||
preference/recent file), and I<value> is the value to which it should be set.
|
||||
Since B<Ethereal> 0.10.12, the recent settings replaces the formerly used
|
||||
Since B<Wireshark> 0.10.12, the recent settings replaces the formerly used
|
||||
-B, -P and -T flags to manipulate the GUI dimensions.
|
||||
|
||||
=item -p
|
||||
|
@ -345,13 +345,13 @@ Since B<Ethereal> 0.10.12, the recent settings replaces the formerly used
|
|||
I<Don't> put the interface into promiscuous mode. Note that the
|
||||
interface might be in promiscuous mode for some other reason; hence,
|
||||
B<-p> cannot be used to ensure that the only traffic that is captured is
|
||||
traffic sent to or from the machine on which B<Ethereal> is running,
|
||||
traffic sent to or from the machine on which B<Wireshark> is running,
|
||||
broadcast traffic, and multicast traffic to addresses received by that
|
||||
machine.
|
||||
|
||||
=item -Q
|
||||
|
||||
Cause B<Ethereal> to exit after the end of capture session (useful in
|
||||
Cause B<Wireshark> to exit after the end of capture session (useful in
|
||||
batch mode with B<-c> option for instance); this option requires the
|
||||
B<-i> and B<-w> parameters.
|
||||
|
||||
|
@ -411,16 +411,16 @@ are the values that can be used.
|
|||
|
||||
=item -X E<lt>eXtension optionsE<gt>
|
||||
|
||||
Specify an option to be passed to an B<Ethereal> module. The eXtension option
|
||||
Specify an option to be passed to an B<Wireshark> module. The eXtension option
|
||||
is in the form I<extension_key>B<:>I<value>, where I<extension_key> can be:
|
||||
|
||||
B<lua_script>:I<lua_script_filename> tells B<Ethereal> to load the given script in addition to the
|
||||
B<lua_script>:I<lua_script_filename> tells B<Wireshark> to load the given script in addition to the
|
||||
default Lua scripts.
|
||||
|
||||
|
||||
=item -z E<lt>statisticsE<gt>
|
||||
|
||||
Get B<Ethereal> to collect various types of statistics and display the result
|
||||
Get B<Wireshark> to collect various types of statistics and display the result
|
||||
in a window that updates in semi-real time.
|
||||
Currently implemented statistics are:
|
||||
|
||||
|
@ -700,7 +700,7 @@ next / previous file in that set.
|
|||
=item File:Export
|
||||
|
||||
Export captured data into an external format. Note: the data cannot be
|
||||
imported back into Ethereal, so be sure to keep the capture file.
|
||||
imported back into Wireshark, so be sure to keep the capture file.
|
||||
|
||||
=item File:Print
|
||||
|
||||
|
@ -861,7 +861,7 @@ consists of a name, a filter expression and a coloration. A packet is
|
|||
colored according to the first filter that it matches. Color filter
|
||||
expressions use exactly the same syntax as display filter expressions.
|
||||
|
||||
When Ethereal starts, the color filters are loaded from:
|
||||
When Wireshark starts, the color filters are loaded from:
|
||||
|
||||
=over
|
||||
|
||||
|
@ -926,7 +926,7 @@ Beware: keeping this box open results in high system load!
|
|||
Initiate a live packet capture (see L<Capture Options|/item_capture_options>
|
||||
dialog below). If no filename is specified, a temporary file will be created
|
||||
to hold the capture. The location of the file can be chosen by setting your
|
||||
TMPDIR environment variable before starting B<Ethereal>. Otherwise, the
|
||||
TMPDIR environment variable before starting B<Wireshark>. Otherwise, the
|
||||
default TMPDIR location is system-dependent, but is likely either F</var/tmp>
|
||||
or F</tmp>.
|
||||
|
||||
|
@ -990,13 +990,13 @@ The entire list can be enabled, disabled, or inverted using the buttons
|
|||
below the list.
|
||||
|
||||
When a protocol is disabled, dissection in a particular packet stops
|
||||
when that protocol is reached, and Ethereal moves on to the next packet.
|
||||
when that protocol is reached, and Wireshark moves on to the next packet.
|
||||
Any higher-layer protocols that would otherwise have been processed will
|
||||
not be displayed. For example, disabling TCP will prevent the dissection
|
||||
and display of TCP, HTTP, SMTP, Telnet, and any other protocol exclusively
|
||||
dependent on TCP.
|
||||
|
||||
The list of protocols can be saved, so that Ethereal will start up with
|
||||
The list of protocols can be saved, so that Wireshark will start up with
|
||||
the protocols in that list disabled.
|
||||
|
||||
=item Analyze:Decode As
|
||||
|
@ -1006,7 +1006,7 @@ which dissectors are used to decode this packet. The dialog has one
|
|||
panel each for the link layer, network layer and transport layer
|
||||
protocol/port numbers, and will allow each of these to be changed
|
||||
independently. For example, if the selected packet is a TCP packet to
|
||||
port 12345, using this dialog you can instruct Ethereal to decode all
|
||||
port 12345, using this dialog you can instruct Wireshark to decode all
|
||||
packets to or from that TCP port as HTTP packets.
|
||||
|
||||
=item Analyze:User Specified Decodes
|
||||
|
@ -1112,7 +1112,7 @@ second intervals.
|
|||
interval will be in the drawing area. The default is 5 pixels per tick.
|
||||
|
||||
"Y-scale:" controls the max value for the y-axis. Default value is
|
||||
"auto" which means that B<Ethereal> will try to adjust the maxvalue
|
||||
"auto" which means that B<Wireshark> will try to adjust the maxvalue
|
||||
automatically.
|
||||
|
||||
"advanced..." If Unit:advanced... is selected the window will display
|
||||
|
@ -1220,7 +1220,7 @@ ascending or descending order by any column.
|
|||
|
||||
By first selecting a conversation by clicking on it and then using the
|
||||
right mouse button (on those platforms that have a right
|
||||
mouse button) ethereal will display a popup menu offering several different
|
||||
mouse button) wireshark will display a popup menu offering several different
|
||||
filter operations to apply to the capture.
|
||||
|
||||
These statistics windows can also be invoked from the Wireshark command
|
||||
|
@ -1234,7 +1234,7 @@ interface and display B<Procedure>, B<Number of Calls>, B<Minimum SRT>,
|
|||
B<Maximum SRT> and B<Average SRT> for all procedures for that
|
||||
program/version. These windows opened will update in semi-real time to
|
||||
reflect changes when doing live captures or when reading new capture
|
||||
files into B<Ethereal>.
|
||||
files into B<Wireshark>.
|
||||
|
||||
This dialog will also allow an optional filter string to be used.
|
||||
If an optional filter string is used only such DCE-RPC request/response pairs
|
||||
|
@ -1248,7 +1248,7 @@ and display B<FC Type>, B<Number of Calls>, B<Minimum SRT>,
|
|||
B<Maximum SRT> and B<Average SRT> for all FC types.
|
||||
These windows opened will update in semi-real time to
|
||||
reflect changes when doing live captures or when reading new capture
|
||||
files into B<Ethereal>.
|
||||
files into B<Wireshark>.
|
||||
The Service Response Time is calculated as the time delta between the
|
||||
First packet of the exchange and the Last packet of the exchange.
|
||||
|
||||
|
@ -1262,7 +1262,7 @@ string is specified all request/response pairs will be used.
|
|||
Open a window to display statistics for an arbitrary ONC-RPC program interface
|
||||
and display B<Procedure>, B<Number of Calls>, B<Minimum SRT>, B<Maximum SRT> and B<Average SRT> for all procedures for that program/version.
|
||||
These windows opened will update in semi-real time to reflect changes when
|
||||
doing live captures or when reading new capture files into B<Ethereal>.
|
||||
doing live captures or when reading new capture files into B<Wireshark>.
|
||||
|
||||
This dialog will also allow an optional filter string to be used.
|
||||
If an optional filter string is used only such ONC-RPC request/response pairs
|
||||
|
@ -1271,7 +1271,7 @@ string is specified all request/response pairs will be used.
|
|||
|
||||
By first selecting a conversation by clicking on it and then using the
|
||||
right mouse button (on those platforms that have a right
|
||||
mouse button) ethereal will display a popup menu offering several different
|
||||
mouse button) wireshark will display a popup menu offering several different
|
||||
filter operations to apply to the capture.
|
||||
|
||||
=item Statistics:Service Response Time:SMB
|
||||
|
@ -1294,7 +1294,7 @@ on those calls matching that filter.
|
|||
|
||||
By first selecting a conversation by clicking on it and then using the
|
||||
right mouse button (on those platforms that have a right
|
||||
mouse button) ethereal will display a popup menu offering several different
|
||||
mouse button) wireshark will display a popup menu offering several different
|
||||
filter operations to apply to the capture.
|
||||
|
||||
=item Statistics:Service Response Time:MGCP
|
||||
|
@ -1303,7 +1303,7 @@ Collect requests/response SRT (Service Response Time) data for MGCP.
|
|||
Data collected is B<number of calls> for each known MGCP Type,
|
||||
B<Minimum SRT>, B<Maximum SRT>, B<Average SRT>, B<Minimum in Packet>, and B<Maximum in Packet>.
|
||||
These windows opened will update in semi-real time to reflect changes when
|
||||
doing live captures or when reading new capture files into B<Ethereal>.
|
||||
doing live captures or when reading new capture files into B<Wireshark>.
|
||||
|
||||
You can apply an optional filter string in a dialog box, before starting
|
||||
the calculation. The statistics will only be calculated
|
||||
|
@ -1317,7 +1317,7 @@ B<Minimum SRT>, B<Maximum SRT>, B<Average SRT>, B<Minimum in Packet>, and B<Maxi
|
|||
You will also get the number of B<Open Requests> (Unresponded Requests),
|
||||
B<Discarded Responses> (Responses without matching request) and Duplicate Messages.
|
||||
These windows opened will update in semi-real time to reflect changes when
|
||||
doing live captures or when reading new capture files into B<Ethereal>.
|
||||
doing live captures or when reading new capture files into B<Wireshark>.
|
||||
|
||||
You can apply an optional filter string in a dialog box, before starting
|
||||
the calculation. The statistics will only be calculated
|
||||
|
@ -1330,7 +1330,7 @@ list of H.225 messages and H.225 message reasons, which occur in the current
|
|||
capture file. The number of occurences of each message or reason will be displayed
|
||||
in the second column.
|
||||
This window opened will update in semi-real time to reflect changes when
|
||||
doing live captures or when reading new capture files into B<Ethereal>.
|
||||
doing live captures or when reading new capture files into B<Wireshark>.
|
||||
|
||||
You can apply an optional filter string in a dialog box, before starting
|
||||
the counter. The statistics will only be calculated
|
||||
|
@ -1343,7 +1343,7 @@ SIP Method and of each SIP Status-Code. Additionally you also get the number of
|
|||
resent SIP Messages (only for SIP over UDP).
|
||||
|
||||
This window opened will update in semi-real time to reflect changes when
|
||||
doing live captures or when reading new capture files into B<Ethereal>.
|
||||
doing live captures or when reading new capture files into B<Wireshark>.
|
||||
|
||||
You can apply an optional filter string in a dialog box, before starting
|
||||
the counter. The statistics will only be calculated
|
||||
|
@ -1366,13 +1366,13 @@ List of supported protocols and display filter protocol fields.
|
|||
|
||||
Display locally installed HTML versions of these manual pages in a web browser.
|
||||
|
||||
=item Help:Ethereal Online
|
||||
=item Help:Wireshark Online
|
||||
|
||||
Various links to online resources to be open in a web browser, like http://www.ethereal.com.
|
||||
Various links to online resources to be open in a web browser, like http://www.wireshark.org.
|
||||
|
||||
=item Help:About Ethereal
|
||||
=item Help:About Wireshark
|
||||
|
||||
See various information about Ethereal (see L<About|/item_about> dialog below), like the
|
||||
See various information about Wireshark (see L<About|/item_about> dialog below), like the
|
||||
version, the folders used, the available plugins, ...
|
||||
|
||||
=back
|
||||
|
@ -1424,7 +1424,7 @@ source and destination addresses, protocol, and description are
|
|||
displayed for each packet; the I<Columns> page in the dialog box popped
|
||||
up by I<Edit:Preferences> lets you change this (although, unfortunately,
|
||||
you currently have to save the preferences, and exit and restart
|
||||
Ethereal, for those changes to take effect).
|
||||
Wireshark, for those changes to take effect).
|
||||
|
||||
If you click on the heading for a column, the display will be sorted by
|
||||
that column; clicking on the heading again will reverse the sort order
|
||||
|
@ -1467,7 +1467,7 @@ The statusbar can be hidden by I<View:Statusbar>.
|
|||
=item Preferences
|
||||
|
||||
The I<Preferences> dialog lets you control various personal preferences
|
||||
for the behavior of B<Ethereal>.
|
||||
for the behavior of B<Wireshark>.
|
||||
|
||||
=over 6
|
||||
|
||||
|
@ -1513,19 +1513,19 @@ item can be set to use either inverse video, or bold characters.
|
|||
=item Save Window Position
|
||||
|
||||
If this item is selected, the position of the main Wireshark window will
|
||||
be saved when Ethereal exits, and used when Wireshark is started again.
|
||||
be saved when Wireshark exits, and used when Wireshark is started again.
|
||||
|
||||
=item Save Window Size
|
||||
|
||||
If this item is selected, the size of the main Wireshark window will
|
||||
be saved when Ethereal exits, and used when Wireshark is started again.
|
||||
be saved when Wireshark exits, and used when Wireshark is started again.
|
||||
|
||||
=item File Open Dialog Behavior
|
||||
|
||||
This item allows the user to select how Ethereal handles the listing
|
||||
This item allows the user to select how Wireshark handles the listing
|
||||
of the "File Open" Dialog when opening trace files. "Remember Last
|
||||
Directory" causes Ethereal to automatically position the dialog in the
|
||||
directory of the most recently opened file, even between launches of Ethereal.
|
||||
Directory" causes Wireshark to automatically position the dialog in the
|
||||
directory of the most recently opened file, even between launches of Wireshark.
|
||||
"Always Open in Directory" allows the user to define a persistent directory
|
||||
that the dialog will always default to.
|
||||
|
||||
|
@ -1602,7 +1602,7 @@ The I<Filter:> text entry lets you set a capture filter expression to be
|
|||
used when capturing.
|
||||
|
||||
If any of the environment variables SSH_CONNECTION, SSH_CLIENT,
|
||||
REMOTEHOST, DISPLAY, or CLIENTNAME are set, Ethereal will create a
|
||||
REMOTEHOST, DISPLAY, or CLIENTNAME are set, Wireshark will create a
|
||||
default capture filter that excludes traffic from the hosts and ports
|
||||
defined in those variables.
|
||||
|
||||
|
@ -1630,8 +1630,8 @@ system for a particular save file.
|
|||
|
||||
=item Protocol Preferences
|
||||
|
||||
There are also pages for various protocols that Ethereal dissects,
|
||||
controlling the way Ethereal handles those protocols.
|
||||
There are also pages for various protocols that Wireshark dissects,
|
||||
controlling the way Wireshark handles those protocols.
|
||||
|
||||
=back
|
||||
|
||||
|
@ -1808,7 +1808,7 @@ does not close the dialog.
|
|||
|
||||
Saves the current list of color filters in your personal color filters
|
||||
file. Unless you do this they will not be used the next time you start
|
||||
Ethereal.
|
||||
Wireshark.
|
||||
|
||||
=item CLOSE
|
||||
|
||||
|
@ -1870,22 +1870,22 @@ The I<Stop capture after ... files> field lets you specify the number
|
|||
of capture files used, until the capture is stopped.
|
||||
|
||||
The I<Stop capture after ... packet(s)> check box and field let
|
||||
you specify that Ethereal should stop capturing after having captured
|
||||
some number of packets; if the check box is not checked, Ethereal will
|
||||
you specify that Wireshark should stop capturing after having captured
|
||||
some number of packets; if the check box is not checked, Wireshark will
|
||||
not stop capturing at some fixed number of captured packets.
|
||||
|
||||
The I<Stop capture after ... megabyte(s)> check box and field lets
|
||||
you specify that Ethereal should stop capturing after the file to which
|
||||
you specify that Wireshark should stop capturing after the file to which
|
||||
captured packets are being saved grows as large as or larger than some
|
||||
specified number of megabytes. If the check box is not checked, Ethereal
|
||||
specified number of megabytes. If the check box is not checked, Wireshark
|
||||
will not stop capturing at some capture file size (although the operating
|
||||
system on which Wireshark is running, or the available disk space, may still
|
||||
limit the maximum size of a capture file). This option is disabled, if
|
||||
"multiple files" mode is used,
|
||||
|
||||
The I<Stop capture after ... second(s)> check box and field let you
|
||||
specify that Ethereal should stop capturing after it has been capturing
|
||||
for some number of seconds; if the check box is not checked, Ethereal
|
||||
specify that Wireshark should stop capturing after it has been capturing
|
||||
for some number of seconds; if the check box is not checked, Wireshark
|
||||
will not stop capturing after some fixed time has elapsed.
|
||||
|
||||
The I<Update list of packets in real time> check box lets you specify
|
||||
|
@ -1901,11 +1901,11 @@ should be translated to names.
|
|||
|
||||
=item About
|
||||
|
||||
The I<About> dialog lets you view various information about Ethereal.
|
||||
The I<About> dialog lets you view various information about Wireshark.
|
||||
|
||||
=item About:Ethereal
|
||||
=item About:Wireshark
|
||||
|
||||
The I<Ethereal> page lets you view general information about Ethereal,
|
||||
The I<Wireshark> page lets you view general information about Wireshark,
|
||||
like the installed version, licensing information and such.
|
||||
|
||||
=item About:Authors
|
||||
|
@ -1914,7 +1914,7 @@ The I<Authors> page shows the author and all contributors.
|
|||
|
||||
=item About:Folders
|
||||
|
||||
The I<Folders> page lets you view the directory names where Ethereal is
|
||||
The I<Folders> page lets you view the directory names where Wireshark is
|
||||
searching it's various configuration and other files.
|
||||
|
||||
=item About:Plugins
|
||||
|
@ -1926,24 +1926,24 @@ The I<Plugins List> shows the name and version of each dissector plugin
|
|||
module found on your system.
|
||||
|
||||
On Unix-compatible systems, the plugins are looked for in the following
|
||||
directories: the F<lib/ethereal/plugins/$VERSION> directory under the
|
||||
directories: the F<lib/wireshark/plugins/$VERSION> directory under the
|
||||
main installation directory (for example,
|
||||
F</usr/local/lib/ethereal/plugins/$VERSION>), and then
|
||||
F<$HOME/.ethereal/plugins>.
|
||||
F</usr/local/lib/wireshark/plugins/$VERSION>), and then
|
||||
F<$HOME/.wireshark/plugins>.
|
||||
|
||||
On Windows systems, the plugins are looked for in the following
|
||||
directories: F<plugins\$VERSION> directory under the main installation
|
||||
directory (for example, F<C:\Program Files\Ethereal\plugins\$VERSION>),
|
||||
and then F<%APPDATA%\Ethereal\plugins\$VERSION> (or, if %APPDATA% isn't
|
||||
defined, F<%USERPROFILE%\Application Data\Ethereal\plugins\$VERSION>).
|
||||
directory (for example, F<C:\Program Files\Wireshark\plugins\$VERSION>),
|
||||
and then F<%APPDATA%\Wireshark\plugins\$VERSION> (or, if %APPDATA% isn't
|
||||
defined, F<%USERPROFILE%\Application Data\Wireshark\plugins\$VERSION>).
|
||||
|
||||
$VERSION is the version number of the plugin interface, which
|
||||
is typically the version number of Ethereal. Note that a dissector
|
||||
is typically the version number of Wireshark. Note that a dissector
|
||||
plugin module may support more than one protocol; there is not
|
||||
necessarily a one-to-one correspondence between dissector plugin modules
|
||||
and protocols. Protocols supported by a dissector plugin module are
|
||||
enabled and disabled using the I<Edit:Protocols> dialog box, just as
|
||||
protocols built into Ethereal are.
|
||||
protocols built into Wireshark are.
|
||||
|
||||
=back
|
||||
|
||||
|
@ -1954,11 +1954,11 @@ See the manual page of I<tcpdump(8)>.
|
|||
=head1 DISPLAY FILTER SYNTAX
|
||||
|
||||
For a complete table of protocol and protocol fields that are filterable
|
||||
in B<Ethereal> see the I<ethereal-filter(4)> manual page.
|
||||
in B<Wireshark> see the I<wireshark-filter(4)> manual page.
|
||||
|
||||
=head1 FILES
|
||||
|
||||
These files contains various B<Ethereal> configuration settings.
|
||||
These files contains various B<Wireshark> configuration settings.
|
||||
|
||||
=over 4
|
||||
|
||||
|
@ -1984,16 +1984,16 @@ starts a comment that runs to the end of the line:
|
|||
# TRUE or FALSE (case-insensitive).
|
||||
gui.scrollbar_on_right: TRUE
|
||||
|
||||
The global preferences file is looked for in the F<ethereal> directory
|
||||
The global preferences file is looked for in the F<wireshark> directory
|
||||
under the F<share> subdirectory of the main installation directory (for
|
||||
example, F</usr/local/share/ethereal/preferences>) on UNIX-compatible
|
||||
example, F</usr/local/share/wireshark/preferences>) on UNIX-compatible
|
||||
systems, and in the main installation directory (for example,
|
||||
F<C:\Program Files\Ethereal\preferences>) on Windows systems.
|
||||
F<C:\Program Files\Wireshark\preferences>) on Windows systems.
|
||||
|
||||
The personal preferences file is looked for in F<$HOME/.ethereal/preferences> on
|
||||
UNIX-compatible systems and F<%APPDATA%\Ethereal\preferences> (or, if
|
||||
The personal preferences file is looked for in F<$HOME/.wireshark/preferences> on
|
||||
UNIX-compatible systems and F<%APPDATA%\Wireshark\preferences> (or, if
|
||||
%APPDATA% isn't defined, F<%USERPROFILE%\Application
|
||||
Data\Ethereal\preferences>) on Windows systems.
|
||||
Data\Wireshark\preferences>) on Windows systems.
|
||||
|
||||
Note: Whenever the preferences are saved by using the I<Save> button
|
||||
in the I<Edit:Preferences> dialog box, your personal preferences file
|
||||
|
@ -2003,7 +2003,7 @@ unknown/obsolete settings that were in the file.
|
|||
=item Recent
|
||||
|
||||
The F<recent> file contains personal settings (mostly GUI related) such
|
||||
as the current B<Ethereal> window size. The file is saved at program exit and
|
||||
as the current B<Wireshark> window size. The file is saved at program exit and
|
||||
read in at program start automatically. Note: The command line flag B<-o>
|
||||
may be used to override settings from this file.
|
||||
|
||||
|
@ -2067,7 +2067,7 @@ lines of an F<ethers> file:
|
|||
|
||||
The global F<ethers> file is looked for in the F</etc> directory on
|
||||
UNIX-compatible systems, and in the main installation directory (for
|
||||
example, F<C:\Program Files\Ethereal>) on Windows systems.
|
||||
example, F<C:\Program Files\Wireshark>) on Windows systems.
|
||||
|
||||
The personal F<ethers> file is looked for in the same directory as the personal
|
||||
preferences file.
|
||||
|
@ -2114,7 +2114,7 @@ For example, these four lines are valid lines of an F<ipxnets> file:
|
|||
|
||||
The global F<ipxnets> file is looked for in the F</etc> directory on
|
||||
UNIX-compatible systems, and in the main installation directory (for
|
||||
example, F<C:\Program Files\Ethereal>) on Windows systems.
|
||||
example, F<C:\Program Files\Wireshark>) on Windows systems.
|
||||
|
||||
The personal F<ipxnets> file is looked for in the same directory as the
|
||||
personal preferences file.
|
||||
|
@ -2199,12 +2199,12 @@ See above in the description of the About:Plugins page.
|
|||
|
||||
=head1 SEE ALSO
|
||||
|
||||
I<ethereal-filter(4)> I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
|
||||
I<wireshark-filter(4)> I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
The latest version of B<Ethereal> can be found at
|
||||
B<http://www.ethereal.com>.
|
||||
The latest version of B<Wireshark> can be found at
|
||||
B<http://www.wireshark.org>.
|
||||
|
||||
=head1 AUTHORS
|
||||
|
|
@ -46,10 +46,10 @@ Please note that if you shift any files in the directory structure you MUST adju
|
|||
<!--
|
||||
<system
|
||||
systemId="EtherealMain1"
|
||||
uri="./graphics/ethereal-main.jpg" />
|
||||
uri="./graphics/wireshark-main.jpg" />
|
||||
<system
|
||||
systemId="EtherealThreePane1"
|
||||
uri="./graphics/ethereal-main.jpg" />
|
||||
uri="./graphics/wireshark-main.jpg" />
|
||||
<uri
|
||||
name="chunk.xsl"
|
||||
uri="docbook-xsl-1.62.1/html/chunk.xsl" />
|
||||
|
|
|
@ -46,15 +46,15 @@ DOCUMENT SECTION
|
|||
Ethereal Info
|
||||
-->
|
||||
<!ENTITY EtherealCurrentVersion "0.10.14">
|
||||
<!ENTITY EtherealWebSite "http://www.ethereal.com">
|
||||
<!ENTITY EtherealWebSite "http://www.wireshark.org">
|
||||
<!ENTITY EtherealDownloadPage "&EtherealWebSite;/download.html">
|
||||
<!ENTITY EtherealAuthorsPage "&EtherealWebSite;/introduction.html#authors">
|
||||
<!ENTITY EtherealFAQPage "&EtherealWebSite;/faq.html">
|
||||
<!ENTITY EtherealDevMailList "ethereal-dev[AT]ethereal.com">
|
||||
<!ENTITY EtherealDevMailList "wireshark-dev[AT]wireshark.org">
|
||||
<!ENTITY EtherealDevsGuidePage "&EtherealWebSite;/docs">
|
||||
<!ENTITY EtherealUsersGuidePage "&EtherealWebSite;/docs">
|
||||
<!ENTITY EtherealWikiSite "http://wiki.ethereal.com">
|
||||
<!ENTITY EtherealBugsSite "http://bugs.ethereal.com">
|
||||
<!ENTITY EtherealWikiSite "http://wiki.wireshark.org">
|
||||
<!ENTITY EtherealBugsSite "http://bugs.wireshark.org">
|
||||
|
||||
<!--
|
||||
Gnu info
|
||||
|
|
|
@ -353,7 +353,7 @@
|
|||
<para>
|
||||
There are several mailing lists of specific Ethereal topics available:
|
||||
<variablelist>
|
||||
<varlistentry><term><command>ethereal-announce</command></term>
|
||||
<varlistentry><term><command>wireshark-announce</command></term>
|
||||
<listitem>
|
||||
<para>
|
||||
This mailing list will inform you about new program
|
||||
|
@ -361,7 +361,7 @@
|
|||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry><term><command>ethereal-users</command></term>
|
||||
<varlistentry><term><command>wireshark-users</command></term>
|
||||
<listitem>
|
||||
<para>
|
||||
This list is for users of Ethereal. People post
|
||||
|
@ -370,7 +370,7 @@
|
|||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry><term><command>ethereal-dev</command></term>
|
||||
<varlistentry><term><command>wireshark-dev</command></term>
|
||||
<listitem>
|
||||
<para>
|
||||
This list is for Wireshark developers. People post questions about
|
||||
|
@ -379,7 +379,7 @@
|
|||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry><term><command>ethereal-bugs</command></term>
|
||||
<varlistentry><term><command>wireshark-bugs</command></term>
|
||||
<listitem>
|
||||
<para>
|
||||
This list is for Wireshark developers. Everytime a change to the bug
|
||||
|
@ -390,7 +390,7 @@
|
|||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry><term><command>ethereal-cvs</command></term>
|
||||
<varlistentry><term><command>wireshark-commits</command></term>
|
||||
<listitem>
|
||||
<para>
|
||||
This list is for Wireshark developers. Everytime a change to the SVN
|
||||
|
@ -422,7 +422,7 @@
|
|||
The Etereal community started collecting bug reports in a Bugzilla database at
|
||||
<ulink url="&EtherealBugsSite;">&EtherealBugsSite;</ulink>.
|
||||
This database is filled with manually filed bug reports, usually after some
|
||||
discussion on ethereal-dev, and bug reports from the QA build tooling.
|
||||
discussion on wireshark-dev, and bug reports from the QA build tooling.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
<para>
|
||||
Win32: All required libraries for the MSVC
|
||||
generation are available at:
|
||||
<ulink url="http://www.ethereal.com/distribution/win32/development/"/>,
|
||||
<ulink url="http://www.wireshark.org/distribution/win32/development/"/>,
|
||||
but see <xref linkend="ChLibsSetup"/> for an easier way to install the
|
||||
libraries.
|
||||
</para>
|
||||
|
@ -107,7 +107,7 @@
|
|||
</note>
|
||||
<para>
|
||||
By default the libraries will be downloaded and installed into
|
||||
<filename>C:\ethereal-win32-libs</filename>.
|
||||
<filename>C:\wireshark-win32-libs</filename>.
|
||||
You can change this to any other location by editing the file
|
||||
<filename>config.nmake</filename> and changing the line containing
|
||||
the WIRESHARK_LIBS setting to your favourite place (use an absolute path
|
||||
|
@ -247,7 +247,7 @@
|
|||
Then libsnmp is compiled with the "libsnmp - Win32 Release" project
|
||||
using MSVC++ 6.0. A file called "README.ethereal" has been placed in the
|
||||
net-snmp zip archive at <ulink
|
||||
url="http://anonsvn.ethereal.com/ethereal-win32-libs/trunk/packages/"/>
|
||||
url="http://anonsvn.wireshark.org/wireshark-win32-libs/trunk/packages/"/>
|
||||
describing the changes in more detail.
|
||||
</para>
|
||||
</section>
|
||||
|
|
|
@ -34,7 +34,7 @@
|
|||
<para>
|
||||
Subversion is used to keep track of the changes made to the Wireshark
|
||||
source code. The Wireshark source code is stored inside Ethereal project's
|
||||
Subversion repository located at a server at the ethereal.com domain.
|
||||
Subversion repository located at a server at the wireshark.org domain.
|
||||
</para>
|
||||
<para>
|
||||
To qoute the Subversion book about "What is Subversion?":
|
||||
|
@ -119,7 +119,7 @@
|
|||
found at:
|
||||
</para>
|
||||
<para>
|
||||
<ulink url="http://anonsvn.ethereal.com/ethereal/trunk/"/>.
|
||||
<ulink url="http://anonsvn.wireshark.org/ethereal/trunk/"/>.
|
||||
</para>
|
||||
<para>
|
||||
A <command>comprehensive view</command> of all source versions
|
||||
|
@ -127,7 +127,7 @@
|
|||
is available at:
|
||||
</para>
|
||||
<para>
|
||||
<ulink url="http://anonsvn.ethereal.com/viewcvs/viewcvs.py/"/>.
|
||||
<ulink url="http://anonsvn.wireshark.org/viewcvs/viewcvs.py/"/>.
|
||||
</para>
|
||||
<para>
|
||||
Of special interest might be the subdirectories:
|
||||
|
@ -183,7 +183,7 @@
|
|||
You can use a Subversion client to download the source code from
|
||||
Ethereal's anonymous Subversion repository. The URL for the repository
|
||||
trunk is:
|
||||
<ulink url="http://anonsvn.ethereal.com/ethereal/trunk/"/>.
|
||||
<ulink url="http://anonsvn.wireshark.org/ethereal/trunk/"/>.
|
||||
</para>
|
||||
<para>
|
||||
See <xref linkend="ChToolsSubversion"/> how to install a Subversion client.
|
||||
|
@ -194,7 +194,7 @@
|
|||
</para>
|
||||
<para>
|
||||
<prompt>$</prompt>
|
||||
<userinput>svn checkout http://anonsvn.ethereal.com/ethereal/trunk ethereal</userinput>
|
||||
<userinput>svn checkout http://anonsvn.wireshark.org/ethereal/trunk ethereal</userinput>
|
||||
</para>
|
||||
<para>
|
||||
The checkout has to be only done once. This will copy all the sources of
|
||||
|
@ -215,7 +215,7 @@
|
|||
<para>
|
||||
The entire source tree of the Subversion repository is available via a
|
||||
web interface at:
|
||||
<ulink url="http://anonsvn.ethereal.com/viewcvs/viewcvs.py/"/>.
|
||||
<ulink url="http://anonsvn.wireshark.org/viewcvs/viewcvs.py/"/>.
|
||||
You can view
|
||||
each revision of a particular file, as well as diffs between different
|
||||
revisions. You can also download individual files or entire directories.
|
||||
|
@ -235,7 +235,7 @@
|
|||
The buildbot server will automatically start to generate a snapshot of
|
||||
Ethereal's sourcetree after a source code change committed.
|
||||
These snapshots can be found at: <ulink
|
||||
url="http://www.ethereal.com/distribution/buildbot-builds/source/"/>.
|
||||
url="http://www.wireshark.org/distribution/buildbot-builds/source/"/>.
|
||||
</para>
|
||||
<para>
|
||||
If anonymous Subversion access isn't possible, e.g. if the connection to
|
||||
|
@ -258,7 +258,7 @@
|
|||
</para>
|
||||
<para>
|
||||
The officially released source files can be found at: <ulink
|
||||
url="http://www.ethereal.com/download.html"/>.
|
||||
url="http://www.wireshark.org/download.html"/>.
|
||||
You should use these sources if you want to build Ethereal on your
|
||||
platform for productive use.
|
||||
</para>
|
||||
|
@ -542,8 +542,8 @@ make
|
|||
Here is a small example of a patch file (XXX - generate a better example):
|
||||
<programlisting>
|
||||
<![CDATA[
|
||||
diff -ur ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/packet-dcerpc.c
|
||||
--- ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c 2004-08-12 15:42:26.000000000 -0700
|
||||
diff -ur ../wireshark-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/packet-dcerpc.c
|
||||
--- ../wireshark-0.10.6/epan/dissectors/packet-dcerpc.c 2004-08-12 15:42:26.000000000 -0700
|
||||
+++ ./epan/dissectors/packet-dcerpc.c 2004-08-19 18:48:32.000000000 -0700
|
||||
@@ -282,6 +282,7 @@
|
||||
/* we need to keep track of what transport were used, ie what handle we came
|
||||
|
@ -625,7 +625,7 @@ diff -ur ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/pa
|
|||
do a diff, you should
|
||||
have two source trees on your computer, one with your working copy
|
||||
(containing your changes), and one with the "official" source tree
|
||||
(hopefully the latest SVN files) from www.ethereal.com.
|
||||
(hopefully the latest SVN files) from www.wireshark.org.
|
||||
</para>
|
||||
<para>
|
||||
If you have only changed a single file, you could type something like
|
||||
|
@ -781,7 +781,7 @@ diff -ur ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/pa
|
|||
and the fuzz test randomly change bytes in this file, so unconditional
|
||||
code paths in your dissector are passed. There are tools available to
|
||||
automatically do this on any number of input files, see:
|
||||
<ulink url="http://wiki.ethereal.com/FuzzTesting"/> for details.
|
||||
<ulink url="http://wiki.wireshark.org/FuzzTesting"/> for details.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
@ -796,7 +796,7 @@ diff -ur ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/pa
|
|||
</para>
|
||||
<para>
|
||||
You should send an email to <ulink
|
||||
url="mailto:ethereal-dev[AT]ethereal.com"/> containing:
|
||||
url="mailto:wireshark-dev[AT]wireshark.org"/> containing:
|
||||
<itemizedlist>
|
||||
<listitem><para>
|
||||
subject: [PATCH] and a short description of your changes
|
||||
|
@ -1077,7 +1077,7 @@ $Id$
|
|||
</tip>
|
||||
<para>
|
||||
If everything went well, you will now find something like:
|
||||
<filename>ethereal-setup-&EtherealCurrentVersion;.exe</filename> in
|
||||
<filename>wireshark-setup-&EtherealCurrentVersion;.exe</filename> in
|
||||
the <filename>packaging/nsis</filename> directory.
|
||||
</para>
|
||||
</section>
|
||||
|
|
|
@ -201,7 +201,7 @@
|
|||
<entry>-</entry>
|
||||
<entry><ulink url="http://nsis.sourceforge.net">NSIS</ulink></entry>
|
||||
<entry>Only needed if you want to build your own
|
||||
ethereal-setup.exe.</entry>
|
||||
wireshark-setup.exe.</entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
|
@ -347,7 +347,7 @@
|
|||
<section>
|
||||
<title>Nullsoft Scriptable Install System (NSIS)</title>
|
||||
<para>
|
||||
If you want to build your own ethereal-setup.exe, you'll need NSIS.
|
||||
If you want to build your own wireshark-setup.exe, you'll need NSIS.
|
||||
You can download the NSIS setup from
|
||||
<ulink url="http://nsis.sourceforge.net"/> and simply install it.
|
||||
</para>
|
||||
|
|
|
@ -101,8 +101,8 @@ Ethereal Info
|
|||
<section id="GettingEthereal"><title>Getting Ethereal</title>
|
||||
<section><title>Microsoft Windows</title>
|
||||
<para>
|
||||
Download ethereal-setup-&EtherealCurrentVersion;.exe from the
|
||||
<ulink url="http://www.ethereal.com/distribution/win32/">Windows
|
||||
Download wireshark-setup-&EtherealCurrentVersion;.exe from the
|
||||
<ulink url="http://www.wireshark.org/distribution/win32/">Windows
|
||||
download area</ulink> on the main web site. Double-click the
|
||||
installer executable.
|
||||
</para>
|
||||
|
@ -111,7 +111,7 @@ Ethereal Info
|
|||
<section><title>Sun Solaris</title>
|
||||
<para>
|
||||
Download the appropriate package from the
|
||||
<ulink url="http://www.ethereal.com/distribution/solaris/">Solaris
|
||||
<ulink url="http://www.wireshark.org/distribution/solaris/">Solaris
|
||||
download area</ulink> on the main web site. Uncompress the package
|
||||
using bzip2, and install it using pkgadd.
|
||||
</para>
|
||||
|
@ -119,8 +119,8 @@ Ethereal Info
|
|||
|
||||
<section><title>Source Code</title>
|
||||
<para>
|
||||
Download ethereal-&EtherealCurrentVersion;.tar.gz from the
|
||||
<ulink url="http://www.ethereal.com/distribution/">main
|
||||
Download wireshark-&EtherealCurrentVersion;.tar.gz from the
|
||||
<ulink url="http://www.wireshark.org/distribution/">main
|
||||
download area</ulink> on the web site. Extract the package
|
||||
using tar and gzip. Run "configure ; make ; make install".
|
||||
</para>
|
||||
|
@ -131,7 +131,7 @@ Ethereal Info
|
|||
Most Linux and Unix vendors supply their own Ethereal packages.
|
||||
You can install or upgrade Ethereal using the package management
|
||||
system specific to that platform. A list of third-party packages
|
||||
can be found on the <ulink url="http://www.ethereal.com/download.html#otherplat">download page</ulink> on the Wireshark web site.
|
||||
can be found on the <ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
|
@ -159,7 +159,7 @@ Ethereal Info
|
|||
On Windows systems the packet list scroll bar can sometimes disappear
|
||||
or become unusable. Until the problem is fixed you can work around it
|
||||
by resizing the packet list or the main window.
|
||||
(<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220">Bug
|
||||
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220">Bug
|
||||
#220</ulink>)
|
||||
</para>
|
||||
|
||||
|
@ -170,25 +170,25 @@ Ethereal Info
|
|||
|
||||
<para>
|
||||
Trying to save flow data may crash Ethereal.
|
||||
(<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=396">Bug
|
||||
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=396">Bug
|
||||
#396</ulink>)
|
||||
</para>
|
||||
|
||||
<para>
|
||||
It may not be possible to re-order coloring rules under Windows.
|
||||
(<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=699">Bug
|
||||
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=699">Bug
|
||||
#699</ulink>)
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Multiple tap interfaces may cause a crash under FreeBSD.
|
||||
(<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=757">Bug
|
||||
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=757">Bug
|
||||
#757</ulink>)
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Ethereal may crash while viewing TCP streams.
|
||||
(<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=852">Bug
|
||||
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=852">Bug
|
||||
#852</ulink>)
|
||||
</para>
|
||||
|
||||
|
@ -196,9 +196,9 @@ Ethereal Info
|
|||
|
||||
<section id="GettingHelp"><title>Getting Help</title>
|
||||
<para>
|
||||
Community support is available on the ethereal-users mailing list.
|
||||
Community support is available on the wireshark-users mailing list.
|
||||
Subscription information and archives for all of Ethereal's mailing
|
||||
lists can be found on <ulink url="http://www.ethereal.com/lists/">the
|
||||
lists can be found on <ulink url="http://www.wireshark.org/lists/">the
|
||||
web site</ulink>. There is also an <ulink url="irc://irc.freenode.net/ethereal">IRC channel dedicated to Ethereal</ulink>.
|
||||
</para>
|
||||
<para>
|
||||
|
@ -210,7 +210,7 @@ Ethereal Info
|
|||
<section id="FAQ"><title>Frequently Asked Questions</title>
|
||||
<para>
|
||||
A complete FAQ is available on the
|
||||
<ulink url="http://www.ethereal.com/faq.html">Ethereal web site</ulink>.
|
||||
<ulink url="http://www.wireshark.org/faq.html">Ethereal web site</ulink>.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@
|
|||
<entry><command>preferences</command></entry>
|
||||
<entry>Settings from the Preferences dialog box.</entry>
|
||||
<entry>/etc/ethereal.conf, $HOME/.ethereal/preferences</entry>
|
||||
<entry>%ETHEREAL%\ethereal.conf, %APPDATA%\Wireshark\preferences</entry>
|
||||
<entry>%WIRESHARK%\ethereal.conf, %APPDATA%\Wireshark\preferences</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><command>recent</command></entry>
|
||||
|
@ -51,37 +51,37 @@
|
|||
<entry><command>cfilters</command></entry>
|
||||
<entry>Capture filters.</entry>
|
||||
<entry>$HOME/.ethereal/cfilters</entry>
|
||||
<entry>%ETHEREAL%\cfilters, %APPDATA%\Wireshark\cfilters</entry>
|
||||
<entry>%WIRESHARK%\cfilters, %APPDATA%\Wireshark\cfilters</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><command>dfilters</command></entry>
|
||||
<entry>Display filters.</entry>
|
||||
<entry>$HOME/.ethereal/dfilters</entry>
|
||||
<entry>%ETHEREAL%\dfilters, %APPDATA%\Wireshark\dfilters</entry>
|
||||
<entry>%WIRESHARK%\dfilters, %APPDATA%\Wireshark\dfilters</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><command>colorfilters</command></entry>
|
||||
<entry>Coloring rules.</entry>
|
||||
<entry>$HOME/.ethereal/colorfilters</entry>
|
||||
<entry>%ETHEREAL%\colorfilters, %APPDATA%\Wireshark\colorfilters</entry>
|
||||
<entry>%WIRESHARK%\colorfilters, %APPDATA%\Wireshark\colorfilters</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><command>disabled_protos</command></entry>
|
||||
<entry>Disabled protocols.</entry>
|
||||
<entry>$HOME/.ethereal/disabled_protos</entry>
|
||||
<entry>%ETHEREAL%\disabled_protos, %APPDATA%\Wireshark\disabled_protos</entry>
|
||||
<entry>%WIRESHARK%\disabled_protos, %APPDATA%\Wireshark\disabled_protos</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><command>ethers</command></entry>
|
||||
<entry>Ethernet name resolution.</entry>
|
||||
<entry>/etc/ethers, $HOME/.ethereal/ethers</entry>
|
||||
<entry>%ETHEREAL%\ethers, %APPDATA%\Wireshark\ethers</entry>
|
||||
<entry>%WIRESHARK%\ethers, %APPDATA%\Wireshark\ethers</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><command>manuf</command></entry>
|
||||
<entry>Ethernet name resolution.</entry>
|
||||
<entry>/etc/manuf</entry>
|
||||
<entry>%ETHEREAL%\manuf</entry>
|
||||
<entry>%WIRESHARK%\manuf</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><command>hosts</command></entry>
|
||||
|
@ -93,7 +93,7 @@
|
|||
<entry><command>ipxnets</command></entry>
|
||||
<entry>IPX name resolution.</entry>
|
||||
<entry>$HOME/.ethereal/ipxnets</entry>
|
||||
<entry>%ETHEREAL%\ipxnets</entry>
|
||||
<entry>%WIRESHARK%\ipxnets</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><command>plugins</command></entry>
|
||||
|
@ -102,7 +102,7 @@
|
|||
/usr/local/share/ethereal/plugins,
|
||||
$HOME/.ethereal/plugins
|
||||
</entry>
|
||||
<entry>%ETHEREAL%\plugins\<version>,
|
||||
<entry>%WIRESHARK%\plugins\<version>,
|
||||
%APPDATA%\Wireshark\plugins</entry>
|
||||
</row>
|
||||
<row>
|
||||
|
@ -119,7 +119,7 @@
|
|||
%APPDATA% points to the personal configuration folder, typically
|
||||
<filename>C:\Documents and Settings\<username>\Application Data</filename>
|
||||
(for further details, have a look at <xref linkend="ChWindowsProfiles"/>),
|
||||
%ETHEREAL% points to the Wireshark program folder, typically
|
||||
%WIRESHARK% points to the Wireshark program folder, typically
|
||||
<filename>C:\Program Files\Wireshark</filename>
|
||||
</para>
|
||||
</note>
|
||||
|
|
|
@ -813,7 +813,7 @@ where <input-filename> specifies input filename (use - for standard input)
|
|||
<para>
|
||||
It is also COOL to work on a great Open Source project such as
|
||||
the case with "Wireshark" (
|
||||
<ulink url="http://www.ethereal.com">http://www.ethereal.com</ulink>
|
||||
<ulink url="http://www.wireshark.org">http://www.wireshark.org</ulink>
|
||||
)
|
||||
</para>
|
||||
</section>
|
||||
|
|
|
@ -683,7 +683,7 @@
|
|||
<para><command>DNS/ADNS name resolution (system/library service)</command>
|
||||
Wireshark will ask the operating system (or the ADNS library),
|
||||
to convert an IP address to the hostname associated with it
|
||||
(e.g. 65.208.228.223 -> www.ethereal.com). The DNS service is using
|
||||
(e.g. 65.208.228.223 -> www.wireshark.org). The DNS service is using
|
||||
synchronous calls to the DNS server. So Wireshark will stop responding
|
||||
until a response to a DNS request is returned. If possible, you might
|
||||
consider using the ADNS library (which won't wait for a network response).
|
||||
|
@ -724,7 +724,7 @@
|
|||
<para><command>hosts name resolution (hosts file)</command>
|
||||
If DNS name resolution failed, Wireshark will try to convert an IP address
|
||||
to the hostname associated with it, using an hosts file provided by the
|
||||
user (e.g. 65.208.228.223 -> www.ethereal.com).
|
||||
user (e.g. 65.208.228.223 -> www.wireshark.org).
|
||||
</para>
|
||||
</section>
|
||||
|
||||
|
|
|
@ -285,22 +285,22 @@ apt-get install ethereal
|
|||
version of UNIX uses GNU <command>tar</command>, you can use the
|
||||
following command:
|
||||
<programlisting>
|
||||
tar zxvf ethereal-&WiresharkCurrentVersion;-tar.gz
|
||||
tar zxvf wireshark-&WiresharkCurrentVersion;-tar.gz
|
||||
</programlisting>
|
||||
</para>
|
||||
<para>
|
||||
For other versions of UNIX, You will want to use the following
|
||||
commands:
|
||||
<programlisting>
|
||||
gzip -d ethereal-&WiresharkCurrentVersion;-tar.gz
|
||||
tar xvf ethereal-&WiresharkCurrentVersion;-tar
|
||||
gzip -d wireshark-&WiresharkCurrentVersion;-tar.gz
|
||||
tar xvf wireshark-&WiresharkCurrentVersion;-tar
|
||||
</programlisting>
|
||||
<note>
|
||||
<title>Note!</title>
|
||||
<para>
|
||||
The pipeline
|
||||
<command>
|
||||
gzip -dc ethereal-&WiresharkCurrentVersion;-tar.gz | tar xvf -
|
||||
gzip -dc wireshark-&WiresharkCurrentVersion;-tar.gz | tar xvf -
|
||||
</command> will work here as well.
|
||||
</para>
|
||||
</note>
|
||||
|
@ -375,7 +375,7 @@ make install
|
|||
Use the following command to install the Wireshark RPM that you have
|
||||
downloaded from the Wireshark web site:
|
||||
<programlisting>
|
||||
rpm -ivh ethereal-0.10.5-0.2.2.i386.rpm
|
||||
rpm -ivh wireshark-0.10.5-0.2.2.i386.rpm
|
||||
</programlisting>
|
||||
If the above step fails because of missing dependencies, install the
|
||||
dependencies first, and then retry the step above. See
|
||||
|
@ -426,7 +426,7 @@ apt-get install ethereal
|
|||
</para>
|
||||
<para>
|
||||
If you cannot determine what the problems are, send mail to the
|
||||
<command>ethereal-dev</command> mailing list explaining your problem,
|
||||
<command>wireshark-dev</command> mailing list explaining your problem,
|
||||
and including the output from <filename>config.log</filename> and
|
||||
anything else you think is relevant, like a trace of the
|
||||
<command>make</command> stage.
|
||||
|
@ -442,7 +442,7 @@ apt-get install ethereal
|
|||
<para>
|
||||
For further information how to build Wireshark for Windows from the
|
||||
sources, have a look at the Development Wiki:
|
||||
<ulink url="http://wiki.ethereal.com/Development">http://wiki.ethereal.com/Development</ulink>
|
||||
<ulink url="http://wiki.wireshark.org/Development">http://wiki.wireshark.org/Development</ulink>
|
||||
for the latest available development documentation.
|
||||
</para>
|
||||
</section>
|
||||
|
@ -457,7 +457,7 @@ apt-get install ethereal
|
|||
<title>Install Wireshark</title>
|
||||
<para>
|
||||
You may acquire a binary installer of Wireshark named something like:
|
||||
<filename>ethereal-setup-x.y.z.exe</filename>.
|
||||
<filename>wireshark-setup-x.y.z.exe</filename>.
|
||||
</para>
|
||||
<para>
|
||||
Simply download the Wireshark installer from:
|
||||
|
@ -522,7 +522,7 @@ apt-get install ethereal
|
|||
</itemizedlist>
|
||||
<para> Example:
|
||||
<programlisting>
|
||||
ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\Program Files\Foo
|
||||
wireshark-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\Program Files\Foo
|
||||
</programlisting>
|
||||
</para>
|
||||
</section>
|
||||
|
@ -569,7 +569,7 @@ ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\P
|
|||
<listitem><para>
|
||||
<command>Mate - Meta Analysis and Tracing Engine</command> - user
|
||||
configurable extension(s) of the display filter engine, see
|
||||
<ulink url="http://wiki.ethereal.com/Mate">http://wiki.ethereal.com/Mate</ulink>
|
||||
<ulink url="http://wiki.wireshark.org/Mate">http://wiki.wireshark.org/Mate</ulink>
|
||||
for details.
|
||||
</para></listitem>
|
||||
<listitem><para>
|
||||
|
@ -639,7 +639,7 @@ ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\P
|
|||
<itemizedlist>
|
||||
<listitem><para>
|
||||
Wireshark related:
|
||||
<ulink url="http://wiki.ethereal.com/WinPcap">http://wiki.ethereal.com/WinPcap</ulink>
|
||||
<ulink url="http://wiki.wireshark.org/WinPcap">http://wiki.wireshark.org/WinPcap</ulink>
|
||||
</para></listitem>
|
||||
<listitem><para>
|
||||
General WinPcap info:
|
||||
|
@ -663,9 +663,9 @@ ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\P
|
|||
<ulink url="&WinPcapWebsite;">&WinPcapWebsite;</ulink>
|
||||
</para></listitem>
|
||||
<listitem><para>
|
||||
The ethereal.com mirror:
|
||||
<ulink url="http://winpcap.mirror.ethereal.com">
|
||||
http://winpcap.mirror.ethereal.com</ulink>
|
||||
The wireshark.org mirror:
|
||||
<ulink url="http://winpcap.mirror.wireshark.org">
|
||||
http://winpcap.mirror.wireshark.org</ulink>
|
||||
</para></listitem>
|
||||
<listitem><para>
|
||||
The Wiretapped.net mirror:
|
||||
|
|
|
@ -56,7 +56,7 @@
|
|||
</para>
|
||||
<tip><title>Tip!</title><para>
|
||||
A comprehensive guide "How To setup a Capture" is available at:
|
||||
<ulink url="http://wiki.ethereal.com/CaptureSetup">http://wiki.ethereal.com/CaptureSetup</ulink>.
|
||||
<ulink url="http://wiki.wireshark.org/CaptureSetup">http://wiki.wireshark.org/CaptureSetup</ulink>.
|
||||
</para></tip>
|
||||
<para>
|
||||
Here are some common pitfalls:
|
||||
|
|
|
@ -273,7 +273,7 @@
|
|||
</para>
|
||||
<para>
|
||||
If you want to be notified about new Wireshark releases, you should
|
||||
subscribe to the ethereal-announce mailing list. You will find more
|
||||
subscribe to the wireshark-announce mailing list. You will find more
|
||||
details in <xref linkend="ChIntroMailingLists"/>.
|
||||
</para>
|
||||
</section>
|
||||
|
@ -455,7 +455,7 @@
|
|||
<para>
|
||||
There are several mailing lists of specific Wireshark topics available:
|
||||
<variablelist>
|
||||
<varlistentry><term><command>ethereal-announce</command></term>
|
||||
<varlistentry><term><command>wireshark-announce</command></term>
|
||||
<listitem>
|
||||
<para>
|
||||
This mailing list will inform you about new program
|
||||
|
@ -463,7 +463,7 @@
|
|||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry><term><command>ethereal-users</command></term>
|
||||
<varlistentry><term><command>wireshark-users</command></term>
|
||||
<listitem>
|
||||
<para>
|
||||
This list is for users of Wireshark. People post
|
||||
|
@ -472,7 +472,7 @@
|
|||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry><term><command>ethereal-dev</command></term>
|
||||
<varlistentry><term><command>wireshark-dev</command></term>
|
||||
<listitem>
|
||||
<para>
|
||||
This list is for Wireshark developers. If you want to start
|
||||
|
|
|
@ -499,7 +499,7 @@
|
|||
</para>
|
||||
<para>
|
||||
Some of these statistics are described at the
|
||||
<ulink url="http://wiki.ethereal.com/Statistics"/> pages.
|
||||
<ulink url="http://wiki.wireshark.org/Statistics"/> pages.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
|
|
|
@ -60,6 +60,6 @@ EXCLUDE_PATTERNS =
|
|||
# can add a path in front of the file if the result should not be
|
||||
# written to the html output directory.
|
||||
|
||||
CHM_FILE = ethereal-gtk.chm
|
||||
CHM_FILE = wireshark-gtk.chm
|
||||
|
||||
@INCLUDE = doxygen_global.cfg
|
||||
|
|
|
@ -21,7 +21,7 @@ display filter engine.
|
|||
Example: add an 'in' display filter operation
|
||||
=============================================
|
||||
|
||||
This example has been discussed on ethereal-dev in April 2004. It illustrates
|
||||
This example has been discussed on wireshark-dev in April 2004. It illustrates
|
||||
how a more complex operation can be added to the display filter language.
|
||||
|
||||
Question:
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
found at http://wiki.wireshark.org/Pidl
|
||||
*/
|
||||
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
found at http://wiki.wireshark.org/Pidl
|
||||
*/
|
||||
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
found at http://wiki.wireshark.org/Pidl
|
||||
*/
|
||||
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
found at http://wiki.wireshark.org/Pidl
|
||||
*/
|
||||
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
found at http://wiki.wireshark.org/Pidl
|
||||
*/
|
||||
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
found at http://wiki.wireshark.org/Pidl
|
||||
*/
|
||||
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
|
||||
# by quotes) that should identify the project.
|
||||
|
||||
PROJECT_NAME = Ethereal-Epan
|
||||
PROJECT_NAME = Wireshark-Epan
|
||||
|
||||
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
|
||||
# This could be handy for archiving the generated documentation or
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# Makefile.am
|
||||
# Automake file for the GTK interface routines for Ethereal
|
||||
# Automake file for the GTK interface routines for Wireshark
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
|
@ -33,9 +33,9 @@ MAINTAINERCLEANFILES = \
|
|||
$(GENERATED_FILES) \
|
||||
Makefile.in
|
||||
|
||||
ethereal-tap-register.c: $(ETHEREAL_TAP_SRC) $(top_srcdir)/make-tapreg-dotc
|
||||
@echo Making ethereal-tap-register.c
|
||||
@$(top_srcdir)/make-tapreg-dotc ethereal-tap-register.c $(srcdir) $(ETHEREAL_TAP_SRC)
|
||||
wireshark-tap-register.c: $(WIRESHARK_TAP_SRC) $(top_srcdir)/make-tapreg-dotc
|
||||
@echo Making wireshark-tap-register.c
|
||||
@$(top_srcdir)/make-tapreg-dotc wireshark-tap-register.c $(srcdir) $(WIRESHARK_TAP_SRC)
|
||||
|
||||
noinst_HEADERS = \
|
||||
about_dlg.h \
|
||||
|
@ -108,16 +108,16 @@ noinst_HEADERS = \
|
|||
|
||||
if USE_GTK2
|
||||
libui_a_SOURCES = \
|
||||
$(ETHEREAL_GTK_SRC) \
|
||||
$(WIRESHARK_GTK_SRC) \
|
||||
$(noinst_HEADERS) \
|
||||
$(ETHEREAL_TAP_SRC)
|
||||
$(WIRESHARK_TAP_SRC)
|
||||
else
|
||||
libui_a_SOURCES = \
|
||||
ethclist.c \
|
||||
ethclist.h \
|
||||
$(ETHEREAL_GTK_SRC) \
|
||||
$(WIRESHARK_GTK_SRC) \
|
||||
$(noinst_HEADERS) \
|
||||
$(ETHEREAL_TAP_SRC)
|
||||
$(WIRESHARK_TAP_SRC)
|
||||
endif
|
||||
|
||||
libui_a_DEPENDENCIES =
|
||||
|
|
|
@ -29,7 +29,7 @@ GENERATED_HEADER_FILES =
|
|||
|
||||
# Generated C source files that we want in the distribution.
|
||||
GENERATED_C_FILES = \
|
||||
ethereal-tap-register.c
|
||||
wireshark-tap-register.c
|
||||
|
||||
# All the generated files we want in the distribution.
|
||||
GENERATED_FILES = $(GENERATED_HEADER_FILES) $(GENERATED_C_FILES)
|
||||
|
@ -38,7 +38,7 @@ GENERATED_FILES = $(GENERATED_HEADER_FILES) $(GENERATED_C_FILES)
|
|||
# ethclist.obj is not in here because it is currently gtk+-1.2-only
|
||||
# code, while the DLL for GTK+ on Windows is gtk+-1.3 or gtk+-2.x.
|
||||
#
|
||||
ETHEREAL_GTK_SRC = \
|
||||
WIRESHARK_GTK_SRC = \
|
||||
about_dlg.c \
|
||||
capture_dlg.c \
|
||||
capture_file_dlg.c \
|
||||
|
@ -57,7 +57,7 @@ ETHEREAL_GTK_SRC = \
|
|||
dfilter_expr_dlg.c \
|
||||
dlg_utils.c \
|
||||
drag_and_drop.c \
|
||||
ethereal-tap-register.c \
|
||||
wireshark-tap-register.c \
|
||||
expert_comp_table.c \
|
||||
file_dlg.c \
|
||||
fileset_dlg.c \
|
||||
|
@ -108,7 +108,7 @@ ETHEREAL_GTK_SRC = \
|
|||
webbrowser.c
|
||||
|
||||
|
||||
ETHEREAL_TAP_SRC = \
|
||||
WIRESHARK_TAP_SRC = \
|
||||
afp_stat.c \
|
||||
ansi_a_stat.c \
|
||||
ansi_map_stat.c \
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
## Makefile for building ethereal.exe with Microsoft C and nmake
|
||||
## Makefile for building wireshark.exe with Microsoft C and nmake
|
||||
## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
|
||||
#
|
||||
# $Id$
|
||||
|
@ -18,8 +18,8 @@ CFLAGS=-DHAVE_CONFIG_H /I.. /I../wiretap $(GTK_CFLAGS) $(GNUTLS_CFLAGS) \
|
|||
|
||||
CVARSDLL=-DWIN32 -DNULL=0 -D_MT -D_DLL
|
||||
|
||||
!IFDEF ETHEREAL_EUG_DIR
|
||||
EUG_CFLAGS=-DETHEREAL_EUG_DIR
|
||||
!IFDEF WIRESHARK_EUG_DIR
|
||||
EUG_CFLAGS=-DWIRESHARK_EUG_DIR
|
||||
!ENDIF
|
||||
|
||||
.c.obj::
|
||||
|
@ -29,28 +29,28 @@ include Makefile.common
|
|||
|
||||
|
||||
# if you add files here, be sure to include them also in Makefile.am EXTRA_DIST
|
||||
ETHEREAL_WIN32_GTK_SRC = \
|
||||
$(ETHEREAL_GTK_SRC) \
|
||||
WIRESHARK_WIN32_GTK_SRC = \
|
||||
$(WIRESHARK_GTK_SRC) \
|
||||
print_mswin.c \
|
||||
win32-file-dlg.c
|
||||
|
||||
|
||||
ETHEREAL_TAP_OBJECTS = $(ETHEREAL_TAP_SRC:.c=.obj)
|
||||
WIRESHARK_TAP_OBJECTS = $(WIRESHARK_TAP_SRC:.c=.obj)
|
||||
|
||||
|
||||
ETHEREAL_WIN32_GTK_OBJECTS = $(ETHEREAL_WIN32_GTK_SRC:.c=.obj)
|
||||
WIRESHARK_WIN32_GTK_OBJECTS = $(WIRESHARK_WIN32_GTK_SRC:.c=.obj)
|
||||
|
||||
|
||||
libui.lib : ..\config.h $(ETHEREAL_WIN32_GTK_OBJECTS) $(ETHEREAL_TAP_OBJECTS)
|
||||
link /lib /out:libui.lib $(ETHEREAL_WIN32_GTK_OBJECTS) $(ETHEREAL_TAP_OBJECTS)
|
||||
libui.lib : ..\config.h $(WIRESHARK_WIN32_GTK_OBJECTS) $(WIRESHARK_TAP_OBJECTS)
|
||||
link /lib /out:libui.lib $(WIRESHARK_WIN32_GTK_OBJECTS) $(WIRESHARK_TAP_OBJECTS)
|
||||
|
||||
ethereal-tap-register.c: $(ETHEREAL_TAP_SRC) ../make-tapreg-dotc Makefile.common
|
||||
@echo Making ethereal-tap-register.c
|
||||
@$(SH) ../make-tapreg-dotc ethereal-tap-register.c . $(ETHEREAL_TAP_SRC)
|
||||
wireshark-tap-register.c: $(WIRESHARK_TAP_SRC) ../make-tapreg-dotc Makefile.common
|
||||
@echo Making wireshark-tap-register.c
|
||||
@$(SH) ../make-tapreg-dotc wireshark-tap-register.c . $(WIRESHARK_TAP_SRC)
|
||||
|
||||
|
||||
clean:
|
||||
rm -f $(ETHEREAL_WIN32_GTK_OBJECTS) $(ETHEREAL_TAP_OBJECTS) libui.lib $(PDB_FILE) doxygen.cfg html/*.*
|
||||
rm -f $(WIRESHARK_WIN32_GTK_OBJECTS) $(WIRESHARK_TAP_OBJECTS) libui.lib $(PDB_FILE) doxygen.cfg html/*.*
|
||||
if exist html rmdir html
|
||||
|
||||
distclean: clean
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
|
||||
# by quotes) that should identify the project.
|
||||
|
||||
PROJECT_NAME = Ethereal-GTK
|
||||
PROJECT_NAME = Wireshark-GTK
|
||||
|
||||
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
|
||||
# This could be handy for archiving the generated documentation or
|
||||
|
@ -60,6 +60,6 @@ EXCLUDE_PATTERNS =
|
|||
# can add a path in front of the file if the result should not be
|
||||
# written to the html output directory.
|
||||
|
||||
CHM_FILE = ethereal-gtk.chm
|
||||
CHM_FILE = wireshark-gtk.chm
|
||||
|
||||
@INCLUDE = ../doxygen_global.cfg
|
||||
|
|
|
@ -100,7 +100,7 @@ static gboolean window_geom_load(const gchar *name, window_geometry_t *geom);
|
|||
or class name specified by the WM_CLASS property and base the
|
||||
choice of icon for the window on one of those; WM_CLASS for
|
||||
Wireshark's windows has a resource name of "ethereal" and a class
|
||||
name of "Ethereal". However, the way that's done is window-manager-
|
||||
name of "Wireshark". However, the way that's done is window-manager-
|
||||
specific, and there's no way to determine what size a particular
|
||||
window manager would want, so there's no way to automate this as
|
||||
part of the installation of Wireshark.
|
||||
|
|
|
@ -180,7 +180,7 @@ win32_open_file (HWND h_wnd) {
|
|||
OFN_ENABLEHOOK;
|
||||
ofn.lpstrDefExt = NULL;
|
||||
ofn.lpfnHook = open_file_hook_proc;
|
||||
ofn.lpTemplateName = _T("ETHEREAL_OPENFILENAME_TEMPLATE");
|
||||
ofn.lpTemplateName = _T("WIRESHARK_OPENFILENAME_TEMPLATE");
|
||||
|
||||
/* XXX - Get our filter */
|
||||
|
||||
|
@ -233,7 +233,7 @@ win32_save_as_file(HWND h_wnd, action_after_save_e action_after_save, gpointer a
|
|||
OFN_PATHMUSTEXIST | OFN_ENABLEHOOK;
|
||||
ofn.lpstrDefExt = NULL;
|
||||
ofn.lpfnHook = save_as_file_hook_proc;
|
||||
ofn.lpTemplateName = _T("ETHEREAL_SAVEFILENAME_TEMPLATE");
|
||||
ofn.lpTemplateName = _T("WIRESHARK_SAVEFILENAME_TEMPLATE");
|
||||
|
||||
if (GetSaveFileName(&ofn)) {
|
||||
g_sf_hwnd = NULL;
|
||||
|
@ -324,7 +324,7 @@ win32_merge_file (HWND h_wnd) {
|
|||
OFN_ENABLEHOOK;
|
||||
ofn.lpstrDefExt = NULL;
|
||||
ofn.lpfnHook = merge_file_hook_proc;
|
||||
ofn.lpTemplateName = _T("ETHEREAL_MERGEFILENAME_TEMPLATE");
|
||||
ofn.lpTemplateName = _T("WIRESHARK_MERGEFILENAME_TEMPLATE");
|
||||
|
||||
if (GetOpenFileName(&ofn)) {
|
||||
filetype = cfile.cd_t;
|
||||
|
@ -426,7 +426,7 @@ win32_export_file(HWND h_wnd, export_type_e export_type) {
|
|||
OFN_PATHMUSTEXIST | OFN_ENABLEHOOK;
|
||||
ofn.lpstrDefExt = NULL;
|
||||
ofn.lpfnHook = export_file_hook_proc;
|
||||
ofn.lpTemplateName = _T("ETHEREAL_EXPORTFILENAME_TEMPLATE");
|
||||
ofn.lpTemplateName = _T("WIRESHARK_EXPORTFILENAME_TEMPLATE");
|
||||
|
||||
/* Fill in our print (and export) args */
|
||||
|
||||
|
@ -526,7 +526,7 @@ win32_export_raw_file(HWND h_wnd) {
|
|||
ofn.lpstrDefExt = NULL;
|
||||
ofn.lCustData = cfile.finfo_selected->length;
|
||||
ofn.lpfnHook = export_raw_file_hook_proc;
|
||||
ofn.lpTemplateName = _T("ETHEREAL_EXPORTRAWFILENAME_TEMPLATE");
|
||||
ofn.lpTemplateName = _T("WIRESHARK_EXPORTRAWFILENAME_TEMPLATE");
|
||||
|
||||
/*
|
||||
* XXX - The GTK+ code uses get_byte_view_data_and_length(). We just
|
||||
|
@ -884,7 +884,7 @@ preview_set_filename(HWND of_hwnd, gchar *preview_file) {
|
|||
|
||||
}
|
||||
|
||||
// XXX - Copied from "filter-util.c" in the ethereal-win32 branch
|
||||
// XXX - Copied from "filter-util.c" in the wireshark-win32 branch
|
||||
/* XXX - The only reason for the "filter_text" parameter is to be able to feed
|
||||
* in the "real" filter string in the case of a CBN_SELCHANGE notification message.
|
||||
*/
|
||||
|
|
32
help/faq.txt
32
help/faq.txt
|
@ -2,7 +2,7 @@
|
|||
The Wireshark FAQ
|
||||
|
||||
Note: This is just an ASCII snapshot of the faq and may not be up to
|
||||
date. Please go to http://www.ethereal.com/faq.html for the up
|
||||
date. Please go to http://www.wireshark.org/faq.html for the up
|
||||
to date version. The version of this snapshot can be found at
|
||||
the end of this document.
|
||||
|
||||
|
@ -237,9 +237,9 @@
|
|||
|
||||
Q 1.1: Where can I get help?
|
||||
|
||||
A: Community support is available on the ethereal-users mailing list.
|
||||
A: Community support is available on the wireshark-users mailing list.
|
||||
Subscription information and archives for all of Ethereal's mailing lists
|
||||
can be found at http://www.ethereal.com/lists. An IRC channel dedicated to
|
||||
can be found at http://www.wireshark.org/lists. An IRC channel dedicated to
|
||||
Ethereal can be found at irc://irc.freenode.net/ethereal.
|
||||
|
||||
Commercial support, training, and development services are available from
|
||||
|
@ -1080,7 +1080,7 @@ cies
|
|||
it means "we don't know whether it can capture on them"; we expect that it
|
||||
will be able to capture on many of them, but we haven't tried it ourselves -
|
||||
if you try one of those types and it works, please send an update to
|
||||
ethereal-web[AT]ethereal.com).
|
||||
wireshark-web[AT]wireshark.org).
|
||||
|
||||
It can also read a variety of capture file formats, including:
|
||||
* AG Group/WildPackets EtherPeek/TokenPeek/AiroPeek/EtherHelp/Packet
|
||||
|
@ -1177,12 +1177,12 @@ cies
|
|||
nonwithstanding; newer versions make it a bit clearer by giving that RPM a
|
||||
name starting with wireshark-base.
|
||||
|
||||
In those older versions, there's a separate ethereal-gnome RPM that includes
|
||||
In those older versions, there's a separate wireshark-gnome RPM that includes
|
||||
GUI components such as Ethereal itself, the fact that Ethereal doesn't use
|
||||
GNOME nonwithstanding; newer versions make it a bit clearer by giving that
|
||||
RPM a name starting with wireshark-gtk+.
|
||||
|
||||
Find the ethereal-gnome or ethereal-gtk+ RPM, and install that also.
|
||||
Find the wireshark-gnome or wireshark-gtk+ RPM, and install that also.
|
||||
|
||||
4. Building Ethereal
|
||||
|
||||
|
@ -1729,7 +1729,7 @@ cies
|
|||
that release, as, if there's a bug of that sort, it might've been fixed in a
|
||||
release after the one you're running. If the hang occurs in the most recent
|
||||
release of Ethereal, the bug should be reported to the Wireshark developers'
|
||||
mailing list at ethereal-dev@ethereal.com.
|
||||
mailing list at wireshark-dev@wireshark.org.
|
||||
|
||||
On UNIX-flavored OSes, please try to force Ethereal to dump core, by sending
|
||||
it a SIGABRT signal (usually signal 6) with the kill command, and then get a
|
||||
|
@ -1839,7 +1839,7 @@ cies
|
|||
mirror of the WinDump Web site for information on using WinDump.
|
||||
|
||||
You would run WinDump with the -D flag; if it lists the interface, please
|
||||
report this to ethereal-dev@ethereal.com giving full details of the problem,
|
||||
report this to wireshark-dev@wireshark.org giving full details of the problem,
|
||||
including
|
||||
* the operating system you're using, and the version of that operating
|
||||
system;
|
||||
|
@ -1862,7 +1862,7 @@ cies
|
|||
local mirror of the WinDump Web site for information on using WinDump.
|
||||
|
||||
If you can capture on the interface with WinDump, send mail to
|
||||
ethereal-users@ethereal.com giving full details of the problem, including
|
||||
wireshark-users@wireshark.org giving full details of the problem, including
|
||||
* the operating system you're using, and the version of that operating
|
||||
system;
|
||||
* the type of network device you're using;
|
||||
|
@ -1879,7 +1879,7 @@ cies
|
|||
there. If not, then see the WinPcap support page (or the local mirror of
|
||||
that page) - check the "Submitting bugs" section.
|
||||
|
||||
You may also want to ask the ethereal-users@ethereal.com and the
|
||||
You may also want to ask the wireshark-users@wireshark.org and the
|
||||
winpcap-users@winpcap.org mailing lists to see if anybody happens to know
|
||||
about the problem and know a workaround or fix for the problem. (Note that
|
||||
you will have to subscribe to that list in order to be allowed to mail to
|
||||
|
@ -2044,7 +2044,7 @@ cies
|
|||
|
||||
If the attempt to capture on it succeeds, the interface is somehow not being
|
||||
reported by the mechanism Ethereal uses to get a list of interfaces; please
|
||||
report this to ethereal-dev@ethereal.com giving full details of the problem,
|
||||
report this to wireshark-dev@wireshark.org giving full details of the problem,
|
||||
including
|
||||
* the operating system you're using, and the version of that operating
|
||||
system (for Linux, give both the version number of the kernel and the
|
||||
|
@ -2057,7 +2057,7 @@ cies
|
|||
that device with tcpdump.
|
||||
|
||||
If you can capture on the interface with tcpdump, send mail to
|
||||
ethereal-users@ethereal.com giving full details of the problem, including
|
||||
wireshark-users@wireshark.org giving full details of the problem, including
|
||||
* the operating system you're using, and the version of that operating
|
||||
system (for Linux, give both the version number of the kernel and the
|
||||
name and version number of the distribution you're using);
|
||||
|
@ -2074,7 +2074,7 @@ cies
|
|||
produces the OS (in the case of a Linux distribution, report the problem to
|
||||
whoever produces the distribution).
|
||||
|
||||
You may also want to ask the ethereal-users@ethereal.com and the
|
||||
You may also want to ask the wireshark-users@wireshark.org and the
|
||||
tcpdump-workers@tcpdump.org mailing lists to see if anybody happens to know
|
||||
about the problem and know a workaround or fix for the problem. In your
|
||||
mail, please give full details of the problem, as described above, and also
|
||||
|
@ -2187,7 +2187,7 @@ cies
|
|||
boring. Where can I find more interesting captures?
|
||||
|
||||
A: We have a collection of strange and exotic sample capture files at
|
||||
http://wiki.ethereal.com/SampleCaptures
|
||||
http://wiki.wireshark.org/SampleCaptures
|
||||
|
||||
Q 11.3: Why doesn't Ethereal correctly identify RTP packets? It shows them
|
||||
only as UDP.
|
||||
|
@ -2278,8 +2278,8 @@ cies
|
|||
detect various viruses, worms, and the like.
|
||||
|
||||
Please send support questions about Ethereal to the
|
||||
ethereal-users[AT]ethereal.com mailing list.
|
||||
wireshark-users[AT]wireshark.org mailing list.
|
||||
For corrections/additions/suggestions for this web page (and not Ethereal
|
||||
support questions), please send email to ethereal-web[AT]ethereal.com.
|
||||
support questions), please send email to wireshark-web[AT]wireshark.org.
|
||||
Last modified: Thu, February 23 2006.
|
||||
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.
|
||||
|
|
|
@ -27,7 +27,7 @@ This can be achieved by two methods:
|
|||
-open an already existing capture file
|
||||
-capture something from your own network
|
||||
|
||||
It might be easier to start with an example capture file from "http://www.ethereal.com/sample" before capturing your own data.
|
||||
It might be easier to start with an example capture file from "http://www.wireshark.org/sample" before capturing your own data.
|
||||
|
||||
You can open a capture file through the menu "File->Open..." (or the toolbar).
|
||||
|
||||
|
@ -83,6 +83,6 @@ Conclusion
|
|||
----------
|
||||
There are a lot more features than described here. Just have a look at the menus to see them all. :-)
|
||||
|
||||
For more information about Ethereal, see: "http://www.ethereal.com". You can get a user's guide and other useful information there.
|
||||
For more information about Ethereal, see: "http://www.wireshark.org". You can get a user's guide and other useful information there.
|
||||
|
||||
We hope this helped you with the first steps of using Ethereal and that you will enjoy using this program.
|
||||
|
|
|
@ -2,7 +2,7 @@ Wireshark is a GUI network protocol analyzer.
|
|||
|
||||
It lets you interactively browse packet data from a live network or from a previously saved capture file.
|
||||
|
||||
See: http://www.ethereal.com for new versions, documentation, ...
|
||||
See: http://www.wireshark.org for new versions, documentation, ...
|
||||
|
||||
Ethereal's native capture file format is libpcap format, which is also the format used by tcpdump and various other tools. So Ethereal can read capture files from:
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
#include "richedit.h"
|
||||
#include "gtk/win32-file-dlg.h"
|
||||
|
||||
ETHEREAL_OPENFILENAME_TEMPLATE DIALOG 0, 0, 368, 94
|
||||
WIRESHARK_OPENFILENAME_TEMPLATE DIALOG 0, 0, 368, 94
|
||||
STYLE WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | DS_3DLOOK | DS_CONTROL
|
||||
FONT 8, "MS Shell Dlg"
|
||||
{
|
||||
|
@ -28,7 +28,7 @@ FONT 8, "MS Shell Dlg"
|
|||
LTEXT "-", EWFD_PTX_ELAPSED, 211, 79, 150, 8
|
||||
}
|
||||
|
||||
ETHEREAL_SAVEFILENAME_TEMPLATE DIALOG 0, 0, 368, 116
|
||||
WIRESHARK_SAVEFILENAME_TEMPLATE DIALOG 0, 0, 368, 116
|
||||
STYLE WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | DS_3DLOOK | DS_CONTROL
|
||||
FONT 8, "MS Shell Dlg"
|
||||
{
|
||||
|
@ -62,7 +62,7 @@ FONT 8, "MS Shell Dlg"
|
|||
LTEXT "0", EWFD_RANGE_DISP, 160, 93, 41, 8, SS_RIGHT
|
||||
}
|
||||
|
||||
ETHEREAL_MERGEFILENAME_TEMPLATE DIALOG 0, 0, 368, 94
|
||||
WIRESHARK_MERGEFILENAME_TEMPLATE DIALOG 0, 0, 368, 94
|
||||
STYLE WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | DS_3DLOOK | DS_CONTROL
|
||||
FONT 8, "MS Shell Dlg"
|
||||
{
|
||||
|
@ -88,7 +88,7 @@ FONT 8, "MS Shell Dlg"
|
|||
LTEXT "-", EWFD_PTX_ELAPSED, 211, 79, 150, 8
|
||||
}
|
||||
|
||||
ETHEREAL_EXPORTFILENAME_TEMPLATE DIALOG 0, 0, 319, 97
|
||||
WIRESHARK_EXPORTFILENAME_TEMPLATE DIALOG 0, 0, 319, 97
|
||||
STYLE WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | DS_3DLOOK | DS_CONTROL
|
||||
FONT 8, "MS Shell Dlg"
|
||||
{
|
||||
|
@ -129,7 +129,7 @@ FONT 8, "MS Shell Dlg"
|
|||
}
|
||||
|
||||
|
||||
ETHEREAL_EXPORTRAWFILENAME_TEMPLATE DIALOG 0, 0, 200, 18
|
||||
WIRESHARK_EXPORTRAWFILENAME_TEMPLATE DIALOG 0, 0, 200, 18
|
||||
STYLE WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | DS_3DLOOK | DS_CONTROL
|
||||
FONT 8, "MS Shell Dlg"
|
||||
{
|
||||
|
|
6
make-faq
6
make-faq
|
@ -3,7 +3,7 @@
|
|||
# $Id$
|
||||
#
|
||||
# Make-faq - Creates a plain text version of the Wireshark FAQ
|
||||
# from http://www.ethereal.com/faq.html
|
||||
# from http://www.wireshark.org/faq.html
|
||||
|
||||
rm -f FAQ
|
||||
cat >FAQ <<EOF
|
||||
|
@ -11,7 +11,7 @@ cat >FAQ <<EOF
|
|||
The Wireshark FAQ
|
||||
|
||||
Note: This is just an ASCII snapshot of the faq and may not be up to
|
||||
date. Please go to http://www.ethereal.com/faq.html for the up
|
||||
date. Please go to http://www.wireshark.org/faq.html for the up
|
||||
to date version. The version of this snapshot can be found at
|
||||
the end of this document.
|
||||
|
||||
|
@ -19,7 +19,7 @@ cat >FAQ <<EOF
|
|||
|
||||
EOF
|
||||
|
||||
lynx -dump -nolist "http://www.ethereal.com/faq.html" | sed -e '1,/^Index/d' >>FAQ
|
||||
lynx -dump -nolist "http://www.wireshark.org/faq.html" | sed -e '1,/^Index/d' >>FAQ
|
||||
|
||||
echo
|
||||
echo "Now verfiy everything is OK and copy FAQ to help/faq.txt"
|
||||
|
|
4
manuf
4
manuf
|
@ -9,7 +9,7 @@
|
|||
# Laurent Deniel <laurent.deniel [AT] free.fr>
|
||||
#
|
||||
# Wireshark - Network traffic analyzer
|
||||
# By Gerald Combs <gerald [AT] ethereal.com>
|
||||
# By Gerald Combs <gerald [AT] wireshark.org>
|
||||
# Copyright 1998 Gerald Combs
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
|
@ -9234,7 +9234,7 @@ EC:10:00 EnanceSour # Enance Source Co., Ltd. PC clones(?)
|
|||
# $Id$
|
||||
#
|
||||
# Wireshark - Network traffic analyzer
|
||||
# By Gerald Combs <gerald [AT] ethereal.com>
|
||||
# By Gerald Combs <gerald [AT] wireshark.org>
|
||||
# Copyright 1998 Gerald Combs
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
# Laurent Deniel <laurent.deniel [AT] free.fr>
|
||||
#
|
||||
# Wireshark - Network traffic analyzer
|
||||
# By Gerald Combs <gerald [AT] ethereal.com>
|
||||
# By Gerald Combs <gerald [AT] wireshark.org>
|
||||
# Copyright 1998 Gerald Combs
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
|
|
|
@ -37,16 +37,16 @@ DEST=wireshark
|
|||
|
||||
EXE=../../tshark.exe ../../editcap.exe \
|
||||
!IFDEF GTK1_DIR
|
||||
../../ethereal.exe \
|
||||
../../wireshark.exe \
|
||||
!ENDIF
|
||||
!IFDEF GTK2_DIR
|
||||
../../ethereal-gtk2.exe \
|
||||
../../wireshark-gtk2.exe \
|
||||
!ENDIF
|
||||
../../text2pcap.exe ../../mergecap.exe ../../capinfos.exe WinPcap_3_1.exe
|
||||
DLL=../../wiretap/wiretap-$(WTAP_VERSION).dll
|
||||
DOC=../../doc/ethereal.html \
|
||||
DOC=../../doc/wireshark.html \
|
||||
../../doc/tshark.html \
|
||||
../../doc/ethereal-filter.html \
|
||||
../../doc/wireshark-filter.html \
|
||||
../../doc/editcap.html \
|
||||
../../doc/text2pcap.html \
|
||||
../../doc/mergecap.html \
|
||||
|
|
|
@ -49,7 +49,7 @@ Right=100
|
|||
Top=120
|
||||
Bottom=135
|
||||
Text=What is WinPcap?
|
||||
State=http://wiki.ethereal.com/WinPcap
|
||||
State=http://wiki.wireshark.org/WinPcap
|
||||
|
||||
[Field 7]
|
||||
Type=GroupBox
|
||||
|
|
|
@ -330,8 +330,8 @@ File "..\..\AUTHORS-SHORT-FORMAT"
|
|||
File "..\..\COPYING"
|
||||
File "NEWS.txt"
|
||||
File "..\..\manuf"
|
||||
File "..\..\doc\ethereal.html"
|
||||
File "..\..\doc\ethereal-filter.html"
|
||||
File "..\..\doc\wireshark.html"
|
||||
File "..\..\doc\wireshark-filter.html"
|
||||
File "..\..\dumpcap.exe"
|
||||
File "..\..\doc\dumpcap.html"
|
||||
|
||||
|
@ -478,8 +478,8 @@ CreateDirectory "$SMPROGRAMS\Wireshark"
|
|||
Delete "$SMPROGRAMS\Wireshark\Wireshark Web Site.lnk"
|
||||
;WriteINIStr "$SMPROGRAMS\Wireshark\Wireshark Web Site.url" "InternetShortcut" "URL" "http://www.wireshark.org/"
|
||||
CreateShortCut "$SMPROGRAMS\Wireshark\Wireshark.lnk" "$INSTDIR\wireshark.exe" "" "$INSTDIR\wireshark.exe" 0 "" "" "The Wireshark Network Protocol Analyzer"
|
||||
;CreateShortCut "$SMPROGRAMS\Wireshark\Wireshark Manual.lnk" "$INSTDIR\ethereal.html"
|
||||
;CreateShortCut "$SMPROGRAMS\Wireshark\Display Filters Manual.lnk" "$INSTDIR\ethereal-filter.html"
|
||||
;CreateShortCut "$SMPROGRAMS\Wireshark\Wireshark Manual.lnk" "$INSTDIR\wireshark.html"
|
||||
;CreateShortCut "$SMPROGRAMS\Wireshark\Display Filters Manual.lnk" "$INSTDIR\wireshark-filter.html"
|
||||
CreateShortCut "$SMPROGRAMS\Wireshark\Wireshark Program Directory.lnk" \
|
||||
"$INSTDIR"
|
||||
;CreateShortCut "$SMPROGRAMS\Wireshark\Uninstall Wireshark.lnk" "$INSTDIR\uninstall.exe"
|
||||
|
@ -603,7 +603,7 @@ Section "Wireshark GTK1" SecWiresharkGTK1
|
|||
SectionIn 2 RO
|
||||
!endif
|
||||
SetOutPath $INSTDIR
|
||||
File "..\..\ethereal.exe"
|
||||
File "..\..\wireshark.exe"
|
||||
File "${GTK1_DIR}\lib\libgtk-0.dll"
|
||||
File "${GTK1_DIR}\lib\libgdk-0.dll"
|
||||
SectionEnd
|
||||
|
@ -616,7 +616,7 @@ Section "Wireshark GTK2" SecWiresharkGTK2
|
|||
SectionIn 1 RO
|
||||
!endif
|
||||
SetOutPath $INSTDIR
|
||||
File /oname=wireshark.exe "..\..\ethereal-gtk2.exe"
|
||||
File /oname=wireshark.exe "..\..\wireshark-gtk2.exe"
|
||||
File "${GTK2_DIR}\bin\libgdk-win32-2.0-0.dll"
|
||||
File "${GTK2_DIR}\bin\libgdk_pixbuf-2.0-0.dll"
|
||||
File "${GTK2_DIR}\bin\libgtk-win32-2.0-0.dll"
|
||||
|
|
|
@ -9,12 +9,12 @@ Version: %ver
|
|||
Release: %rel
|
||||
License: GPL
|
||||
Group: Networking/Utilities
|
||||
Source: http://ethereal.com/distribution/all-versions/%{name}-%{version}.tar.gz
|
||||
Source: http://wireshark.org/download/all-versions/%{name}-%{version}.tar.gz
|
||||
Source1: %{name}.desktop
|
||||
Source2: %{name}.png
|
||||
URL: http://www.ethereal.com/
|
||||
BuildRoot: /tmp/ethereal-%{PACKAGE_VERSION}-root
|
||||
Packager: Gerald Combs <gerald[AT]ethereal.com>
|
||||
URL: http://www.wireshark.org/
|
||||
BuildRoot: /tmp/wireshark-%{PACKAGE_VERSION}-root
|
||||
Packager: Gerald Combs <gerald[AT]wireshark.org>
|
||||
Requires: gtk2
|
||||
Requires: libpcap openssl
|
||||
|
|
@ -27,7 +27,7 @@
|
|||
ETH_BIN_PATH=../Debug_GTK2
|
||||
|
||||
# Tweak the following to your liking.
|
||||
ETHEREAL=$ETH_BIN_PATH/ethereal
|
||||
WIRESHARK=$ETH_BIN_PATH/ethereal
|
||||
TSHARK=$ETH_BIN_PATH/tshark
|
||||
CAPINFOS=$ETH_BIN_PATH/capinfos
|
||||
DUMPCAP=$ETH_BIN_PATH/dumpcap
|
||||
|
|
|
@ -187,7 +187,7 @@ capture_step_snapshot() {
|
|||
|
||||
ethereal_capture_suite() {
|
||||
# Q: quit after cap, k: start capture immediately
|
||||
DUT="$ETHEREAL -Q -k"
|
||||
DUT="$WIRESHARK -Q -k"
|
||||
test_step_add "Capture 10 packets" capture_step_10packets
|
||||
# piping to stdout doesn't work with Ethereal and capturing!
|
||||
#test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
|
||||
|
|
|
@ -127,7 +127,7 @@ io_step_input_piping() {
|
|||
|
||||
ethereal_io_suite() {
|
||||
# Q: quit after cap, k: start capture immediately
|
||||
DUT="$ETHEREAL"
|
||||
DUT="$WIRESHARK"
|
||||
test_step_add "Input file" io_step_input_file
|
||||
}
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@ source suite-capture.sh
|
|||
test_step_prerequisites() {
|
||||
|
||||
NOTFOUND=0
|
||||
for i in "$ETHEREAL" "$TSHARK" "$CAPINFOS" "$DUMPCAP" ; do
|
||||
for i in "$WIRESHARK" "$TSHARK" "$CAPINFOS" "$DUMPCAP" ; do
|
||||
if [ ! -x $i ]; then
|
||||
echo "Couldn't find $i"
|
||||
NOTFOUND=1
|
||||
|
|
|
@ -32,7 +32,7 @@ MAX_VMEM=500000
|
|||
ERR_PROB=0.02
|
||||
# Trigger an abort if a dissector finds a bug.
|
||||
# Uncomment to disable
|
||||
ETHEREAL_ABORT_ON_DISSECTOR_BUG="True"
|
||||
WIRESHARK_ABORT_ON_DISSECTOR_BUG="True"
|
||||
|
||||
# set some limits to the child processes, e.g. stop it if it's running longer then MAX_CPU_TIME seconds
|
||||
# (ulimit is not supported well on cygwin and probably other platforms, e.g. cygwin shows some warnings)
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
# GIOP/IIOP get_CDR_XXX API.
|
||||
#
|
||||
# Please see packet-giop.h in Wireshark distro for API description.
|
||||
# Wireshark is available at http://www.ethereal.com/
|
||||
# Wireshark is available at http://www.wireshark.org/
|
||||
#
|
||||
# Omniidl is part of the OmniOrb distribution, and is available at
|
||||
# http://omniorb.sourceforge.net/
|
||||
|
|
|
@ -810,7 +810,7 @@ sub Parse($$$$)
|
|||
Pidl is a perl based IDL compiler for DCE/RPC idl files.
|
||||
It is maintained by the Samba team, not the Wireshark team.
|
||||
Instructions on how to download and install Pidl can be
|
||||
found at http://wiki.ethereal.com/Pidl
|
||||
found at http://wiki.wireshark.org/Pidl
|
||||
*/
|
||||
|
||||
";
|
|
@ -384,7 +384,7 @@ usesgetlasterror, vararg, vi_progid, wire_marshal.
|
|||
=head1 SEE ALSO
|
||||
|
||||
L<http://msdn.microsoft.com/library/en-us/rpc/rpc/field_attributes.asp>,
|
||||
L<http://wiki.ethereal.com/DCE/RPC>,
|
||||
L<http://wiki.wireshark.org/DCE/RPC>,
|
||||
L<http://www.samba.org/>,
|
||||
L<yapp(1)>
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@ Authors
|
|||
Gilbert Ramirez <gram[AT]alumni.rice.edu>
|
||||
Guy Harris <guy[AT]alum.mit.edu>
|
||||
Olivier Abad <oabad[AT]noos.fr>
|
||||
Gerald Combs <gerald[AT]ethereal.com>
|
||||
Gerald Combs <gerald[AT]wireshark.org>
|
||||
Joerg Mayer <jmayer[AT]loplof.de>
|
||||
Tim Farley <tfarley[AT]iss.net>
|
||||
Bert Driehuis <driehuis[AT]playbeing.org>
|
||||
|
|
|
@ -5,7 +5,7 @@ libpcap, the current standard Unix library for packet capturing. Libpcap
|
|||
is great in that it is very platform independent and has a wonderful
|
||||
BPF optimizing engine. But it has some shortcomings as well. These
|
||||
shortcomings came to a head during the development of Ethereal
|
||||
(http://www.ethereal.com/), a packet analyzer. As such, I began developing
|
||||
(http://www.wireshark.org/), a packet analyzer. As such, I began developing
|
||||
wiretap so that:
|
||||
|
||||
1. The library can easily be amended with new packet filtering objects.
|
||||
|
|
Loading…
Reference in New Issue