osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

Rename the main executable to "wireshark", along with more conversions: 

ethereal.com -> wireshark.org
  mailing lists and addresses
  ETHEREAL -> WIRESHARK
  Man pages
  Automake/Autoconf names


svn path=/trunk/; revision=18271
This commit is contained in:
Gerald Combs 2006-05-31 19:12:15 +00:00
parent 2fd928645b
commit eb71f7fb96
92 changed files with 786 additions and 787 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
AUTHORS
View File

@ -2,7 +2,7 @@
Original Author
-------- ------
Gerald Combs <gerald[AT]ethereal.com>
Gerald Combs <gerald[AT]wireshark.org>
Contributors

32
FAQ
View File

@ -2,7 +2,7 @@
The Wireshark FAQ
Note: This is just an ASCII snapshot of the faq and may not be up to
date. Please go to http://www.ethereal.com/faq.html for the up
date. Please go to http://www.wireshark.org/faq.html for the up
to date version. The version of this snapshot can be found at
the end of this document.
@ -237,9 +237,9 @@
Q 1.1: Where can I get help?
A: Community support is available on the ethereal-users mailing list.
A: Community support is available on the wireshark-users mailing list.
Subscription information and archives for all of Ethereal's mailing lists
can be found at http://www.ethereal.com/lists. An IRC channel dedicated to
can be found at http://www.wireshark.org/lists. An IRC channel dedicated to
Ethereal can be found at irc://irc.freenode.net/ethereal.
Commercial support, training, and development services are available from
@ -1080,7 +1080,7 @@ cies
it means "we don't know whether it can capture on them"; we expect that it
will be able to capture on many of them, but we haven't tried it ourselves -
if you try one of those types and it works, please send an update to
ethereal-web[AT]ethereal.com).
wireshark-web[AT]wireshark.org).
It can also read a variety of capture file formats, including:
* AG Group/WildPackets EtherPeek/TokenPeek/AiroPeek/EtherHelp/Packet
@ -1177,12 +1177,12 @@ cies
nonwithstanding; newer versions make it a bit clearer by giving that RPM a
name starting with wireshark-base.
In those older versions, there's a separate ethereal-gnome RPM that includes
In those older versions, there's a separate wireshark-gnome RPM that includes
GUI components such as Ethereal itself, the fact that Ethereal doesn't use
GNOME nonwithstanding; newer versions make it a bit clearer by giving that
RPM a name starting with wireshark-gtk+.
Find the ethereal-gnome or ethereal-gtk+ RPM, and install that also.
Find the wireshark-gnome or wireshark-gtk+ RPM, and install that also.
4. Building Ethereal
@ -1729,7 +1729,7 @@ cies
that release, as, if there's a bug of that sort, it might've been fixed in a
release after the one you're running. If the hang occurs in the most recent
release of Ethereal, the bug should be reported to the Wireshark developers'
mailing list at ethereal-dev@ethereal.com.
mailing list at wireshark-dev@wireshark.org.
On UNIX-flavored OSes, please try to force Ethereal to dump core, by sending
it a SIGABRT signal (usually signal 6) with the kill command, and then get a
@ -1839,7 +1839,7 @@ cies
mirror of the WinDump Web site for information on using WinDump.
You would run WinDump with the -D flag; if it lists the interface, please
report this to ethereal-dev@ethereal.com giving full details of the problem,
report this to wireshark-dev@wireshark.org giving full details of the problem,
including
* the operating system you're using, and the version of that operating
system;
@ -1862,7 +1862,7 @@ cies
local mirror of the WinDump Web site for information on using WinDump.
If you can capture on the interface with WinDump, send mail to
ethereal-users@ethereal.com giving full details of the problem, including
wireshark-users@wireshark.org giving full details of the problem, including
* the operating system you're using, and the version of that operating
system;
* the type of network device you're using;
@ -1879,7 +1879,7 @@ cies
there. If not, then see the WinPcap support page (or the local mirror of
that page) - check the "Submitting bugs" section.
You may also want to ask the ethereal-users@ethereal.com and the
You may also want to ask the wireshark-users@wireshark.org and the
winpcap-users@winpcap.org mailing lists to see if anybody happens to know
about the problem and know a workaround or fix for the problem. (Note that
you will have to subscribe to that list in order to be allowed to mail to
@ -2044,7 +2044,7 @@ cies
If the attempt to capture on it succeeds, the interface is somehow not being
reported by the mechanism Ethereal uses to get a list of interfaces; please
report this to ethereal-dev@ethereal.com giving full details of the problem,
report this to wireshark-dev@wireshark.org giving full details of the problem,
including
* the operating system you're using, and the version of that operating
system (for Linux, give both the version number of the kernel and the
@ -2057,7 +2057,7 @@ cies
that device with tcpdump.
If you can capture on the interface with tcpdump, send mail to
ethereal-users@ethereal.com giving full details of the problem, including
wireshark-users@wireshark.org giving full details of the problem, including
* the operating system you're using, and the version of that operating
system (for Linux, give both the version number of the kernel and the
name and version number of the distribution you're using);
@ -2074,7 +2074,7 @@ cies
produces the OS (in the case of a Linux distribution, report the problem to
whoever produces the distribution).
You may also want to ask the ethereal-users@ethereal.com and the
You may also want to ask the wireshark-users@wireshark.org and the
tcpdump-workers@tcpdump.org mailing lists to see if anybody happens to know
about the problem and know a workaround or fix for the problem. In your
mail, please give full details of the problem, as described above, and also
@ -2187,7 +2187,7 @@ cies
boring. Where can I find more interesting captures?
A: We have a collection of strange and exotic sample capture files at
http://wiki.ethereal.com/SampleCaptures
http://wiki.wireshark.org/SampleCaptures
Q 11.3: Why doesn't Ethereal correctly identify RTP packets? It shows them
only as UDP.
@ -2278,8 +2278,8 @@ cies
detect various viruses, worms, and the like.
Please send support questions about Ethereal to the
ethereal-users[AT]ethereal.com mailing list.
wireshark-users[AT]wireshark.org mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal
support questions), please send email to ethereal-web[AT]ethereal.com.
support questions), please send email to wireshark-web[AT]wireshark.org.
Last modified: Thu, February 23 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.

6
INSTALL
View File

@ -100,7 +100,7 @@ README.win32 for those instructions.
is built. Use this switch to avoid building it.
--disable-idl2wrs
By default the IDL-to-ethereal-dissector-source-code converter
By default the IDL-to-wireshark-dissector-source-code converter
is built. Use this switch to avoid building it.
--enable-dftest
@ -212,6 +212,6 @@ README.win32 for those instructions.
to make an installable package for your system.
If you have trouble with the build or installation process, you can
find assistance on the ethereal-users and ethereal-dev mailing lists.
See http://www.ethereal.com/lists/ for details.
find assistance on the wireshark-users and wireshark-dev mailing lists.
See http://www.wireshark.org/lists/ for details.

84
Makefile.am
View File

@ -60,13 +60,13 @@ ACLOCAL_AMFLAGS = `./aclocal-flags`
# automake will arrange that the Makefile define it as the union of all
# the "man{section}_MANS" variables.
#
bin_PROGRAMS = @ethereal_bin@ @capinfos_bin@ @editcap_bin@ @mergecap_bin@ @tshark_bin@ @dftest_bin@ @randpkt_bin@ @text2pcap_bin@ @dumpcap_bin@
bin_PROGRAMS = @wireshark_bin@ @capinfos_bin@ @editcap_bin@ @mergecap_bin@ @tshark_bin@ @dftest_bin@ @randpkt_bin@ @text2pcap_bin@ @dumpcap_bin@
bin_SCRIPTS = @idl2wrs_bin@
man1_MANS = @ethereal_man@ @capinfos_man@ @editcap_man@ @mergecap_man@ @tshark_man@ @text2pcap_man@ @dumpcap_man@ @idl2wrs_man@
man4_MANS = @etherealfilter_man@
man1_MANS = @wireshark_man@ @capinfos_man@ @editcap_man@ @mergecap_man@ @tshark_man@ @text2pcap_man@ @dumpcap_man@ @idl2wrs_man@
man4_MANS = @wiresharkfilter_man@
man_MANS =
EXTRA_PROGRAMS = ethereal tshark capinfos editcap mergecap dftest \
EXTRA_PROGRAMS = wireshark tshark capinfos editcap mergecap dftest \
randpkt text2pcap dumpcap
EXTRA_SCRIPTS = idl2wrs
@ -77,8 +77,8 @@ idl2wrs: tools/idl2wrs.sh Makefile
#
# Ethereal configuration files are put in $(pkgdatadir).
#
pkgdata_DATA = AUTHORS-SHORT manuf ethereal.html tshark.html \
ethereal-filter.html capinfos.html editcap.html \
pkgdata_DATA = AUTHORS-SHORT manuf wireshark.html tshark.html \
wireshark-filter.html capinfos.html editcap.html \
idl2wrs.html mergecap.html text2pcap.html dumpcap.html \
cfilters colorfilters dfilters
@ -265,27 +265,27 @@ plugin_ldadd =
endif # HAVE_PLUGINS
# Optional objects that I know how to build. These will be
# linked into the ethereal executable.
# linked into the wireshark executable.
# They will also be linked into the tshark executable; if this
# list ever grows to include something that can't be linked with
# tshark, or if tshark needs something that wireshark doesn't,
# we should probably split this into stuff needed both
# by wireshark and tshark and stuff needed only by one or the
# other.
ethereal_optional_objects = @GETOPT_O@ @SNPRINTF_O@ @STRERROR_O@ \
wireshark_optional_objects = @GETOPT_O@ @SNPRINTF_O@ @STRERROR_O@ \
@STRCASECMP_O@ @STRNCASECMP_O@ @MKSTEMP_O@ @STRPTIME_O@
# Additional libs that I know how to build. These will be
# linked into the ethereal executable.
ethereal_additional_libs = \
# linked into the wireshark executable.
wireshark_additional_libs = \
gtk/libui.a \
wiretap/libwiretap.la \
epan/libwireshark.la
# This is the automake dependency variable for the executable
ethereal_DEPENDENCIES = \
$(ethereal_optional_objects) \
$(ethereal_additional_libs) \
wireshark_DEPENDENCIES = \
$(wireshark_optional_objects) \
$(wireshark_additional_libs) \
$(plugin_libs)
# This automake variable adds to the link-line for the executable.
@ -297,14 +297,14 @@ ethereal_DEPENDENCIES = \
# applications are X applications).
if ENABLE_STATIC
ethereal_LDFLAGS = -Wl,-static -all-static
wireshark_LDFLAGS = -Wl,-static -all-static
else
ethereal_LDFLAGS = -export-dynamic
wireshark_LDFLAGS = -export-dynamic
endif
ethereal_LDADD = \
$(ethereal_optional_objects) \
$(ethereal_additional_libs) \
wireshark_LDADD = \
$(wireshark_optional_objects) \
$(wireshark_additional_libs) \
@SNMP_LIBS@ @SSL_LIBS@ \
$(plugin_ldadd) \
@PCRE_LIBS@ \
@ -319,13 +319,13 @@ tshark_additional_libs = \
# This is the automake dependency variable for the executable
tshark_DEPENDENCIES = \
$(ethereal_optional_objects) \
$(wireshark_optional_objects) \
$(tshark_additional_libs) \
$(plugin_libs)
# This automake variable adds to the link-line for the executable
tshark_LDADD = \
$(ethereal_optional_objects) \
$(wireshark_optional_objects) \
$(tshark_additional_libs) \
@SNMP_LIBS@ @SSL_LIBS@ \
$(plugin_ldadd) \
@ -436,13 +436,13 @@ dftest_additional_libs = \
epan/libwireshark.la
dftest_DEPENDENCIES = \
$(ethereal_optional_objects) \
$(wireshark_optional_objects) \
$(dftest_additional_libs) \
$(plugin_libs)
# This automake variable adds to the link-line for the executable
dftest_LDADD = \
$(ethereal_optional_objects) \
$(wireshark_optional_objects) \
$(dftest_additional_libs) \
@SNMP_LIBS@ @SSL_LIBS@ \
$(plugin_ldadd) \
@ -552,8 +552,8 @@ EXTRA_DIST = \
doc/capinfos.pod \
doc/dfilter2pod.pl \
doc/editcap.pod \
doc/ethereal-filter.pod.template \
doc/ethereal.pod \
doc/wireshark-filter.pod.template \
doc/wireshark.pod \
doc/idl2wrs.pod \
doc/mergecap.pod \
doc/randpkt.txt \
@ -565,9 +565,9 @@ EXTRA_DIST = \
dumpcap.c \
editcap.c \
epan/libwireshark.def \
ethereal_be.py \
ethereal_gen.py \
ethereal.desktop \
wireshark_be.py \
wireshark_gen.py \
wireshark.desktop \
image/Ethereal.icns \
image/Makefile.nmake \
image/README.image \
@ -696,22 +696,22 @@ endif
DIST_SUBDIRS = tools wiretap doc epan plugins packaging gtk help
if HAVE_PLUGINS
SUBDIRS = tools wiretap doc epan plugins packaging help @ethereal_SUBDIRS@
SUBDIRS = tools wiretap doc epan plugins packaging help @wireshark_SUBDIRS@
else
SUBDIRS = tools wiretap doc epan packaging help @ethereal_SUBDIRS@
SUBDIRS = tools wiretap doc epan packaging help @wireshark_SUBDIRS@
endif
ethereal.1: doc/ethereal.pod AUTHORS-SHORT-FORMAT
wireshark.1: doc/wireshark.pod AUTHORS-SHORT-FORMAT
(cd doc ; \
$(MAKE) ../ethereal.1 )
$(MAKE) ../wireshark.1 )
tshark.1: doc/tshark.pod
(cd doc ; \
$(MAKE) ../tshark.1 )
ethereal-filter.4: tshark doc/ethereal-filter.pod.template
wireshark-filter.4: tshark doc/wireshark-filter.pod.template
(cd doc ; \
$(MAKE) ../ethereal-filter.4 )
$(MAKE) ../wireshark-filter.4 )
capinfos.1: doc/capinfos.pod
(cd doc ; \
@ -737,17 +737,17 @@ dumpcap.1: doc/dumpcap.pod
(cd doc ; \
$(MAKE) ../dumpcap.1 )
ethereal.html: doc/ethereal.pod AUTHORS-SHORT-FORMAT
wireshark.html: doc/wireshark.pod AUTHORS-SHORT-FORMAT
(cd doc ; \
$(MAKE) ../ethereal.html )
$(MAKE) ../wireshark.html )
tshark.html: doc/tshark.pod
(cd doc ; \
$(MAKE) ../tshark.html )
ethereal-filter.html: tshark doc/ethereal-filter.pod.template
wireshark-filter.html: tshark doc/wireshark-filter.pod.template
(cd doc ; \
$(MAKE) ../ethereal-filter.html )
$(MAKE) ../wireshark-filter.html )
capinfos.html: doc/capinfos.pod
(cd doc ; \
@ -805,10 +805,10 @@ rpm-package: dist
mkdir -p BUILD RPMS SOURCES ; \
cd SOURCES ; \
ln -s ../../../$(distdir).tar.gz ; \
ln -s ../../../ethereal.desktop ; \
ln -s ../../../wireshark.desktop ; \
ln -s ../../../image/elogo3d64x64.png ethereal.png ; \
cd .. ; \
rpmbuild --define "_topdir `cd . && pwd`" -bb SPECS/ethereal.spec && \
rpmbuild --define "_topdir `cd . && pwd`" -bb SPECS/wireshark.spec && \
echo "Package successfully built in `pwd`/RPMS." ; \
else \
echo "Error: RPM executable and/or source directory not found." ; \
@ -819,10 +819,10 @@ srpm-package: dist
mkdir -p BUILD SRPMS SOURCES ; \
cd SOURCES ; \
ln -s ../../../$(distdir).tar.gz ; \
ln -s ../../../ethereal.desktop ; \
ln -s ../../../image/elogo3d64x64.png ethereal.png ; \
ln -s ../../../wireshark.desktop ; \
ln -s ../../../image/elogo3d64x64.png wireshark.png ; \
cd .. ; \
rpmbuild --define "_topdir `cd . && pwd`" -bs SPECS/ethereal.spec && \
rpmbuild --define "_topdir `cd . && pwd`" -bs SPECS/wireshark.spec && \
echo "Package successfully built in `pwd`/SRPMS." ; \
else \
echo "Error: RPM executable and/or source directory not found." ; \

22
Makefile.common
View File

@ -45,7 +45,7 @@ GENERATED_C_FILES = \
GENERATED_FILES = $(GENERATED_C_FILES) $(GENERATED_HEADER_FILES)
# sources common for ethereal and tshark
ETHEREAL_COMMON_SRC = \
WIRESHARK_COMMON_SRC = \
$(PLATFORM_SRC) \
capture_errs.c \
capture-pcap-util.c \
@ -65,7 +65,7 @@ ETHEREAL_COMMON_SRC = \
version_info.c
# corresponding headers
ETHEREAL_COMMON_INCLUDES = \
WIRESHARK_COMMON_INCLUDES = \
svnversion.h \
capture_errs.h \
capture-pcap-util.h \
@ -118,7 +118,7 @@ TSHARK_TAP_SRC = \
tap-wspstat.c
# helpers already available on some platforms (and on others not)
EXTRA_ethereal_SOURCES = \
EXTRA_wireshark_SOURCES = \
getopt.c \
mkstemp.c \
snprintf.c \
@ -128,7 +128,7 @@ EXTRA_ethereal_SOURCES = \
strptime.c
# corresponding headers
EXTRA_ethereal_INCLUDES = \
EXTRA_wireshark_INCLUDES = \
getopt.h \
mkstemp.h \
snprintf.h \
@ -137,8 +137,8 @@ EXTRA_ethereal_INCLUDES = \
strptime.h
# ethereal specifics
ethereal_SOURCES = \
$(ETHEREAL_COMMON_SRC) \
wireshark_SOURCES = \
$(WIRESHARK_COMMON_SRC) \
alert_box.c \
capture.c \
capture_info.c \
@ -156,7 +156,7 @@ ethereal_SOURCES = \
tempfile.c
# corresponding headers
ethereal_INCLUDES = \
wireshark_INCLUDES = \
alert_box.h \
capture.h \
capture_info.h \
@ -183,7 +183,7 @@ ethereal_INCLUDES = \
# tshark specifics
tshark_SOURCES = \
$(ETHEREAL_COMMON_SRC) \
$(WIRESHARK_COMMON_SRC) \
$(TSHARK_TAP_SRC) \
capture_opts.c \
capture_loop.c \
@ -234,6 +234,6 @@ dumpcap_SOURCES = \
# this target needed for distribution only
noinst_HEADERS = \
$(ETHEREAL_COMMON_INCLUDES) \
$(ethereal_INCLUDES) \
$(EXTRA_ethereal_INCLUDES)
$(WIRESHARK_COMMON_INCLUDES) \
$(wireshark_INCLUDES) \
$(EXTRA_wireshark_INCLUDES)

38
Makefile.nmake
View File

@ -1,4 +1,4 @@
## Makefile for building ethereal.exe with Microsoft C and nmake
## Makefile for building wireshark.exe with Microsoft C and nmake
## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
#
# $Id$
@ -28,7 +28,7 @@ PLATFORM_SRC = capture-wpcap.c capture_wpcap_packet.c
include Makefile.common
ethereal_OBJECTS = $(ethereal_SOURCES:.c=.obj)
wireshark_OBJECTS = $(wireshark_SOURCES:.c=.obj)
tshark_OBJECTS = $(tshark_SOURCES:.c=.obj)
dftest_OBJECTS = $(dftest_SOURCES:.c=.obj)
@ -46,7 +46,7 @@ EXTRA_OBJECTS = \
mkstemp.obj \
strptime.obj
ethereal_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
wireshark_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
wsock32.lib user32.lib shell32.lib comctl32.lib \
$(NET_SNMP_DIR)\win32\lib\release\netsnmp.lib \
!IFDEF HHC_DIR
@ -56,7 +56,7 @@ ethereal_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
epan\libwireshark.lib \
!ELSE
epan\dissectors\dissectors.lib \
epan\ethereal.lib \
epan\wireshark.lib \
epan\dfilter\dfilter.lib epan\ftypes\ftypes.lib \
$(ADNS_LIBS) \
$(PCRE_LIBS) \
@ -73,7 +73,7 @@ tshark_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
epan\libwireshark.lib \
!ELSE
epan\dissectors\dissectors.lib \
epan\ethereal.lib \
epan\wireshark.lib \
epan\dfilter\dfilter.lib epan\ftypes\ftypes.lib \
$(ADNS_LIBS) \
$(PCRE_LIBS) \
@ -105,7 +105,7 @@ dftest_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
epan\libwireshark.lib \
!ELSE
epan\dissectors\dissectors.lib \
epan\ethereal.lib \
epan\wireshark.lib \
epan\dfilter\dfilter.lib epan\ftypes\ftypes.lib \
$(ADNS_LIBS) \
$(PCRE_LIBS) \
@ -118,10 +118,10 @@ randpkt_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
$(GLIB_LIBS) \
$(NET_SNMP_DIR)\win32\lib\release\netsnmp.lib
EXECUTABLES=ethereal.exe ethereal-gtk2.exe tshark.exe \
EXECUTABLES=wireshark.exe wireshark-gtk2.exe tshark.exe \
capinfos.exe editcap.exe mergecap.exe text2pcap.exe randpkt.exe dumpcap.exe
RESOURCES=image\ethereal.res image\libwireshark.res image\tshark.res \
RESOURCES=image\wireshark.res image\libwireshark.res image\tshark.res \
image\capinfos.res image\editcap.res image\mergecap.res \
image\text2pcap.res image\wiretap.res image\dumpcap.res
@ -151,22 +151,22 @@ $(RESOURCES): image
wiretap\wiretap-$(WTAP_VERSION).lib: wiretap
!IFNDEF GTK1_DIR
ethereal.exe :
wireshark.exe :
!ELSE
ethereal.exe : config.h svnversion.h $(ethereal_OBJECTS) $(command_line_OBJECTS) epan gtk image\ethereal.res wiretap\wiretap-$(WTAP_VERSION).lib gtk\libui.lib plugins
wireshark.exe : config.h svnversion.h $(wireshark_OBJECTS) $(command_line_OBJECTS) epan gtk image\wireshark.res wiretap\wiretap-$(WTAP_VERSION).lib gtk\libui.lib plugins
@echo Linking $@
$(LINK) @<<
/OUT:ethereal.exe $(guiflags) $(guilibsdll) $(LDFLAGS) /SUBSYSTEM:windows $(ethereal_LIBS) $(GTK1_LIBS) gtk\libui.lib $(ethereal_OBJECTS) image\ethereal.res
/OUT:wireshark.exe $(guiflags) $(guilibsdll) $(LDFLAGS) /SUBSYSTEM:windows $(wireshark_LIBS) $(GTK1_LIBS) gtk\libui.lib $(wireshark_OBJECTS) image\wireshark.res
<<
!ENDIF
!IFNDEF GTK2_DIR
ethereal-gtk2.exe :
wireshark-gtk2.exe :
!ELSE
ethereal-gtk2.exe : config.h svnversion.h $(ethereal_OBJECTS) $(command_line_OBJECTS) epan gtk2 image\ethereal.res wiretap\wiretap-$(WTAP_VERSION).lib gtk2.tmp\libui.lib plugins
wireshark-gtk2.exe : config.h svnversion.h $(wireshark_OBJECTS) $(command_line_OBJECTS) epan gtk2 image\wireshark.res wiretap\wiretap-$(WTAP_VERSION).lib gtk2.tmp\libui.lib plugins
@echo Linking $@
$(LINK) @<<
/OUT:ethereal-gtk2.exe $(guiflags) $(guilibsdll) $(LDFLAGS) /SUBSYSTEM:windows $(ethereal_LIBS) $(GTK2_LIBS) gtk2.tmp\libui.lib $(ethereal_OBJECTS) image\ethereal.res
/OUT:wireshark-gtk2.exe $(guiflags) $(guilibsdll) $(LDFLAGS) /SUBSYSTEM:windows $(wireshark_LIBS) $(GTK2_LIBS) gtk2.tmp\libui.lib $(wireshark_OBJECTS) image\wireshark.res
<<
!ENDIF
@ -287,7 +287,7 @@ gtk2_distclean:
if exist gtk2.tmp rmdir gtk2.tmp
clean: gtk2_distclean
rm -f $(ethereal_OBJECTS) $(tshark_OBJECTS) $(EXTRA_OBJECTS) \
rm -f $(wireshark_OBJECTS) $(tshark_OBJECTS) $(EXTRA_OBJECTS) \
$(EXECUTABLES) $(PDB_FILE) \
capinfos.obj editcap.obj mergecap.obj text2pcap.obj getopt.obj\
text2pcap-scanner.obj text2pcap-scanner.c rdps.obj \
@ -604,12 +604,12 @@ clean_setup:
rm -r -f $(WIRESHARK_LIBS)/gtk-wimp
################################################################################
# Prepare the source tree for running (t)ethereal directly from there.
# Prepare the source tree for running (t)wireshark directly from there.
################################################################################
# "install-deps" will copy all dlls needed to run (t)ethereal
# to the source tree, so you can run (t)ethereal directly from there.
# Note that the gtk2 version of ethereal is called ethereal-gtk2.exe
# "install-deps" will copy all dlls needed to run (t)wireshark
# to the source tree, so you can run (t)wireshark directly from there.
# Note that the gtk2 version of wireshark is called wireshark-gtk2.exe
install-deps: clean-deps install-gtk1-deps install-gtk2-deps
cd plugins

60
README.win32
View File

@ -6,7 +6,7 @@ These are the instructions for installing Ethereal
from the installation executable that is provided on
the Wireshark website at:
http://www.ethereal.com/distribution/win32
http://www.wireshark.org/download/win32
and any of its mirrors.
@ -96,7 +96,7 @@ Developer's Guide
You can find a comprehensive guide how to develop Ethereal in the
Developer's Guide, which you can find (and much more info) at:
http://wiki.ethereal.com/Development
http://wiki.wireshark.org/Development
The guide contains detailed information how to setup the development
environment and it's usage.
@ -153,7 +153,7 @@ This will first check the availability of all required tools and then uses
the tool wget to download each package file (together around 30MB!) from the
server location at:
http://anonsvn.ethereal.com/ethereal-win32-libs/trunk/packages/
http://anonsvn.wireshark.org/wireshark-win32-libs/trunk/packages/
and unpack it in the $WIRESHARK_LIBS directory.
@ -174,7 +174,7 @@ packages contain header files and stub libraries to link against.
PRECOMPILED VERSIONS OF ALL OF THESE PACKAGES ARE AVAILABLE AT:
http://anonsvn.ethereal.com/ethereal-win32-libs/trunk/packages/
http://anonsvn.wireshark.org/wireshark-win32-libs/trunk/packages/
The GLIB, GTK+, iconv, gettext packages for win32 can be found at the home
@ -207,7 +207,7 @@ The optional zlib package for win32 is available at its homepage:
By default, the build process looks for these packages in
C:\ethereal-win32-libs. You can place them in a different directory, but
C:\wireshark-win32-libs. You can place them in a different directory, but
you must update the WIRESHARK_LIBS variable in config.nmake accordingly.
The following lists the packages needed to compile Ethereal and the default
@ -215,28 +215,28 @@ locations where to unpack them, when the above method isn't used.
Package Default Location
------- ----------------
glib-2.4.7.zip C:\ethereal-win32-libs\glib
glib-dev-2.4.7.zip C:\ethereal-win32-libs\glib
gtk+-1.3.0-20030717.zip C:\ethereal-win32-libs\gtk+
gtk+-dev-1.3.0-20030115.zip C:\ethereal-win32-libs\gtk+
libiconv-1.9.1.bin.woe32.zip C:\ethereal-win32-libs\libiconv-1.9.1.bin.woe32
gettext-runtime-0.13.1.zip C:\ethereal-win32-libs\gettext-runtime-0.13.1
net-snmp-5.2.1.2.zip C:\ethereal-win32-libs
wpdpack_3_0.zip C:\ethereal-win32-libs
glib-2.4.7.zip C:\wireshark-win32-libs\glib
glib-dev-2.4.7.zip C:\wireshark-win32-libs\glib
gtk+-1.3.0-20030717.zip C:\wireshark-win32-libs\gtk+
gtk+-dev-1.3.0-20030115.zip C:\wireshark-win32-libs\gtk+
libiconv-1.9.1.bin.woe32.zip C:\wireshark-win32-libs\libiconv-1.9.1.bin.woe32
gettext-runtime-0.13.1.zip C:\wireshark-win32-libs\gettext-runtime-0.13.1
net-snmp-5.2.1.2.zip C:\wireshark-win32-libs
wpdpack_3_0.zip C:\wireshark-win32-libs
and optional:
adns-1.0-win32-04.zip C:\ethereal-win32-libs
pcre-4.4.zip C:\ethereal-win32-libs
zlib123-dll.zip C:\ethereal-win32-libs\zlib123-dll
adns-1.0-win32-04.zip C:\wireshark-win32-libs
pcre-4.4.zip C:\wireshark-win32-libs
zlib123-dll.zip C:\wireshark-win32-libs\zlib123-dll
(to use the default locations, the directories in question should be
created, and each zip file should be unpacked into the corresponding
directory). If you only want to change the C:\ethereal-win32-libs
directory). If you only want to change the C:\wireshark-win32-libs
part, you just change the setting of WIRESHARK_LIBS in config.nmake; if
you want to change subdirectories, you'll have to change the individual
item for a package. (Note that some zip files create the subdirectory -
those zip files just have C:\ethereal-win32-libs in the list above - so
those zip files just have C:\wireshark-win32-libs in the list above - so
if you don't want the package to be in that subdirectory, you'd have to
rename the directory.)
@ -254,7 +254,7 @@ GTK+2 will look better in various ways, especially for WIN32 users.
You can get the required libraries from:
http://www.ethereal.com/distribution/win32/development/gtk2
http://www.wireshark.org/distribution/win32/development/gtk2
or (like the GTK+1 libraries from the GTK+ for Win32 project):
@ -264,16 +264,16 @@ If you want to try a build with GTK+2.x these Extra libraries are needed
Package Default Location
------- ----------------
gtk+-2.4.14.zip C:\ethereal-win32-libs\gtk2
gtk+-dev-2.4.14.zip C:\ethereal-win32-libs\gtk2
pango-1.4.1.zip C:\ethereal-win32-libs\gtk2
pango-dev-1.4.1.zip C:\ethereal-win32-libs\gtk2
atk-1.6.0.zip C:\ethereal-win32-libs\gtk2
atk-dev-1.6.0.zip C:\ethereal-win32-libs\gtk2
gtk+-2.4.14.zip C:\wireshark-win32-libs\gtk2
gtk+-dev-2.4.14.zip C:\wireshark-win32-libs\gtk2
pango-1.4.1.zip C:\wireshark-win32-libs\gtk2
pango-dev-1.4.1.zip C:\wireshark-win32-libs\gtk2
atk-1.6.0.zip C:\wireshark-win32-libs\gtk2
atk-dev-1.6.0.zip C:\wireshark-win32-libs\gtk2
and optional:
gtk-wimp-0.7.0-bin.zip C:\ethereal-win32-libs\gtk-wimp
gtk-wimp-0.7.0-bin.zip C:\wireshark-win32-libs\gtk-wimp
Be sure to set GTK2_DIR in config.nmake correct, to be able to compile.
@ -381,7 +381,7 @@ make-reg-dotc.py, packet*.c register.c Python
make-tapreg-dotc, tap-*.c tshark-tap-register.c
Bash + grep + sed
make-tapreg-dotc, tap files gtk/ethereal-tap-register.c
make-tapreg-dotc, tap files gtk/wireshark-tap-register.c
in the gtk subdirectory Bash + grep + sed
The Makefile.nmake supplied with the Wireshark distribution will, if
@ -434,7 +434,7 @@ and for a much smaller installer (using the lzma compression).
In the ethereal directory, type "nmake -f makefile.nmake packaging" to build the installer.
Please be patient while the compression is done, it will take some time even on fast machines.
You will hopefully now see something like ethereal-setup-0.10.12.exe in the dir packaging/nsis.
You will hopefully now see something like wireshark-setup-0.10.12.exe in the dir packaging/nsis.
Installing GTK-Wimp
@ -542,7 +542,7 @@ To get it running, execute the following steps:
$ make check
$ make install
5. Patch Makefile.am in <ethereal-src>/gtk/Makefile.am by
5. Patch Makefile.am in <wireshark-src>/gtk/Makefile.am by
removing "ethclist.c" from the dependencies.
This patch is required since the private GTK+ clist widget
@ -567,7 +567,7 @@ To get it running, execute the following steps:
8. Run wireshark (add /opt/gnome/bin to $PATH if this is not yet done)
$ <ethereal-src>/ethereal
$ <wireshark-src>/ethereal
And voila! Behold the mighty sniffer in all its glory!

202
acinclude.m4
View File

@ -51,7 +51,7 @@ dnl Franc,ois Pinard, Karl Berry, Richard Pixley, Ian Lance Taylor,
dnl Roland McGrath, Noah Friedman, david d zuhn, and many others.
#
# AC_ETHEREAL_ADD_DASH_L
# AC_WIRESHARK_ADD_DASH_L
#
# Add to the variable specified as the first argument a "-L" flag for the
# directory specified as the second argument, and, on Solaris, add a
@ -60,7 +60,7 @@ dnl Roland McGrath, Noah Friedman, david d zuhn, and many others.
# XXX - IRIX, and other OSes, may require some flag equivalent to
# "-R" here.
#
AC_DEFUN([AC_ETHEREAL_ADD_DASH_L],
AC_DEFUN([AC_WIRESHARK_ADD_DASH_L],
[$1="$$1 -L$2"
case "$host_os" in
solaris*)
@ -71,23 +71,23 @@ esac
#
# AC_ETHEREAL_STRUCT_SA_LEN
# AC_WIRESHARK_STRUCT_SA_LEN
#
dnl AC_STRUCT_ST_BLKSIZE extracted from the file in question,
dnl "acspecific.m4" in GNU Autoconf 2.12, and turned into
dnl AC_ETHEREAL_STRUCT_SA_LEN, which checks if "struct sockaddr"
dnl AC_WIRESHARK_STRUCT_SA_LEN, which checks if "struct sockaddr"
dnl has the 4.4BSD "sa_len" member, and defines HAVE_SA_LEN; that's
dnl what's in this file.
dnl Done by Guy Harris <guy@alum.mit.edu> on 1998-11-14.
dnl ### Checks for structure members
AC_DEFUN([AC_ETHEREAL_STRUCT_SA_LEN],
[AC_CACHE_CHECK([for sa_len in struct sockaddr], ac_cv_ethereal_struct_sa_len,
AC_DEFUN([AC_WIRESHARK_STRUCT_SA_LEN],
[AC_CACHE_CHECK([for sa_len in struct sockaddr], ac_cv_wireshark_struct_sa_len,
[AC_TRY_COMPILE([#include <sys/types.h>
#include <sys/socket.h>], [struct sockaddr s; s.sa_len;],
ac_cv_ethereal_struct_sa_len=yes, ac_cv_ethereal_struct_sa_len=no)])
if test $ac_cv_ethereal_struct_sa_len = yes; then
ac_cv_wireshark_struct_sa_len=yes, ac_cv_wireshark_struct_sa_len=no)])
if test $ac_cv_wireshark_struct_sa_len = yes; then
AC_DEFINE(HAVE_SA_LEN, 1, [Define if sa_len field exists in struct sockaddr])
fi
])
@ -96,7 +96,7 @@ fi
dnl
dnl Check whether a given format can be used to print 64-bit integers
dnl
AC_DEFUN([AC_ETHEREAL_CHECK_64BIT_FORMAT],
AC_DEFUN([AC_WIRESHARK_CHECK_64BIT_FORMAT],
[
AC_MSG_CHECKING([whether %$1x can be used to format 64-bit integers])
AC_RUN_IFELSE(
@ -137,11 +137,11 @@ AC_DEFUN([AC_ETHEREAL_CHECK_64BIT_FORMAT],
])
#
# AC_ETHEREAL_IPV6_STACK
# AC_WIRESHARK_IPV6_STACK
#
# By Jun-ichiro "itojun" Hagino, <itojun@iijlab.net>
#
AC_DEFUN([AC_ETHEREAL_IPV6_STACK],
AC_DEFUN([AC_WIRESHARK_IPV6_STACK],
[
v6type=unknown
v6lib=none
@ -243,7 +243,7 @@ yes
])
#
# AC_ETHEREAL_GETHOSTBY_LIB_CHECK
# AC_WIRESHARK_GETHOSTBY_LIB_CHECK
#
# Checks whether we need "-lnsl" to get "gethostby*()", which we use
# in "resolv.c".
@ -252,7 +252,7 @@ yes
# GNU Autoconf 2.13; the comment came from there.
# Done by Guy Harris <guy@alum.mit.edu> on 2000-01-14.
#
AC_DEFUN([AC_ETHEREAL_GETHOSTBY_LIB_CHECK],
AC_DEFUN([AC_WIRESHARK_GETHOSTBY_LIB_CHECK],
[
# msh@cis.ufl.edu says -lnsl (and -lsocket) are needed for his 386/AT,
# to get the SysV transport functions.
@ -266,7 +266,7 @@ AC_DEFUN([AC_ETHEREAL_GETHOSTBY_LIB_CHECK],
])
#
# AC_ETHEREAL_SOCKET_LIB_CHECK
# AC_WIRESHARK_SOCKET_LIB_CHECK
#
# Checks whether we need "-lsocket" to get "socket()", which is used
# by libpcap on some platforms - and, in effect, "gethostby*()" on
@ -279,7 +279,7 @@ AC_DEFUN([AC_ETHEREAL_GETHOSTBY_LIB_CHECK],
#
# We use "connect" because that's what AC_PATH_XTRA did.
#
AC_DEFUN([AC_ETHEREAL_SOCKET_LIB_CHECK],
AC_DEFUN([AC_WIRESHARK_SOCKET_LIB_CHECK],
[
# lieder@skyler.mavd.honeywell.com says without -lsocket,
# socket/setsockopt and other routines are undefined under SCO ODT
@ -295,9 +295,9 @@ AC_DEFUN([AC_ETHEREAL_SOCKET_LIB_CHECK],
])
#
# AC_ETHEREAL_PCAP_CHECK
# AC_WIRESHARK_PCAP_CHECK
#
AC_DEFUN([AC_ETHEREAL_PCAP_CHECK],
AC_DEFUN([AC_WIRESHARK_PCAP_CHECK],
[
if test -z "$pcap_dir"
then
@ -355,7 +355,7 @@ AC_DEFUN([AC_ETHEREAL_PCAP_CHECK],
#
CFLAGS="$CFLAGS -I$pcap_dir/include"
CPPFLAGS="$CPPFLAGS -I$pcap_dir/include"
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, $pcap_dir/lib)
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, $pcap_dir/lib)
fi
# Pcap header check
@ -375,7 +375,7 @@ and did you also install that package?]]))
PCAP_LIBS=-lpcap
AC_DEFINE(HAVE_LIBPCAP, 1, [Define to use libpcap library])
], [
ac_ethereal_extras_found=no
ac_wireshark_extras_found=no
ac_save_LIBS="$LIBS"
for extras in "-lcfg -lodm" "-lpfring"
do
@ -392,7 +392,7 @@ and did you also install that package?]]))
pcap_open_live(NULL, 0, 0, 0, NULL);
],
[
ac_ethereal_extras_found=yes
ac_wireshark_extras_found=yes
AC_MSG_RESULT([yes])
PCAP_LIBS="-lpcap $extras"
AC_DEFINE(HAVE_LIBPCAP, 1, [Define to use libpcap library])
@ -400,12 +400,12 @@ and did you also install that package?]]))
[
AC_MSG_RESULT([no])
])
if test x$ac_ethereal_extras_found = xyes
if test x$ac_wireshark_extras_found = xyes
then
break
fi
done
if test x$ac_ethereal_extras_found = xno
if test x$ac_wireshark_extras_found = xno
then
AC_MSG_ERROR([Can't link with library libpcap.])
fi
@ -493,9 +493,9 @@ and did you also install that package?]]))
])
#
# AC_ETHEREAL_ZLIB_CHECK
# AC_WIRESHARK_ZLIB_CHECK
#
AC_DEFUN([AC_ETHEREAL_ZLIB_CHECK],
AC_DEFUN([AC_WIRESHARK_ZLIB_CHECK],
[
if test "x$zlib_dir" != "x"
then
@ -511,12 +511,12 @@ AC_DEFUN([AC_ETHEREAL_ZLIB_CHECK],
# as the compiler and/or linker will search that other
# directory before it searches the specified directory.
#
ethereal_save_CFLAGS="$CFLAGS"
wireshark_save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -I$zlib_dir/include"
ethereal_save_CPPFLAGS="$CPPFLAGS"
wireshark_save_CPPFLAGS="$CPPFLAGS"
CPPFLAGS="$CPPFLAGS -I$zlib_dir/include"
ethereal_save_LIBS="$LIBS"
AC_ETHEREAL_ADD_DASH_L(LIBS, $zlib_dir/lib)
wireshark_save_LIBS="$LIBS"
AC_WIRESHARK_ADD_DASH_L(LIBS, $zlib_dir/lib)
fi
#
@ -589,8 +589,8 @@ AC_DEFUN([AC_ETHEREAL_ZLIB_CHECK],
# LIBS.
#
LIBS=""
AC_ETHEREAL_ADD_DASH_L(LIBS, $zlib_dir/lib)
LIBS="$LIBS -lz $ethereal_save_LIBS"
AC_WIRESHARK_ADD_DASH_L(LIBS, $zlib_dir/lib)
LIBS="$LIBS -lz $wireshark_save_LIBS"
else
LIBS="-lz $LIBS"
fi
@ -605,9 +605,9 @@ AC_DEFUN([AC_ETHEREAL_ZLIB_CHECK],
# zlib there, or didn't find a zlib that
# contains gzgets there.
#
CFLAGS="$ethereal_save_CFLAGS"
CPPFLAGS="$ethereal_save_CPPFLAGS"
LIBS="$ethereal_save_LIBS"
CFLAGS="$wireshark_save_CFLAGS"
CPPFLAGS="$wireshark_save_CPPFLAGS"
LIBS="$wireshark_save_LIBS"
fi
want_zlib=no
])
@ -647,9 +647,9 @@ AC_DEFUN([AC_ETHEREAL_ZLIB_CHECK],
])
#
# AC_ETHEREAL_LIBPCRE_CHECK
# AC_WIRESHARK_LIBPCRE_CHECK
#
AC_DEFUN([AC_ETHEREAL_LIBPCRE_CHECK],
AC_DEFUN([AC_WIRESHARK_LIBPCRE_CHECK],
[
if test "x$pcre_dir" != "x"
then
@ -665,13 +665,13 @@ AC_DEFUN([AC_ETHEREAL_LIBPCRE_CHECK],
# as the compiler and/or linker will search that other
# directory before it searches the specified directory.
#
ethereal_save_CFLAGS="$CFLAGS"
wireshark_save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -I$pcre_dir/include"
ethereal_save_CPPFLAGS="$CPPFLAGS"
wireshark_save_CPPFLAGS="$CPPFLAGS"
CPPFLAGS="$CPPFLAGS -I$pcre_dir/include"
ethereal_save_LIBS="$LIBS"
wireshark_save_LIBS="$LIBS"
LIBS="$LIBS -lpcre"
ethereal_save_LDFLAGS="$LDFLAGS"
wireshark_save_LDFLAGS="$LDFLAGS"
LDFLAGS="$LDFLAGS -L$pcre_dir/lib"
fi
@ -726,7 +726,7 @@ AC_DEFUN([AC_ETHEREAL_LIBPCRE_CHECK],
# the beginning of CFLAGS, CPPFLAGS,
# LDFLAGS, and LIBS.
#
PCRE_LIBS="-L$pcre_dir/lib -lpcre $ethereal_save_LIBS"
PCRE_LIBS="-L$pcre_dir/lib -lpcre $wireshark_save_LIBS"
else
PCRE_LIBS="-lpcre"
fi
@ -740,10 +740,10 @@ AC_DEFUN([AC_ETHEREAL_LIBPCRE_CHECK],
# "--with-pcre=" directory, as we didn't
# actually find pcre there.
#
CFLAGS="$ethereal_save_CFLAGS"
CPPFLAGS="$ethereal_save_CPPFLAGS"
LDFLAGS="$ethereal_save_LDFLAGS"
LIBS="$ethereal_save_LIBS"
CFLAGS="$wireshark_save_CFLAGS"
CPPFLAGS="$wireshark_save_CPPFLAGS"
LDFLAGS="$wireshark_save_LDFLAGS"
LIBS="$wireshark_save_LIBS"
PCRE_LIBS=""
fi
want_pcre=no
@ -753,9 +753,9 @@ AC_DEFUN([AC_ETHEREAL_LIBPCRE_CHECK],
])
#
# AC_ETHEREAL_LIBLUA_CHECK
# AC_WIRESHARK_LIBLUA_CHECK
#
AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
AC_DEFUN([AC_WIRESHARK_LIBLUA_CHECK],[
if test "x$lua_dir" != "x"
then
@ -771,23 +771,23 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
# as the compiler and/or linker will search that other
# directory before it searches the specified directory.
#
ethereal_save_CFLAGS="$CFLAGS"
wireshark_save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -I$lua_dir/include"
ethereal_save_CPPFLAGS="$CPPFLAGS"
wireshark_save_CPPFLAGS="$CPPFLAGS"
CPPFLAGS="$CPPFLAGS -I$lua_dir/include"
ethereal_save_LIBS="$LIBS"
wireshark_save_LIBS="$LIBS"
LIBS="$LIBS -L$lua_dir/lib -llua"
ethereal_save_LDFLAGS="$LDFLAGS"
wireshark_save_LDFLAGS="$LDFLAGS"
LDFLAGS="$LDFLAGS -L$lua_dir/lib"
else
#
# The user specified no directory in which liblua resides,
# so just add "-llua -lliblua" to the used libs.
#
ethereal_save_CFLAGS="$CFLAGS"
ethereal_save_CPPFLAGS="$CPPFLAGS"
ethereal_save_LDFLAGS="$LDFLAGS"
ethereal_save_LIBS="$LIBS"
wireshark_save_CFLAGS="$CFLAGS"
wireshark_save_CPPFLAGS="$CPPFLAGS"
wireshark_save_LDFLAGS="$LDFLAGS"
wireshark_save_LIBS="$LIBS"
LIBS="$LIBS -llua"
fi
@ -868,7 +868,7 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
# do we have 5.1?
#
LIBS="$ethereal_save_LIBS $LUA_LIBS"
LIBS="$wireshark_save_LIBS $LUA_LIBS"
AC_CHECK_LIB(lua, luaL_register,
[
@ -888,10 +888,10 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
# "--with-lua=" directory, as we didn't
# actually find lua there.
#
CFLAGS="$ethereal_save_CFLAGS"
CPPFLAGS="$ethereal_save_CPPFLAGS"
LDFLAGS="$ethereal_save_LDFLAGS"
LIBS="$ethereal_save_LIBS"
CFLAGS="$wireshark_save_CFLAGS"
CPPFLAGS="$wireshark_save_CPPFLAGS"
LDFLAGS="$wireshark_save_LDFLAGS"
LIBS="$wireshark_save_LIBS"
LUA_LIBS=""
fi
# User requested --with-lua but it isn't available
@ -909,10 +909,10 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
# "--with-lua=" directory, as we didn't
# actually find lua there.
#
CFLAGS="$ethereal_save_CFLAGS"
CPPFLAGS="$ethereal_save_CPPFLAGS"
LDFLAGS="$ethereal_save_LDFLAGS"
LIBS="$ethereal_save_LIBS"
CFLAGS="$wireshark_save_CFLAGS"
CPPFLAGS="$wireshark_save_CPPFLAGS"
LDFLAGS="$wireshark_save_LDFLAGS"
LIBS="$wireshark_save_LIBS"
LUA_LIBS=""
# User requested --with-lua but it isn't available
if test "x$want_lua" = "xyes"
@ -922,10 +922,10 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
want_lua=no
])
CFLAGS="$ethereal_save_CFLAGS"
CPPFLAGS="$ethereal_save_CPPFLAGS"
LDFLAGS="$ethereal_save_LDFLAGS"
LIBS="$ethereal_save_LIBS"
CFLAGS="$wireshark_save_CFLAGS"
CPPFLAGS="$wireshark_save_CPPFLAGS"
LDFLAGS="$wireshark_save_LDFLAGS"
LIBS="$wireshark_save_LIBS"
AC_SUBST(LUA_LIBS)
AC_SUBST(LUA_INCLUDES)
@ -933,9 +933,9 @@ AC_DEFUN([AC_ETHEREAL_LIBLUA_CHECK],[
])
#
# AC_ETHEREAL_NETSNMP_CHECK
# AC_WIRESHARK_NETSNMP_CHECK
#
AC_DEFUN([AC_ETHEREAL_NETSNMP_CHECK],
AC_DEFUN([AC_WIRESHARK_NETSNMP_CHECK],
[
dnl get the net-snmp-config binary
if test "x$netsnmpconfig" = "x" ; then
@ -970,8 +970,8 @@ AC_DEFUN([AC_ETHEREAL_NETSNMP_CHECK],
# searching for the Net-SNMP headers, we look in whatever
# directory that output specifies.
#
ethereal_save_CFLAGS="$CFLAGS"
ethereal_save_CPPFLAGS="$CPPFLAGS"
wireshark_save_CFLAGS="$CFLAGS"
wireshark_save_CPPFLAGS="$CPPFLAGS"
CFLAGS="$CFLAGS `$NETSNMPCONFIG --cflags`"
CPPFLAGS="$CPPFLAGS `$NETSNMPCONFIG --cflags`"
@ -984,8 +984,8 @@ AC_DEFUN([AC_ETHEREAL_NETSNMP_CHECK],
else
AC_MSG_RESULT(Net-SNMP requires openssl but ssl not enabled - disabling Net-SNMP)
fi
CFLAGS="$ethereal_save_CFLAGS"
CPPFLAGS="$ethereal_save_CPPFLAGS"
CFLAGS="$wireshark_save_CFLAGS"
CPPFLAGS="$wireshark_save_CPPFLAGS"
SNMP_LIBS=
else
AC_DEFINE(HAVE_NET_SNMP, 1, [Define to enable support for Net-SNMP])
@ -1001,17 +1001,17 @@ AC_DEFUN([AC_ETHEREAL_NETSNMP_CHECK],
# of '$NETSNMPCONFIG --cflags", as we
# didn't actually find Net-SNMP there.
#
CFLAGS="$ethereal_save_CFLAGS"
CPPFLAGS="$ethereal_save_CPPFLAGS"
CFLAGS="$wireshark_save_CFLAGS"
CPPFLAGS="$wireshark_save_CPPFLAGS"
fi
fi
fi
])
#
# AC_ETHEREAL_UCDSNMP_CHECK
# AC_WIRESHARK_UCDSNMP_CHECK
#
AC_DEFUN([AC_ETHEREAL_UCDSNMP_CHECK],
AC_DEFUN([AC_WIRESHARK_UCDSNMP_CHECK],
[
if test "x$ucdsnmp_dir" != "x"
then
@ -1029,7 +1029,7 @@ AC_DEFUN([AC_ETHEREAL_UCDSNMP_CHECK],
#
CFLAGS="$CFLAGS -I$ucdsnmp_dir/include"
CPPFLAGS="$CPPFLAGS -I$ucdsnmp_dir/include"
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, $ucdsnmp_dir/lib)
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, $ucdsnmp_dir/lib)
fi
#
@ -1059,7 +1059,7 @@ AC_DEFUN([AC_ETHEREAL_UCDSNMP_CHECK],
# needed after the library *and* to cache all that
# information.
#
ethereal_save_LIBS="$LIBS"
wireshark_save_LIBS="$LIBS"
found_sprint_realloc_objid=no
for extras in "" "-L/usr/kerberos/lib -ldes425" "-lkstat"
do
@ -1116,7 +1116,7 @@ AC_DEFUN([AC_ETHEREAL_UCDSNMP_CHECK],
fi
])
done
LIBS="$ethereal_save_LIBS"
LIBS="$wireshark_save_LIBS"
#
# If we didn't find "sprint_realloc_objid()", fail.
@ -1146,13 +1146,13 @@ AC_DEFUN([AC_ETHEREAL_UCDSNMP_CHECK],
])
#
# AC_ETHEREAL_RPM_CHECK
# AC_WIRESHARK_RPM_CHECK
# Looks for the rpm program, and checks to see if we can redefine "_topdir".
#
AC_DEFUN([AC_ETHEREAL_RPM_CHECK],
AC_DEFUN([AC_WIRESHARK_RPM_CHECK],
[
AC_CHECK_PROG(ac_cv_ethereal_have_rpm, rpm, "yes", "no")
if test "x$ac_cv_ethereal_have_rpm" = "xyes"; then
AC_CHECK_PROG(ac_cv_wireshark_have_rpm, rpm, "yes", "no")
if test "x$ac_cv_wireshark_have_rpm" = "xyes"; then
rpm --define '_topdir /tmp' > /dev/null 2>&1
AC_MSG_CHECKING(to see if we can redefine _topdir)
if test $? -eq 0 ; then
@ -1166,10 +1166,10 @@ AC_DEFUN([AC_ETHEREAL_RPM_CHECK],
])
#
# AC_ETHEREAL_GNU_SED_CHECK
# AC_WIRESHARK_GNU_SED_CHECK
# Checks if GNU sed is the first sed in PATH.
#
AC_DEFUN([AC_ETHEREAL_GNU_SED_CHECK],
AC_DEFUN([AC_WIRESHARK_GNU_SED_CHECK],
[
AC_MSG_CHECKING(for GNU sed as first sed in PATH)
if ( sh -c "sed --version" </dev/null 2> /dev/null | grep "GNU sed" 2>&1 > /dev/null ) ; then
@ -1182,9 +1182,9 @@ AC_DEFUN([AC_ETHEREAL_GNU_SED_CHECK],
])
#
# AC_ETHEREAL_ADNS_CHECK
# AC_WIRESHARK_ADNS_CHECK
#
AC_DEFUN([AC_ETHEREAL_ADNS_CHECK],
AC_DEFUN([AC_WIRESHARK_ADNS_CHECK],
[
want_adns=defaultyes
@ -1192,7 +1192,7 @@ AC_DEFUN([AC_ETHEREAL_ADNS_CHECK],
want_adns=yes
withval=/usr/local
if test -d "$withval"; then
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, ${withval}/lib)
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, ${withval}/lib)
fi
fi
@ -1211,12 +1211,12 @@ AC_DEFUN([AC_ETHEREAL_ADNS_CHECK],
#
# AC_ETHEREAL_KRB5_CHECK
# AC_WIRESHARK_KRB5_CHECK
#
AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
AC_DEFUN([AC_WIRESHARK_KRB5_CHECK],
[
ethereal_save_CFLAGS="$CFLAGS"
ethereal_save_CPPFLAGS="$CPPFLAGS"
wireshark_save_CFLAGS="$CFLAGS"
wireshark_save_CPPFLAGS="$CPPFLAGS"
if test "x$krb5_dir" != "x"
then
#
@ -1332,7 +1332,7 @@ AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
# the Kerberos library.
#
AC_MSG_RESULT($ac_krb5_version)
ethereal_save_LIBS="$LIBS"
wireshark_save_LIBS="$LIBS"
found_krb5_kt_resolve=no
for extras in "" "-lresolv"
do
@ -1391,8 +1391,8 @@ AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
# from before we added the flags for Kerberos.
#
AC_MSG_RESULT(Usable $ac_krb5_version not found - disabling dissection for some kerberos data in packet decoding)
CFLAGS="$ethereal_save_CFLAGS"
CPPFLAGS="$ethereal_save_CPPFLAGS"
CFLAGS="$wireshark_save_CFLAGS"
CPPFLAGS="$wireshark_save_CPPFLAGS"
KRB5_LIBS=""
want_krb5=no
fi
@ -1424,7 +1424,7 @@ AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
AC_MSG_RESULT(no)
])
fi
LIBS="$ethereal_save_LIBS"
LIBS="$wireshark_save_LIBS"
else
#
# It's not Heimdal or MIT.
@ -1443,8 +1443,8 @@ AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
# from before we added the flags for Kerberos.
#
AC_MSG_RESULT(Kerberos not found - disabling dissection for some kerberos data in packet decoding)
CFLAGS="$ethereal_save_CFLAGS"
CPPFLAGS="$ethereal_save_CPPFLAGS"
CFLAGS="$wireshark_save_CFLAGS"
CPPFLAGS="$wireshark_save_CPPFLAGS"
KRB5_LIBS=""
want_krb5=no
fi
@ -1458,8 +1458,8 @@ AC_DEFUN([AC_ETHEREAL_KRB5_CHECK],
# Restore the versions of CFLAGS and CPPFLAGS
# from before we added the flags for Kerberos.
#
CFLAGS="$ethereal_save_CFLAGS"
CPPFLAGS="$ethereal_save_CPPFLAGS"
CFLAGS="$wireshark_save_CFLAGS"
CPPFLAGS="$wireshark_save_CPPFLAGS"
KRB5_LIBS=""
want_krb5=no
fi

2
cfilters
View File

@ -10,4 +10,4 @@
"TCP or UDP port 80 (HTTP)" port 80
"HTTP TCP port (80)" tcp port http
"No ARP and no DNS" not arp and port not 53
"Non-HTTP and non-SMTP to/from www.ethereal.com" not port 80 and not port 25 and host www.ethereal.com
"Non-HTTP and non-SMTP to/from www.wireshark.org" not port 80 and not port 25 and host www.wireshark.org

76
configure.in
View File

@ -116,7 +116,7 @@ else
fi
AC_SUBST(HAVE_SVR4_PACKAGING)
AC_ETHEREAL_RPM_CHECK
AC_WIRESHARK_RPM_CHECK
AC_SUBST(HAVE_RPM)
#
@ -134,12 +134,12 @@ AC_ARG_WITH(extra-gcc-checks,
[
if test $withval != no
then
ethereal_extra_gcc_flags=" -Wcast-qual -Wcast-align -Wbad-function-cast -pedantic -Wstrict-prototypes -Wmissing-declarations -Wwrite-strings"
wireshark_extra_gcc_flags=" -Wcast-qual -Wcast-align -Wbad-function-cast -pedantic -Wstrict-prototypes -Wmissing-declarations -Wwrite-strings"
fi
],)
AC_MSG_CHECKING(to see if we can add '-Wall -W $ethereal_extra_gcc_flags' to CFLAGS)
AC_MSG_CHECKING(to see if we can add '-Wall -W $wireshark_extra_gcc_flags' to CFLAGS)
if test x$GCC != x ; then
CFLAGS="-D_U_=\"__attribute__((unused))\" -Wall -Wpointer-arith -W $ethereal_extra_gcc_flags $CFLAGS"
CFLAGS="-D_U_=\"__attribute__((unused))\" -Wall -Wpointer-arith -W $wireshark_extra_gcc_flags $CFLAGS"
AC_MSG_RESULT(yes)
else
CFLAGS="-D_U_=\"\" $CFLAGS"
@ -281,7 +281,7 @@ if test "x$ac_cv_enable_usr_local" = "xyes" ; then
#
# Arrange that we search for libraries in "/usr/local/lib".
#
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, /usr/local/lib)
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, /usr/local/lib)
else
AC_MSG_RESULT(no)
fi
@ -314,7 +314,7 @@ esac
#
# Add any checks here that are necessary for other OSes.
#
AC_ETHEREAL_GNU_SED_CHECK
AC_WIRESHARK_GNU_SED_CHECK
if test "$HAVE_GNU_SED" = no ; then
case "$host_os" in
solaris*)
@ -401,8 +401,8 @@ fi
#
if test "$GTK_OK" = "no" ; then
enable_ethereal="no"
ethereal_bin=""
ethereal_man=""
wireshark_bin=""
wireshark_man=""
# Honor GLIB_CFLAGS
if test "x$enable_gtk2" = "xyes" ; then
AM_PATH_GLIB_2_0(2.0.0, CFLAGS="$CFLAGS $GLIB_CFLAGS", AC_MSG_ERROR(GLib2 distribution not found.), gmodule)
@ -410,9 +410,9 @@ if test "$GTK_OK" = "no" ; then
AM_PATH_GLIB(1.2.0, CFLAGS="$CFLAGS $GLIB_CFLAGS", AC_MSG_ERROR(GLib distribution not found.), gmodule)
fi
else
ethereal_bin="ethereal\$(EXEEXT)"
ethereal_man="ethereal.1"
ethereal_SUBDIRS="gtk"
wireshark_bin="ethereal\$(EXEEXT)"
wireshark_man="ethereal.1"
wireshark_SUBDIRS="gtk"
# Honor GLIB_CFLAGS
if test "$GTK_OK" = "two" ; then
AM_PATH_GLIB_2_0(2.0.0, , AC_MSG_ERROR(GLib distribution not found.), gmodule)
@ -488,11 +488,11 @@ AC_CHECK_HEADERS(inttypes.h,
],
[
AC_MSG_RESULT(yes)
ac_ethereal_inttypes_h_defines_formats=yes
ac_wireshark_inttypes_h_defines_formats=yes
],
[
AC_MSG_RESULT(no)
ac_ethereal_inttypes_h_defines_formats=no
ac_wireshark_inttypes_h_defines_formats=no
])
],
[
@ -500,16 +500,16 @@ AC_CHECK_HEADERS(inttypes.h,
# We don't have inttypes.h, so it obviously can't define those
# macros.
#
ac_ethereal_inttypes_h_defines_formats=no
ac_wireshark_inttypes_h_defines_formats=no
])
if test "$ac_ethereal_inttypes_h_defines_formats" = yes; then
if test "$ac_wireshark_inttypes_h_defines_formats" = yes; then
AC_DEFINE(INTTYPES_H_DEFINES_FORMATS,,[Define if <inttypes.h> defines PRI[doxu]64 macros])
else
AC_ETHEREAL_CHECK_64BIT_FORMAT(ll,
AC_WIRESHARK_CHECK_64BIT_FORMAT(ll,
[
AC_ETHEREAL_CHECK_64BIT_FORMAT(L,
AC_WIRESHARK_CHECK_64BIT_FORMAT(L,
[
AC_ETHEREAL_CHECK_64BIT_FORMAT(q,
AC_WIRESHARK_CHECK_64BIT_FORMAT(q,
[
AC_MSG_ERROR([neither %llx nor %Lx nor %qx worked on a 64-bit integer])
])
@ -517,8 +517,8 @@ else
])
fi
AC_SUBST(ethereal_bin)
AC_SUBST(ethereal_man)
AC_SUBST(wireshark_bin)
AC_SUBST(wireshark_man)
rdps_bin="rdps\$(EXEEXT)"
AC_SUBST(rdps_bin)
@ -532,14 +532,14 @@ AC_ARG_ENABLE(tshark,
if test "x$enable_tshark" = "xyes" ; then
tshark_bin="tshark\$(EXEEXT)"
tshark_man="tshark.1"
etherealfilter_man="ethereal-filter.4"
wiresharkfilter_man="wireshark-filter.4"
else
tshark_bin=""
tshark_man=""
fi
AC_SUBST(tshark_bin)
AC_SUBST(tshark_man)
AC_SUBST(etherealfilter_man)
AC_SUBST(wiresharkfilter_man)
@ -666,11 +666,11 @@ AC_SUBST(randpkt_bin)
dnl Checks for "gethostbyname()" - and "-lnsl", if we need it to get
dnl "gethostbyname()".
AC_ETHEREAL_GETHOSTBY_LIB_CHECK
AC_WIRESHARK_GETHOSTBY_LIB_CHECK
dnl Checks for "connect()", used as a proxy for "socket()" - and
dnl "-lsocket", if we need it to get "connect()".
AC_ETHEREAL_SOCKET_LIB_CHECK
AC_WIRESHARK_SOCKET_LIB_CHECK
dnl pcap check
AC_MSG_CHECKING(whether to use libpcap for packet capture)
@ -696,7 +696,7 @@ if test "x$want_pcap" = "xno" ; then
AC_MSG_RESULT(no)
else
AC_MSG_RESULT(yes)
AC_ETHEREAL_PCAP_CHECK
AC_WIRESHARK_PCAP_CHECK
fi
dnl zlib check
@ -726,7 +726,7 @@ if test "x$want_zlib" = "xno" ; then
AC_MSG_RESULT(no)
else
AC_MSG_RESULT(yes)
AC_ETHEREAL_ZLIB_CHECK
AC_WIRESHARK_ZLIB_CHECK
if test "x$want_zlib" = "xno" ; then
AC_MSG_RESULT(zlib not found - disabling compressed capture file support)
fi
@ -760,7 +760,7 @@ if test "x$want_pcre" = "xno" ; then
AC_MSG_RESULT(no)
else
AC_MSG_RESULT(yes)
AC_ETHEREAL_LIBPCRE_CHECK
AC_WIRESHARK_LIBPCRE_CHECK
if test "x$want_pcre" = "xno" ; then
AC_MSG_RESULT(libpcre not found - disabling support for perl compatible regular expressions in dfilters)
fi
@ -794,7 +794,7 @@ if test "x$want_lua" = "xno" ; then
AC_MSG_RESULT(no)
else
AC_MSG_RESULT(yes)
AC_ETHEREAL_LIBLUA_CHECK
AC_WIRESHARK_LIBLUA_CHECK
if test "x$want_lua" = "xno" ; then
AC_MSG_RESULT(liblua not found - disabling support for the lua scripting plugin)
fi
@ -811,7 +811,7 @@ if test "x$enable_ipv6" = "xno" ; then
AC_MSG_RESULT(no)
else
AC_MSG_RESULT(yes)
AC_ETHEREAL_IPV6_STACK
AC_WIRESHARK_IPV6_STACK
fi
@ -853,7 +853,7 @@ elif test "x$withval" = "xyes"; then
want_ssl=yes
elif test -d "$withval"; then
want_ssl=yes
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, ${withval}/lib)
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, ${withval}/lib)
fi
],[
want_ssl=no
@ -930,7 +930,7 @@ else
else
AC_MSG_RESULT(yes)
fi
AC_ETHEREAL_NETSNMP_CHECK
AC_WIRESHARK_NETSNMP_CHECK
fi
#
@ -946,7 +946,7 @@ if test "x$have_net_snmp" != "xyes" ; then
else
AC_MSG_RESULT(yes)
fi
AC_ETHEREAL_UCDSNMP_CHECK
AC_WIRESHARK_UCDSNMP_CHECK
fi
fi
@ -984,7 +984,7 @@ if test "x$want_krb5" = "xno" ; then
AC_MSG_RESULT(no)
else
AC_MSG_RESULT(yes)
AC_ETHEREAL_KRB5_CHECK
AC_WIRESHARK_KRB5_CHECK
fi
@ -1001,14 +1001,14 @@ elif test "x$withval" = "xyes"; then
want_adns=yes
elif test -d "$withval"; then
want_adns=yes
AC_ETHEREAL_ADD_DASH_L(LDFLAGS, ${withval}/lib)
AC_WIRESHARK_ADD_DASH_L(LDFLAGS, ${withval}/lib)
fi
])
if test "x$with_adns" = "xno" ; then
AC_MSG_RESULT(no)
else
AC_MSG_RESULT(yes)
AC_ETHEREAL_ADNS_CHECK
AC_WIRESHARK_ADNS_CHECK
fi
AC_SUBST(ADNS_LIBS)
@ -1024,7 +1024,7 @@ dnl Checks for typedefs, structures, and compiler characteristics.
# We need to know whether "struct sockaddr" has an "sa_len" member
# for get_interface_list().
AC_ETHEREAL_STRUCT_SA_LEN
AC_WIRESHARK_STRUCT_SA_LEN
# We must know our byte order
AC_C_BIGENDIAN
@ -1221,7 +1221,7 @@ AC_CHECK_FUNCS(issetugid)
AC_CHECK_FUNCS(mmap mprotect sysconf)
dnl blank for now, but will be used in future
AC_SUBST(ethereal_SUBDIRS)
AC_SUBST(wireshark_SUBDIRS)
dnl
dnl check whether plugins should be enabled and, if they should be,
@ -1312,7 +1312,7 @@ AC_OUTPUT(
packaging/nsis/Makefile
packaging/rpm/Makefile
packaging/rpm/SPECS/Makefile
packaging/rpm/SPECS/ethereal.spec
packaging/rpm/SPECS/wireshark.spec
packaging/svr4/Makefile
packaging/svr4/checkinstall
packaging/svr4/pkginfo

4
debian/ethereal-common.manpages vendored
View File

@ -1,12 +1,12 @@
editcap.1
mergecap.1
text2pcap.1
ethereal-filter.4
wireshark-filter.4
editcap.1
mergecap.1
text2pcap.1
ethereal-filter.4
wireshark-filter.4
editcap.1
mergecap.1

6
debian/rules vendored
View File

@ -62,7 +62,7 @@ clean: unpatch-stamp
cp /usr/share/misc/config.guess /usr/share/misc/config.sub .
-$(MAKE) distclean
rm -f rdps ethereal.1 tshark.1 idl2deb.1 ethereal-filter.4 asn2deb.1
rm -f rdps ethereal.1 tshark.1 idl2deb.1 wireshark-filter.4 asn2deb.1
rm -f conftest conftest.c
rm -f config.guess config.sub config.log
@ -88,7 +88,7 @@ binary-arch: build
$(MAKE) install DESTDIR=`pwd`/debian/tmp
mkdir -p `pwd`/debian/tmp/usr/share/applications/
cp ethereal.desktop `pwd`/debian/tmp/usr/share/applications/
cp debian/ethereal-root.desktop `pwd`/debian/tmp/usr/share/applications/
cp debian/wireshark-root.desktop `pwd`/debian/tmp/usr/share/applications/
mkdir -p `pwd`/debian/tmp/usr/share/pixmaps/
cp image/hi48-app-ethereal.png `pwd`/debian/tmp/usr/share/pixmaps/
cp image/eicon3d32.xpm `pwd`/debian/tmp/usr/share/pixmaps/
@ -98,7 +98,7 @@ binary-arch: build
cp `pwd`/ethereal_be.py `pwd`/ethereal_gen.py \
`pwd`/debian/tmp/usr/lib/$(PYTHON_VERSION)/site-packages/
mkdir -p `pwd`/debian/tmp/usr/include/ethereal/
for F in `cat debian/ethereal-dev.header-files`; do \
for F in `cat debian/wireshark-dev.header-files`; do \
cp --parents $$F `pwd`/debian/tmp/usr/include/ethereal; \
done
# .a is no longer built; why was is used ?

38
doc/Makefile.am
View File

@ -24,20 +24,20 @@
# We include dependencies on ../config.h in order to
# capture when $(VERSION) changes.
ethereal-tmp.pod: $(srcdir)/ethereal.pod $(top_builddir)/AUTHORS-SHORT-FORMAT
cat $(srcdir)/ethereal.pod $(top_builddir)/AUTHORS-SHORT-FORMAT > ethereal-tmp.pod
wireshark-tmp.pod: $(srcdir)/wireshark.pod $(top_builddir)/AUTHORS-SHORT-FORMAT
cat $(srcdir)/wireshark.pod $(top_builddir)/AUTHORS-SHORT-FORMAT > wireshark-tmp.pod
../ethereal.1: ethereal-tmp.pod ../config.h
../wireshark.1: wireshark-tmp.pod ../config.h
$(POD2MAN) \
--center="The Wireshark Network Analyzer" \
--release=$(VERSION) \
ethereal-tmp.pod | sed 's/ETHEREAL-TMP/ETHEREAL/' > ../ethereal.1
wireshark-tmp.pod | sed 's/WIRESHARK-TMP/WIRESHARK/' > ../wireshark.1
../ethereal.html: ethereal-tmp.pod ../config.h
../wireshark.html: wireshark-tmp.pod ../config.h
$(POD2HTML) \
--title="The Wireshark Network Analyzer $(VERSION)" \
--noindex \
ethereal-tmp.pod > ../ethereal.html
wireshark-tmp.pod > ../wireshark.html
../tshark.1: tshark.pod ../config.h
$(POD2MAN) \
@ -51,21 +51,21 @@ ethereal-tmp.pod: $(srcdir)/ethereal.pod $(top_builddir)/AUTHORS-SHORT-FORMAT
--noindex \
$(srcdir)/tshark.pod > ../tshark.html
../ethereal-filter.4: ethereal-filter.pod ../config.h
../wireshark-filter.4: wireshark-filter.pod ../config.h
$(POD2MAN) \
--section=4 \
--center="The Wireshark Network Analyzer" \
--release=$(VERSION) \
ethereal-filter.pod > ../ethereal-filter.4
wireshark-filter.pod > ../wireshark-filter.4
../ethereal-filter.html: ethereal-filter.pod ../config.h
../wireshark-filter.html: wireshark-filter.pod ../config.h
$(POD2HTML) \
--title="ethereal-filter - The Wireshark Network Analyzer $(VERSION)" \
--title="wireshark-filter - The Wireshark Network Analyzer $(VERSION)" \
--noindex \
ethereal-filter.pod > ../ethereal-filter.html
wireshark-filter.pod > ../wireshark-filter.html
ethereal-filter.pod: ethereal-filter.pod.template ../tshark
../tshark -G fields | $(PERL) $(srcdir)/dfilter2pod.pl $(srcdir)/ethereal-filter.pod.template > ethereal-filter.pod
wireshark-filter.pod: wireshark-filter.pod.template ../tshark
../tshark -G fields | $(PERL) $(srcdir)/dfilter2pod.pl $(srcdir)/wireshark-filter.pod.template > wireshark-filter.pod
../capinfos.1: capinfos.pod ../config.h
$(POD2MAN) \
@ -140,12 +140,12 @@ ethereal-filter.pod: ethereal-filter.pod.template ../tshark
$(srcdir)/dumpcap.pod > ../dumpcap.html
CLEANFILES = \
ethereal-filter.pod \
ethereal-tmp.pod \
../ethereal-filter.4 \
../ethereal-filter.html \
../ethereal.1 \
../ethereal.html \
wireshark-filter.pod \
wireshark-tmp.pod \
../wireshark-filter.4 \
../wireshark-filter.html \
../wireshark.1 \
../wireshark.html \
../capinfos.1 \
../capinfos.html \
../editcap.1 \

34
doc/Makefile.nmake
View File

@ -26,31 +26,31 @@
include ../config.nmake
doc: ethereal.html tshark.html ethereal-filter.html capinfos.html \
doc: wireshark.html tshark.html wireshark-filter.html capinfos.html \
editcap.html idl2wrs.html mergecap.html text2pcap.html dumpcap.html
man: ethereal.1 tshark.1 ethereal-filter.4 capinfos.1 editcap.1 \
man: wireshark.1 tshark.1 wireshark-filter.4 capinfos.1 editcap.1 \
idl2wrs.1 mergecap.1 text2pcap.1 dumpcap.1
ethereal-tmp.pod: ethereal.pod ../AUTHORS-SHORT-FORMAT
copy /B ethereal.pod + ..\AUTHORS-SHORT-FORMAT ethereal-tmp.pod
wireshark-tmp.pod: wireshark.pod ../AUTHORS-SHORT-FORMAT
copy /B wireshark.pod + ..\AUTHORS-SHORT-FORMAT wireshark-tmp.pod
../AUTHORS-SHORT-FORMAT:
cd ..
$(MAKE) -f makefile.nmake AUTHORS-SHORT-FORMAT
cd doc
ethereal.1: ethereal.pod ../config.h
wireshark.1: wireshark.pod ../config.h
$(POD2MAN) \
--center="The Wireshark Network Analyzer" \
--release=$(VERSION) \
ethereal-tmp.pod > ethereal.1
wireshark-tmp.pod > wireshark.1
ethereal.html: ethereal-tmp.pod ../config.h
wireshark.html: wireshark-tmp.pod ../config.h
$(POD2HTML) \
--title="The Wireshark Network Analyzer $(VERSION)" \
--noindex \
ethereal-tmp.pod > ethereal.html
wireshark-tmp.pod > wireshark.html
../tshark.exe:
cd ..
@ -69,22 +69,22 @@ tshark.html: tshark.pod ../config.h
--noindex \
tshark.pod > tshark.html
ethereal-filter.4: ethereal-filter.pod ../config.h
wireshark-filter.4: wireshark-filter.pod ../config.h
$(POD2MAN) \
--center="The Wireshark Network Analyzer" \
--release=$(VERSION) \
ethereal-filter.pod > ethereal.4
wireshark-filter.pod > wireshark.4
ethereal-filter.html: ethereal-filter.pod ../config.h
wireshark-filter.html: wireshark-filter.pod ../config.h
$(POD2HTML) \
--title="ethereal-filter - The Wireshark Network Analyzer $(VERSION)" \
--title="wireshark-filter - The Wireshark Network Analyzer $(VERSION)" \
--noindex \
ethereal-filter.pod > ethereal-filter.html
wireshark-filter.pod > wireshark-filter.html
ethereal-filter.pod: ethereal-filter.pod.template ../tshark.exe
wireshark-filter.pod: wireshark-filter.pod.template ../tshark.exe
cd ..
$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake install-deps
tshark.exe -G | $(PERL) doc\dfilter2pod.pl doc\ethereal-filter.pod.template > doc\ethereal-filter.pod
tshark.exe -G | $(PERL) doc\dfilter2pod.pl doc\wireshark-filter.pod.template > doc\wireshark-filter.pod
$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake clean-deps
cd doc
@ -162,9 +162,9 @@ dumpcap.html: dumpcap.pod ../config.h
dumpcap.pod > dumpcap.html
clean:
rm -f ethereal.html ethereal.1 ethereal-tmp.pod
rm -f wireshark.html wireshark.1 wireshark-tmp.pod
rm -f tshark.html tshark.1
rm -f ethereal-filter.html ethereal-filter.4 ethereal-filter.pod
rm -f wireshark-filter.html wireshark-filter.4 wireshark-filter.pod
rm -f capinfos.html capinfos.1
rm -f editcap.html editcap.1
rm -f idl2wrs.html idl2wrs.1

14
doc/README.binarytrees
View File

@ -13,12 +13,12 @@ Benefits of using binary trees are that they are incredibly fast for
accessing data and they scale very well with good characteristics even to
very large number of objects.
Ethereal provides its own version of red black binary trees designed in
Wireshark provides its own version of red black binary trees designed in
particular to be easy to use and to eliminate most of the memory management
often associated with such trees.
The trees supported by wireshark are currently all created using SEasonal
storage which means that when you load a new trace into ethereal, the SEasonal
storage which means that when you load a new trace into wireshark, the SEasonal
memory management will automatically release every single byte of data
associated with the tree.
@ -34,8 +34,8 @@ void *se_tree_lookup32(se_tree_t *se_tree, guint32 key);
2.1 se_tree_create(int type, char *name);
se_tree_create() is used to initialize a tree that will be automatically
cleared and reset everytime ethereal is resetting all SEasonal storage,
that is every time you load a new capture file into ethereal or when
cleared and reset everytime wireshark is resetting all SEasonal storage,
that is every time you load a new capture file into wireshark or when
you rescan the entire capture file from scratch.
Name is just a literal text string and serves no other purpose than making
@ -58,7 +58,7 @@ void proto_register_...(void) {
}
That is how easy it is to create a binary tree. You only need to create it once
when ethereal starts and the tree will remain there until you exit ethereal.
when wireshark starts and the tree will remain there until you exit wireshark.
Everytime a new capture is loaded, all nodes allocated to the tree is
automatically and the tree is reset without you having to do anything at all.
@ -89,7 +89,7 @@ This is very neat and makes real difficult to have memory leaks in your code.
NOTE: When you insert items in the tree, it is very likely that you only
want to add any data to the tree during the very first time you process
a particular packet.
Ethereal may reprocess the same packet multiple times afterwards by the user
Wireshark may reprocess the same packet multiple times afterwards by the user
clicking on the packet or for other reasons.
You probably DO want to protect the insert call within an if statement such
as
@ -175,7 +175,7 @@ until an array element where length==0 is found indicating the end of the
array.
NOTE: you MUST terminate the se_tree_key_t array by {0, NULL}
If you forget to do this ethereal will immediately crash.
If you forget to do this wireshark will immediately crash.
NOTE: length indicates the number of guint32 values in the vector, not number
of bytes.

2
doc/README.capture
View File

@ -3,7 +3,7 @@ $Id$
This document is an attempt, to bring some light to the things done, when
packet capturing is performed. There might be things missing, and others
maybe wrong :-( The following will concentrate a bit on the win32 gtk
port of ethereal.
port of wireshark.
XXX: when ongoing file reorganisation will be completed, the following

12
doc/README.design
View File

@ -1,21 +1,21 @@
$Id$
Unfortunately, the closest thing to a design document is the
"README.developer" document in the "doc" directory of the Ethereal
"README.developer" document in the "doc" directory of the Wireshark
source tree; however, although that's useful for people adding new
protocol dissectors to Ethereal, it doesn't describe the operations of
the "core" of Ethereal.
protocol dissectors to Wireshark, it doesn't describe the operations of
the "core" of Wireshark.
We have no document describing that; however, a quick summary of the
part of the code you'd probably be working with is:
for every capture file that Ethereal has open, there's a
"capture_file" structure - Ethereal currently supports only one
for every capture file that Wireshark has open, there's a
"capture_file" structure - Wireshark currently supports only one
open capture file at a time, and that structure is named
"cfile" (see the "file.h" header file);
that structure has a member "plist", which points to a
"frame_data" structure - every link-layer frame that Ethereal
"frame_data" structure - every link-layer frame that Wireshark
has read in has a "frame_data" structure (see the
"epan/packet.h" header file), the "plist" member of "cfile"
points to the first frame, and each frame has a "next" member

76
doc/README.developer
View File

@ -1,7 +1,7 @@
$Id$
This file is a HOWTO for Wireshark developers. It describes how to start coding
a Ethereal protocol dissector and the use some of the important functions and
a Wireshark protocol dissector and the use some of the important functions and
variables.
1. Setting up your protocol dissector code.
@ -14,12 +14,12 @@ add to the protocol tree, and work with registered header fields.
1.1.1 Portability.
Ethereal runs on many platforms, and can be compiled with a number of
Wireshark runs on many platforms, and can be compiled with a number of
different compilers; here are some rules for writing code that will work
on multiple platforms.
Don't use C++-style comments (comments beginning with "//" and running
to the end of the line); Ethereal's dissectors are written in C, and
to the end of the line); Wireshark's dissectors are written in C, and
thus run through C rather than C++ compilers, and not all C compilers
support C++-style comments (GCC does, but IBM's C compiler for AIX, for
example, doesn't do so by default).
@ -154,14 +154,14 @@ you might be able to get away with not including the appropriate header
file on your platform but that might not work on other platforms.
Instead, use "g_ntohs()", "g_ntohl()", "g_htons()", and "g_htonl()";
those are declared by <glib.h>, and you'll need to include that anyway,
as Ethereal header files that all dissectors must include use stuff from
as Wireshark header files that all dissectors must include use stuff from
<glib.h>.
Don't fetch a little-endian value using "tvb_get_ntohs() or
"tvb_get_ntohl()" and then using "g_ntohs()", "g_htons()", "g_ntohl()",
or "g_htonl()" on the resulting value - the g_ routines in question
convert between network byte order (big-endian) and *host* byte order,
not *little-endian* byte order; not all machines on which Ethereal runs
not *little-endian* byte order; not all machines on which Wireshark runs
are little-endian, even though PC's are. Fetch those values using
"tvb_get_letohs()" and "tvb_get_letohl()".
@ -280,7 +280,7 @@ snprintf() is not available on all platforms, so it's a good idea to use the
g_snprintf() function declared by <glib.h> instead.
tmpnam() -> mkstemp()
tmpnam is insecure and should not be used any more. Ethereal brings its
tmpnam is insecure and should not be used any more. Wireshark brings its
own mkstemp implementation for use on platforms that lack mkstemp.
Note: mkstemp does not accept NULL as a parameter.
@ -295,7 +295,7 @@ cause a trap, which will, at best, result in the OS slowly performing an
unaligned access for you, and will, on at least some platforms, cause
the program to be terminated.
Ethereal supports both platforms with GLib 1.2[.x]/GTK+ 1.2[.x] and GLib
Wireshark supports both platforms with GLib 1.2[.x]/GTK+ 1.2[.x] and GLib
2.x/GTK+ 1.3[.x] and 2.x. If at all possible, either use only
mechanisms that are present in GLib 1.2[.x] and GTK+ 1.2[.x], use #if's
to conditionally use older or newer mechanisms depending on the platform
@ -406,7 +406,7 @@ the chunk of memory is derived from a size field in the packet, make
sure all the data is present in the packet before allocating the buffer.
Doing so means that
1) Ethereal won't leak that chunk of memory if an attempt to
1) Wireshark won't leak that chunk of memory if an attempt to
fetch data not present in the packet throws an exception
and
@ -426,7 +426,7 @@ from the buffer, and the string has a specified size, you can use
string is present before allocating a buffer for the string, and will also
put a trailing '\0' at the end of the buffer. The resulting string will be
a sequence of single-byte characters; the only Unicode characters that
will be handled correctly are those in the ASCII range. (Ethereal's
will be handled correctly are those in the ASCII range. (Wireshark's
ability to handle non-ASCII strings is limited; it needs to be
improved.)
@ -447,7 +447,7 @@ buffer are fetched ("the protocol ensures" isn't good enough, as
protocol specifications can't ensure only packets that conform to the
specification will be transmitted or that only packets for the protocol
in question will be interpreted as packets for that protocol by
Ethereal). If there's no maximum length of string data to be fetched,
Wireshark). If there's no maximum length of string data to be fetched,
routines such as "tvb_get_*_string()" are safer, as they allocate a buffer
large enough to hold the string. (Note that some variants of this call
require you to free the string once you're finished with it.)
@ -496,8 +496,8 @@ much better to use the g_snprintf() function declared by <glib.h> instead.
You should test your dissector against incorrectly-formed packets. This
can be done using the randpkt and editcap utilities that come with the
Ethereal distribution. Testing using randpkt can be done by generating
output at the same layer as your protocol, and forcing Ethereal/TShark
Wireshark distribution. Testing using randpkt can be done by generating
output at the same layer as your protocol, and forcing Wireshark/TShark
to decode it as your protocol, e.g. if your protocol sits on top of UDP:
randpkt -c 50000 -t dns randpkt.pcap
@ -511,7 +511,7 @@ Testing using editcap can be done using preexisting capture files and the
1.1.4 Name convention.
Ethereal uses the underscore_convention rather than the InterCapConvention for
Wireshark uses the underscore_convention rather than the InterCapConvention for
function names, so new code should probably use underscores rather than
intercaps for functions and variable names. This is especially important if you
are writing code that will be called from outside your code. We are just
@ -533,7 +533,7 @@ existing file.
1.2 Skeleton code.
Ethereal requires certain things when setting up a protocol dissector.
Wireshark requires certain things when setting up a protocol dissector.
Below is skeleton code for a dissector that you can copy to a file and
fill in. Your dissector should follow the naming convention of packet-
followed by the abbreviated name for the protocol. It is recommended
@ -692,14 +692,14 @@ dissect_PROTOABBREV(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
In this mode, Wireshark is only interested in the way protocols
interact, protocol conversations are created, packets are reassembled
and handed over to higher-level protocol dissectors.
In this mode Ethereal does not build a so-called "protocol tree".
In this mode Wireshark does not build a so-called "protocol tree".
(b) Detailed dissection
In this mode, Wireshark is also interested in all details of a given
protocol, so a "protocol tree" is created.
Ethereal distinguishes between the 2 modes with the proto_tree pointer:
Wireshark distinguishes between the 2 modes with the proto_tree pointer:
(a) <=> tree == NULL
(b) <=> tree != NULL
@ -751,7 +751,7 @@ dissect_PROTOABBREV(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
}
/* Register the protocol with Ethereal */
/* Register the protocol with Wireshark */
/* this format is require because a script is used to build the C function
that calls all the protocol registration.
@ -1227,7 +1227,7 @@ registration of protocols and fields at run-time, loadable modules of
protocol dissectors (perhaps even user-supplied) is feasible.
To do this, each protocol should have a register routine, which will be
called when Ethereal starts. The code to call the register routines is
called when Wireshark starts. The code to call the register routines is
generated automatically; to arrange that a protocol's register routine
be called at startup:
@ -1463,7 +1463,7 @@ field would be set to NULL.
FT_BOOLEANS have a default map of 0 = "False", 1 (or anything else) = "True".
Sometimes it is useful to change the labels for boolean values (e.g.,
to "Yes"/"No", "Fast"/"Slow", etc.). For these mappings, a struct called
true_false_string is used. (This struct is new as of Ethereal 0.7.6).
true_false_string is used. (This struct is new as of Wireshark 0.7.6).
typedef struct true_false_string {
char *true_string;
@ -1546,7 +1546,7 @@ Also be sure to use the handy array_length() macro found in packet.h
to have the compiler compute the array length for you at compile time.
If you don't have any fields to register, do *NOT* create a zero-length
"hf" array; not all compilers used to compile Ethereal support them.
"hf" array; not all compilers used to compile Wireshark support them.
Just omit the "hf" array, and the "proto_register_field_array()" call,
entirely.
@ -1918,7 +1918,7 @@ The final implication of this is that display filters work the way you'd
naturally expect them to. You'd type "sna.th.fid == 0xf" to find Adjacent
Subarea Nodes. The user does not have to shift the value of the FID to
the high nibble of the byte ("sna.th.fid == 0xf0") as was necessary
before Ethereal 0.7.6.
before Wireshark 0.7.6.
proto_tree_add_item_hidden()
----------------------------
@ -2146,9 +2146,9 @@ proto_tree_add_text()
proto_tree_add_text() is used to add a label to the GUI tree. It will
contain no value, so it is not searchable in the display filter process.
This function was needed in the transition from the old-style proto_tree
to this new-style proto_tree so that Ethereal would still decode all
to this new-style proto_tree so that Wireshark would still decode all
protocols w/o being able to filter on all protocols and fields.
Otherwise we would have had to cripple Ethereal's functionality while we
Otherwise we would have had to cripple Wireshark's functionality while we
converted all the old-style proto_tree calls to the new-style proto_tree
calls.
@ -2306,7 +2306,7 @@ dissect_ipx(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1.9 Editing Makefile.common to add your dissector.
To arrange that your dissector will be built as part of Ethereal, you
To arrange that your dissector will be built as part of Wireshark, you
must add the name of the source file for your dissector to the
'DISSECTOR_SRC' macro in the 'Makefile.common' file in the 'epan/dissectors'
directory. (Note that this is for modern versions of UNIX, so there
@ -2321,31 +2321,31 @@ compile).
1.10 Using the SVN source code tree.
See <http://www.ethereal.com/development.html#source>
See <http://www.wireshark.org/development.html#source>
1.11 Submitting code for your new dissector.
- TEST YOUR DISSECTOR BEFORE SUBMITTING IT.
Use fuzz-test.sh and/or randpkt against your dissector. These are
described at <http://wiki.ethereal.com/FuzzTesting>.
described at <http://wiki.wireshark.org/FuzzTesting>.
- Subscribe to <mailto:ethereal-dev@ethereal.com> by sending an email to
<mailto:ethereal-dev-request@ethereal.com?body="help"> or visiting
<http://www.ethereal.com/lists/>.
- Subscribe to <mailto:wireshark-dev@wireshark.org> by sending an email to
<mailto:wireshark-dev-request@wireshark.org?body="help"> or visiting
<http://www.wireshark.org/lists/>.
- 'svn add' all the files of your new dissector.
- 'svn diff' the workspace and save the result to a file.
- Send the diff file along with a note requesting it's inclusion to
<mailto:ethereal-dev@ethereal.com>. You can also use this procedure for
providing patches to your dissector or any other part of ethereal.
<mailto:wireshark-dev@wireshark.org>. You can also use this procedure for
providing patches to your dissector or any other part of wireshark.
- If possible, add sample capture files to the sample captures page at
<http://wiki.ethereal.com/SampleCaptures>. These files are used by
<http://wiki.wireshark.org/SampleCaptures>. These files are used by
the automated build system for fuzz testing.
- If you find that you are contributing a lot to ethereal on an ongoing
- If you find that you are contributing a lot to wireshark on an ongoing
basis you can request to become a committer which will allow you to
commit files to subversion directly.
@ -2355,7 +2355,7 @@ compile).
2.2 Following "conversations".
In ethereal a conversation is defined as a series of data packet between two
In wireshark a conversation is defined as a series of data packet between two
address:port combinations. A conversation is not sensitive to the direction of
the packet. The same conversation will be returned for a packet bound from
ServerA:1000 to ClientA:2000 and the packet from ClientA:2000 to ServerA:1000.
@ -2811,8 +2811,8 @@ conversation already exists or not and if it exists we also check whether the
registered dissector_handle for that conversation is "our" dissector or not.
If not we create a new conversation ontop of the previous one and set this new
conversation to use our protocol.
Since ethereal keeps track of the frame number where a conversation started
ethereal will still be able to keep the packets apart eventhough they do use
Since wireshark keeps track of the frame number where a conversation started
wireshark will still be able to keep the packets apart eventhough they do use
the same socketpair.
(See packet-tftp.c and packet-snmp.c for examples of this)
@ -3064,9 +3064,9 @@ how many bytes it will need to read in order to determine the size of a PDU.
For this mode it is reccommended that your dissector be the newer dissector
type which returns "int" rather than the older type which returned "void".
This reassembly mode relies on Ethereal's mechanism for processing multiple PDUs
This reassembly mode relies on Wireshark's mechanism for processing multiple PDUs
per frame. When a dissector processes a PDU from a tvbuff the PDU may not be
aligned to a frame of the underlying protocol. Ethereal allows dissectors to
aligned to a frame of the underlying protocol. Wireshark allows dissectors to
process PDUs in an idempotent way--dissectors only need to consider one PDU at a
time. If your dissector discovers that it can not process a complete PDU from
the current tvbuff the dissector should halt processing and request additional

28
doc/README.idl2wrs
View File

@ -9,7 +9,7 @@ What is it ?
As you have probably guessed from the name, "idl2wrs" takes a
user specified IDL file and attempts to build a dissector that
can decode the IDL traffic over GIOP. The resulting file is
"C" code, that should compile okay as an ethereal dissector.
"C" code, that should compile okay as an wireshark dissector.
idl2wrs basically parses the data struct given to it by
the omniidl compiler, and using the GIOP API available in packet-giop.[ch],
@ -18,8 +18,8 @@ generates get_CDR_xxx calls to decode the CORBA traffic on the wire.
It consists of 4 main files.
README.idl2wrs - This document
ethereal_be.py - The main compiler backend
ethereal_gen.py - A helper class, that generates the C code.
wireshark_be.py - The main compiler backend
wireshark_gen.py - A helper class, that generates the C code.
idl2wrs - A simple shell script wrapper that the end user should
use to generate the dissector from the IDL file(s).
@ -37,13 +37,13 @@ a CORBA class when teaching students how CORBA traffic looks like
"on the wire".
It is also COOL to work on a great Open Source project such as
the case with "Ethereal" (http://www.ethereal.com)
the case with "Wireshark" (http://www.wireshark.org)
How to use idl2wrs
==================
To use the idl2wrs to generate ethereal dissectors, you
To use the idl2wrs to generate wireshark dissectors, you
need the following.
@ -53,9 +53,9 @@ need the following.
2. omniidl from the the omniORB package must be available.
http://omniorb.sourceforge.net/
3 Of course you need ethereal installed to compile the
3 Of course you need wireshark installed to compile the
code an tweak it if required. idl2wrs is part of the
standard Ethereal distribution
standard Wireshark distribution
Procedure
@ -81,23 +81,23 @@ steps 3 or 4 instead.
3. To write the C code to stdout.
Usage: omniidl -p ./ -b ethereal_be <your file.idl>
Usage: omniidl -p ./ -b wireshark_be <your file.idl>
eg: omniidl -p ./ -b ethereal_be echo.idl
eg: omniidl -p ./ -b wireshark_be echo.idl
4. To write to a file, just redirect the output.
omniidl -p ./ -b ethereal_be echo.idl > packet-test-idl.c
omniidl -p ./ -b wireshark_be echo.idl > packet-test-idl.c
You may wish to comment out the register_giop_user_module() code
and that will leave you with heuristic dissection.
5. Copy the resulting C code to your ethereal src directory, edit the 2 make files
5. Copy the resulting C code to your wireshark src directory, edit the 2 make files
to include the packet-test-idl.c
cp packet-test-idl.c /dir/where/ethereal/lives/
cp packet-test-idl.c /dir/where/wireshark/lives/
edit Makefile.am
edit Makefile.nmake
@ -130,8 +130,8 @@ See TODO list inside packet-giop.c
Notes
=====
1. The "-p ./" option passed to omniidl indicates that the ethereal_be.py
and ethereal_gen.py are residing in the current directory. This may need
1. The "-p ./" option passed to omniidl indicates that the wireshark_be.py
and wireshark_gen.py are residing in the current directory. This may need
tweaking if you place these files somewhere else.
2. If it complains about being unable to find some modules (eg tempfile.py),

4
doc/README.malloc
View File

@ -3,7 +3,7 @@ $Id$
1. Introduction
In order to make memory management easier and to reduce the probability of
memory leaks ethereal provides its own memory management API. This API is
memory leaks wireshark provides its own memory management API. This API is
implemented inside epan/emem.c and provides memory allocation functions
where the allocated memory is automatically freed at certain points.
@ -32,7 +32,7 @@ where the data is to still be available in some later packet.
The seasonal functions allocate memory that will stay around a lot longer
but will be automatically freed once the current capture is closed and
Ethereal opens a new capture (either by reading a new capture file or by
Wireshark opens a new capture (either by reading a new capture file or by
starting a new capture on some interface). These functions are useful for
allocations with longer scope for example if you need some buffers or data to
keep state between packets.

21
doc/README.packaging
View File

@ -1,32 +1,31 @@
Here's a brief list of information that might be useful to anyone
distributing a software package containing Ethereal:
distributing a software package containing Wireshark:
1. The canonical location for every Ethereal source release is
1. The canonical location for every Wireshark source release is
http://www.ethereal.com/distribution/all-versions/, e.g.
http://www.wireshark.org/download/all-versions/, e.g.
http://www.ethereal.com/distribution/all-versions/ethereal-0.55.71.tar.bz2
http://www.wireshark.org/download/all-versions/wireshark-0.55.71.tar.bz2
If your packaging system downloads a copy of the Wireshark sources,
use this location.
2. The Wireshark web site URL is http://www.ethereal.com/ .
2. The Wireshark web site URL is http://www.wireshark.org/ .
3. Wireshark is released under the GNU General Public License. Make sure
your package complies with this license, or we send in the marmots.
4. Ethereal and the "e" logo are registered trademarks of Ethereal, Inc.
4. Wireshark and the "e" logo are registered trademarks of Wireshark, Inc.
5. Custom version information can be added by creating a file called
"version.conf". See make-version.pl for details. We recommend that
you use this to differentiate your package from official Ethereal
you use this to differentiate your package from official Wireshark
releases.
6. Ethereal icons can be found in the "image" directory of the Wireshark
sources. Larger versions of the logo can be found at
http://www.ethereal.com/~gerald/ethereal_logo/povray/ .
6. Wireshark icons and logoscan be found in the "image" directory of the
Wireshark sources.
If you have a question not addressed here, send it to
ethereal-dev@ethereal.com.
wireshark-dev@wireshark.org.
$Id$

10
doc/README.plugins
View File

@ -7,7 +7,7 @@ standard one. In fact all of the functions described in
README.developer can be used in the plugins exactly as the are used in
standard dissectors.
(Note, however, that not all OSes on which Ethereal runs can support
(Note, however, that not all OSes on which Wireshark runs can support
plugins.)
If you've chosen "xxx" as the name of your plugin (typically, that would
@ -68,7 +68,7 @@ information for the plugin. An example follows:
/* Version number of package */
#define VERSION "0.0.8"
3. Changes to existing Ethereal files
3. Changes to existing Wireshark files
You will also need to change the plugins/Makefile.am toplevel
Makefile.am, the plugins/Makefile.nmake toplevel Makefile.nmake, the
@ -175,7 +175,7 @@ AC_OUTPUT(
packaging/Makefile
packaging/nsis/Makefile
packaging/rpm/Makefile
packaging/rpm/ethereal.spec
packaging/rpm/wireshark.spec
packaging/svr4/Makefile
packaging/svr4/checkinstall
packaging/svr4/pkginfo
@ -194,13 +194,13 @@ Plugins make some aspects of development easier and some harder.
The good news is that if you are working on a single plugin
then you will find recompiling the plugin MUCH faster than
recompiling a dissector and then linking it back into ethereal.
recompiling a dissector and then linking it back into wireshark.
The bad news is that wireshark will not use the plugin unless the
plugin is installed in one of the places it expects to look.
One way to deal with this problem is to set up a working root for
ethereal, say in $HOME/build/root and build ethereal to install
wireshark, say in $HOME/build/root and build wireshark to install
there
./configure --prefix=${HOME}/build/root;make install

6
doc/README.regression
View File

@ -1,10 +1,10 @@
#
# Ethereal/TShark Regression Testing
# Wireshark/TShark Regression Testing
#
# $Id$
#
# This is a sample Makefile for regression testing of the
# Ethereal engine. These tests use that uses 'tshark -V' to analyze all
# Wireshark engine. These tests use that uses 'tshark -V' to analyze all
# the frames of a capture file.
#
# You should probably rename this file as 'Makefile' in a separate directory
@ -33,7 +33,7 @@
# 'make accept' Accept current tests; make them the reference test results
# 'make clean' Cleans any tests (but not references!)
TSHARK=/home/gram/prj/ethereal/debug/linux-ix86/tshark
TSHARK=/home/gram/prj/wireshark/debug/linux-ix86/tshark
CAPTURE_DIR=/home/gram/prj/sniff

6
doc/README.stats_tree
View File

@ -4,9 +4,9 @@ tapping with stats_tree
Let's suppose that you want to write a tap only to keep counters, and you
don't want to get involved with GUI programming or maybe you'd like to make
it a plugin. A stats_tree might be the way to go. The stats_tree module takes
care of the representation (GUI for ethereal and text for tshark) of the
care of the representation (GUI for wireshark and text for tshark) of the
tap data. So there's very little code to write to make a tap listener usable
from both ethereal and tshark.
from both wireshark and tshark.
First, you should add the TAP to the dissector in question as described in
README.tapping .
@ -31,7 +31,7 @@ Other than that the stats_tree should be registered.
If you want to make it a plugin, stats_tree_register() should be called by
plugin_register_tap_listener() read README.plugin for other information
regarding ethereal plugins.
regarding wireshark plugins.
If you want it as part of the dissector stats_tree_register() can be called
either by proto_register_xxx() or if you prefer by proto_reg_handoff_xxx().

22
doc/README.tapping
View File

@ -2,12 +2,12 @@ $Id$
The TAP system in wireshark is a powerful and flexible mechanism to get event
driven notification on packets matching certain protocols and/or filters.
In order to use the tapping system, very little knowledge of ethereal
In order to use the tapping system, very little knowledge of wireshark
internals are required.
As examples on how to use the tap system see the implementation of
tap-rpcstat.c (tshark version)
gtk/gtk-rpcstat.c (gtk-ethereal version)
gtk/gtk-rpcstat.c (gtk-wireshark version)
If all you need is to keep some counters, there's the stats_tree API,
which offers a simple way to make a GUI and tshark tap-listener; see
@ -100,13 +100,13 @@ matched the filter to your listener.
The syntax for the filter string is identical to normal display filters.
NOTE: Specifying filter strings will have a significant performance impact
on your application and ethereal. If possible it is MUCH better to take
on your application and wireshark. If possible it is MUCH better to take
unfiltered data and just filter it yourself in the packet-callback than
to specify a filter string.
ONLY use a filter string if no other option exist.
void (*reset)(void *tapdata)
This callback is called whenever ethereal wants to inform your
This callback is called whenever wireshark wants to inform your
listener that it is about to start [re]reading a capture file or a new capture
from an interface and that your application should reset any state it has
in the *tapdata instance.
@ -125,10 +125,10 @@ or GUI updates down in (*draw) instead.
void (*draw)(void *tapdata)
This callback is used when ethereal wants your application to redraw its
This callback is used when wireshark wants your application to redraw its
output. It will usually not be called unless your application has received
new data through the (*packet) callback.
On some ports of ethereal (gtk2) (*draw) will be called asynchronously
On some ports of wireshark (gtk2) (*draw) will be called asynchronously
from a separate thread up to once every 2-3 seconds.
On other ports it might only be called once when the capture is finished
or the file has been [re]read completely.
@ -140,14 +140,14 @@ So, create three callbacks:
2, packet to update these state variables.
3, draw to take these state variables and draw them on the screen.
then just make ethereal call register_tap_listener() when you want to tap
then just make wireshark call register_tap_listener() when you want to tap
and call remove_tap_listener() when you are finished.
WHEN DO TAP LISTENERS GET CALLED?
===================================
Tap listeners are only called when ethereal reads a new capture for
the first time or whenever ethereal needs to rescan/redissect
Tap listeners are only called when wireshark reads a new capture for
the first time or whenever wireshark needs to rescan/redissect
the capture.
Redissection occurs when you apply a new display filter or if you
change and Save/Apply a preference setting that might affect how
@ -158,7 +158,7 @@ to receive tap data during the dissection of the frame will be called in
sequence.
The order of which the tap listeners will be called is not defined.
Not until all tap listeners for the frame has been called and returned
will ethereal continue to dissect the next packet.
will wireshark continue to dissect the next packet.
This is why it is important to make the *_packet() callbacks execute as
quickly as possible, else we create an extra delay until the next packet
is dissected.
@ -204,7 +204,7 @@ Well, try this :
register_tap_listener("tcp", struct, "tcp.port==57", NULL, packet, NULL);
Let struct contain an email address?
Then you have something simple that will make ethereal send an email
Then you have something simple that will make wireshark send an email
out automagically for each and every time it dissects
a packet containing TCP traffic to port 57.
Please put in some rate limitation if you do this.

26
doc/README.xml-output
View File

@ -4,7 +4,7 @@ $Id$
Copyright (c) 2003 by Gilbert Ramirez <gram@alumni.rice.edu>
Ethereal has the ability to export its protocol dissection in an
Wireshark has the ability to export its protocol dissection in an
XML format, tshark has similar functionality by using the "-Tpdml"
option.
@ -17,7 +17,7 @@ http://analyzer.polito.it/30alpha/docs/dissectors/PDMLSpec.htm
A related XML format, the Packet Summary Markup Language (PSML), is
also defined by the Analyzer group to provide packet summary information.
The PSML format is not documented in a publicly-available HTML document,
but its format is simple. Ethereal can export this format too. Some day it
but its format is simple. Wireshark can export this format too. Some day it
may be added to tshark so that "-Tpsml" would produce PSML.
One wonders if the "-T" option should read "-Txml" instead of "-Tpdml"
@ -31,7 +31,7 @@ The PDML that wireshark produces is known not to be loadable into Analyzer.
It causes Analyzer to crash. As such, the PDML that wireshark produces
is be labled with a version number of "0", which means that the PDML does
not fully follow the PDML spec. Furthemore, a creator attribute in the
"<pdml>" tag gives the version number of [t]ethereal that produced the PDML.
"<pdml>" tag gives the version number of wireshark/tshark that produced the PDML.
In that way, as the PDML produced by wireshark matures, but still does not
meet the PDML spec, scripts can make intelligent decisions about how to
best parse the PDML, based on the "creator" attribute.
@ -43,17 +43,17 @@ A protocol might contain one or more fields, denoted by the "<field>" tag.
A pseudo-protocol named "geninfo" is produced, as is required by the PDML
spec, and exported as the first protocol after the opening "<packet>" tag.
Its information comes from ethereal's "frame" protocol, which servers
Its information comes from wireshark's "frame" protocol, which servers
the similar purpose of storing packet meta-data. Both "geninfo" and
"frame" protocols are provided in the PDML output.
The "<pdml>" tag
================
Example:
<pdml version="0" creator="ethereal/0.9.17">
<pdml version="0" creator="wireshark/0.9.17">
The creator is "ethereal" (i.e., the "ethereal" engine. It will always say
"ethereal", not "tshark") version 0.9.17.
The creator is "wireshark" (i.e., the "wireshark" engine. It will always say
"wireshark", not "tshark") version 0.9.17.
The "<proto>" tag
@ -135,7 +135,7 @@ In PDML, the "Data" protocol would become another field under HTTP:
tools/EtherealXML.py
tools/WiresharkXML.py
====================
This is a python module which provides some infrastructor for
Python developers who wish to parse PDML. It is designed to read
@ -146,20 +146,20 @@ The python user should import the module, define a callback function
which accepts one argument, and call the parse_fh function:
------------------------------------------------------------
import EtherealXML
import WiresharkXML
def my_callback(packet):
# do something
fh = open(xml_filename)
EtherealXML.parse_fh(fh, my_callback)
WiresharkXML.parse_fh(fh, my_callback)
# Now that the script has the packet data, do someting.
------------------------------------------------------------
The object that is passed to the callback function is an
EtherealXML.Packet object, which corresponds to a single packet.
EtherealXML Provides 3 classes, each of which corresponds to a PDML tag:
WiresharkXML.Packet object, which corresponds to a single packet.
WiresharkXML Provides 3 classes, each of which corresponds to a PDML tag:
Packet - "<packet>" tag
Protocol - "<proto>" tag
@ -196,7 +196,7 @@ the PDML output of tshark, pass a read filter with "-R" to tshark to
try to reduce as much as possible the number of packets coming out of tshark.
The less your script has to process, the faster it will be.
'tools/msnchat' is a sample Python program that uses EtherealXML to parse PDML.
'tools/msnchat' is a sample Python program that uses WiresharkXML to parse PDML.
Given one or more capture files, it runs tshark on each of them, providing
a read filter to reduce tshark's output. It finds MSN Chat conversations
in the capture file and produces nice HTML showing the conversations. It has

16
doc/capinfos.pod
View File

@ -30,11 +30,11 @@ corresponding to the statistic. If no flags are specified, B<Capinfos>
will report all statistics available.
B<Capinfos> is able to detect and read the same capture files that are
supported by B<Ethereal>.
supported by B<Wireshark>.
The input files don't need a specific filename extension, the file
format and an optional gzip compression will be automatically detected.
The I<capture file format> section of I<ethereal(1)> or
I<http://www.ethereal.com/docs/man-pages/ethereal.1.html>
The I<capture file format> section of I<wireshark(1)> or
I<http://www.wireshark.org/docs/man-pages/wireshark.1.html>
provides a detailed description.
=head1 OPTIONS
@ -106,15 +106,15 @@ Prints the help listing and exits.
=head1 SEE ALSO
I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)>, I<editcap(1)>, I<tshark(1)>
I<tcpdump(8)>, I<pcap(3)>, I<wireshark(1)>, I<mergecap(1)>, I<editcap(1)>, I<tshark(1)>
=head1 NOTES
B<Capinfos> is part of the B<Ethereal> distribution. The latest version
of B<Ethereal> can be found at B<http://www.ethereal.com>.
B<Capinfos> is part of the B<Wireshark> distribution. The latest version
of B<Wireshark> can be found at B<http://www.wireshark.org>.
HTML versions of the Wireshark project man pages are available at:
http://www.ethereal.com/docs/man-pages
http://www.wireshark.org/docs/man-pages
=head1 AUTHORS
@ -125,4 +125,4 @@ http://www.ethereal.com/docs/man-pages
Contributors
------------
Gerald Combs <gerald[AT]ethereal.com>
Gerald Combs <gerald[AT]wireshark.org>

4
doc/dfilter2pod.pl
View File

@ -1,10 +1,10 @@
#!/usr/bin/perl
#
# Reads the display filter keyword dump produced by 'ethereal -G' and
# Reads the display filter keyword dump produced by 'wireshark -G' and
# formats it for a pod document. The pod document is then used to
# make a manpage
#
# STDIN is the ethereal glossary
# STDIN is the wireshark glossary
# arg1 is the pod template file. The =insert_dfilter_table token
# will be replaced by the pod-formatted glossary
# STDOUT is the output

14
doc/dumpcap.pod
View File

@ -26,7 +26,7 @@ S<[ B<-y> E<lt>capture link typeE<gt> ]>
B<Dumpcap> is a network traffic dump tool. It lets you capture packet
data from a live network and write the packets to a file. B<Dumpcap>'s
native capture file format is B<libpcap> format, which is also the format
used by B<Ethereal>, B<tcpdump> and various other tools.
used by B<Wireshark>, B<tcpdump> and various other tools.
Without any options set it will
use the pcap library to capture traffic from the first available network
@ -198,18 +198,18 @@ See the manual page of I<tcpdump(8)>.
=head1 SEE ALSO
I<ethereal(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
I<wireshark(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
=head1 NOTES
B<Dumpcap> is part of the B<Ethereal> distribution. The latest version
of B<Ethereal> can be found at B<http://www.ethereal.com>.
B<Dumpcap> is part of the B<Wireshark> distribution. The latest version
of B<Wireshark> can be found at B<http://www.wireshark.org>.
HTML versions of the Wireshark project man pages are available at:
http://www.ethereal.com/docs/man-pages
http://www.wireshark.org/docs/man-pages
=head1 AUTHORS
B<Dumpcap> is derived from the B<Ethereal> capturing engine code;
B<Dumpcap> is derived from the B<Wireshark> capturing engine code;
see the list of
authors in the B<Ethereal> man page for a list of authors of that code.
authors in the B<Wireshark> man page for a list of authors of that code.

14
doc/editcap.pod
View File

@ -40,11 +40,11 @@ If the B<-r> flag is specified, the whole packet selection is reversed;
in that case I<only> the selected packets will be written to the capture file.
B<Editcap> is able to detect, read and write the same capture files that
are supported by B<Ethereal>.
are supported by B<Wireshark>.
The input file doesn't need a specific filename extension, the file
format and an optional gzip compression will be automatically detected.
The I<capture file format> section of I<ethereal(1)> or
I<http://www.ethereal.com/docs/man-pages/ethereal.1.html>
The I<capture file format> section of I<wireshark(1)> or
I<http://www.wireshark.org/docs/man-pages/wireshark.1.html>
provides a detailed description.
B<Editcap> can write the file in several output formats. The B<-F>
@ -199,15 +199,15 @@ To introduce 5% random errors in a capture file use:
=head1 SEE ALSO
I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)>
I<tcpdump(8)>, I<pcap(3)>, I<wireshark(1)>, I<mergecap(1)>
=head1 NOTES
B<Editcap> is part of the B<Ethereal> distribution. The latest version
of B<Ethereal> can be found at B<http://www.ethereal.com>.
B<Editcap> is part of the B<Wireshark> distribution. The latest version
of B<Wireshark> can be found at B<http://www.wireshark.org>.
HTML versions of the Wireshark project man pages are available at:
http://www.ethereal.com/docs/man-pages
http://www.wireshark.org/docs/man-pages
=head1 AUTHORS

6
doc/eproto2sgml
View File

@ -1,9 +1,9 @@
#!/usr/bin/perl
#
# Reads the display filter keyword dump produced by 'ethereal -G' and
# Reads the display filter keyword dump produced by 'wireshark -G' and
# formats it as an SGML bulleted list of protocols.
#
# STDIN is the ethereal glossary
# STDIN is the wireshark glossary
# arg1 is the pod template file. The =insert_dfilter_table token
# will be replaced by the pod-formatted glossary
# STDOUT is the output
@ -53,7 +53,7 @@ close(TEMPLATE) || die "Can't close $template: $!\n";
sub create_dfilter_table {
print "<itemizedlist id=\"EtherealListOfProtos\">\n";
print "<itemizedlist id=\"WiresharkListOfProtos\">\n";
# Print each protocol
for $proto_name (sort keys %proto_abbrev) {

22
doc/idl2wrs.pod
View File

@ -1,7 +1,7 @@
=head1 NAME
idl2wrs - CORBA IDL to Ethereal Plugin Generator
idl2wrs - CORBA IDL to Wireshark Plugin Generator
=head1 SYNOPSYS
@ -10,9 +10,9 @@ B<idl2wrs> filename
=head1 DESCRIPTION
B<idl2wrs> is a program that takes a user specified B<CORBA IDL>
file and generates B<"C"> source code for an B<Ethereal> "plugin".
file and generates B<"C"> source code for an B<Wireshark> "plugin".
This resulting file can be compiled as an B<Ethereal> plugin, and
This resulting file can be compiled as an B<Wireshark> plugin, and
used to monitor B<GIOP/IIOP> traffic that is using this IDL.
B<idl2wrs> is actually a shell script wrapper for two B<Python> programs.
@ -21,9 +21,9 @@ These programs are:
=over 4
B<ethereal_be.py> - Contains the main IDL Visitor Class
B<wireshark_be.py> - Contains the main IDL Visitor Class
B<ethereal_gen.py> - Contains the Source Code Generator Class
B<wireshark_gen.py> - Contains the Source Code Generator Class
=back
@ -55,12 +55,12 @@ Currently there are no options. B<idl2wrs> can be invoked as follows.
=head1 ENVIRONMENT
B<idl2wrs> will look for B<ethereal_be.py> and B<ethereal_gen.py> in
B<idl2wrs> will look for B<wireshark_be.py> and B<wireshark_gen.py> in
B<$PYTHONPATH/site-packages/> and if not found, will try the current
directory B<./>
The B<-p> option passed to omniidl (inside B<idl2wrs>) indicates where
B<ethereal_be.py> and B<ethereal_gen.py> will be searched. This may
B<wireshark_be.py> and B<wireshark_gen.py> will be searched. This may
need tweaking if you place these files somewhere else.
If it complains about being unable to find some modules (eg tempfile.py),
@ -71,14 +71,14 @@ eg: PYTHONPATH=/usr/lib/python1.5/
=head1 SEE ALSO
I<ethereal(1)>
I<wireshark(1)>
=head1 NOTES
B<idl2wrs> (including B<ethereal_be.py> and B<ethereal_gen.py>) are part of
the B<Ethereal> distribution. The latest version of B<Ethereal> can
be found at B<http://www.ethereal.com>.
B<idl2wrs> (including B<wireshark_be.py> and B<wireshark_gen.py>) are part of
the B<Wireshark> distribution. The latest version of B<Wireshark> can
be found at B<http://www.wireshark.org>.
B<idl2wrs> uses B<omniidl>, and IDL parser, and can be found at
B<http://omniorb.sourceforge.net/>

16
doc/mergecap.pod
View File

@ -21,17 +21,17 @@ I<...>
B<Mergecap> is a program that combines multiple saved capture files into
a single output file specified by the B<-w> argument. B<Mergecap> knows
how to read B<libpcap> capture files, including those of B<tcpdump>,
B<Ethereal>, and other tools that write captures in that format.
B<Wireshark>, and other tools that write captures in that format.
By default, it writes the capture file in B<libpcap> format, and writes
all of the packets in both input capture files to the output file.
B<Mergecap> is able to detect, read and write the same capture files that
are supported by B<Ethereal>.
are supported by B<Wireshark>.
The input files don't need a specific filename extension, the file
format and an optional gzip compression will be automatically detected.
The I<capture file format> section of I<ethereal(1)> or
I<http://www.ethereal.com/docs/man-pages/ethereal.1.html>
The I<capture file format> section of I<wireshark(1)> or
I<http://www.wireshark.org/docs/man-pages/wireshark.1.html>
provides a detailed description.
B<Mergecap> can write the file in several output formats.
@ -120,18 +120,18 @@ fddi>' is specified).
=head1 SEE ALSO
I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<editcap(1)>
I<tcpdump(8)>, I<pcap(3)>, I<wireshark(1)>, I<editcap(1)>
=head1 NOTES
B<Mergecap> is based heavily upon B<editcap> by Richard Sharpe
<sharpe[AT]ns.aus.com> and Guy Harris <guy[AT]alum.mit.edu>.
B<Mergecap> is part of the B<Ethereal> distribution. The latest version
of B<Ethereal> can be found at B<http://www.ethereal.com>.
B<Mergecap> is part of the B<Wireshark> distribution. The latest version
of B<Wireshark> can be found at B<http://www.wireshark.org>.
HTML versions of the Wireshark project man pages are available at:
http://www.ethereal.com/docs/man-pages
http://www.wireshark.org/docs/man-pages
=head1 AUTHORS

2
doc/randpkt.txt
View File

@ -5,7 +5,7 @@ $Id$
randpkt is a small utility creates a libpcap trace file full of random packets.
You can control the number of packets, the maximum size of each packet,
and the type of each packet. It is not build by default, but you
can create it in the top-level Ethereal directory by typing:
can create it in the top-level Wireshark directory by typing:
make randpkt

10
doc/text2pcap.pod
View File

@ -77,7 +77,7 @@ B<Text2pcap> also allows the user to read in dumps of
application-level data, by inserting dummy L2, L3 and L4 headers
before each packet. The user can elect to insert Ethernet headers,
Ethernet and IP, or Ethernet, IP and UDP/TCP headers before each
packet. This allows Ethereal or any other full-packet decoder to
packet. This allows Wireshark or any other full-packet decoder to
handle these dumps.
=head1 OPTIONS
@ -118,7 +118,7 @@ for the Ethernet header in hex. Use this option if your dump has Layer
encapsulation. Example: I<-e 0x806> to specify an ARP packet.
For IP packets, instead of generating a fake Ethernet header you can
also use I<-l 12> to indicate a raw IP packet to Ethereal. Note that
also use I<-l 12> to indicate a raw IP packet to Wireshark. Note that
I<-l 12> does not work for any non-IP Layer 3 packet (e.g. ARP),
whereas generating a dummy Ethernet header with I<-e> works for any
sort of L3 packet.
@ -195,12 +195,12 @@ a second.
=head1 SEE ALSO
I<od(1)>, I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<editcap(1)>, I<strptime(3)>.
I<od(1)>, I<tcpdump(8)>, I<pcap(3)>, I<wireshark(1)>, I<editcap(1)>, I<strptime(3)>.
=head1 NOTES
B<Text2pcap> is part of the B<Ethereal> distribution. The latest version
of B<Ethereal> can be found at B<http://www.ethereal.com>.
B<Text2pcap> is part of the B<Wireshark> distribution. The latest version
of B<Wireshark> can be found at B<http://www.wireshark.org>.
=head1 AUTHORS

46
doc/tshark.pod
View File

@ -51,11 +51,11 @@ use the pcap library to capture traffic from the first available network
interface and displays a summary line on stdout for each received packet.
B<TShark> is able to detect, read and write the same capture files that
are supported by B<Ethereal>.
are supported by B<Wireshark>.
The input file doesn't need a specific filename extension, the file
format and an optional gzip compression will be automatically detected.
The I<capture file format> section of I<ethereal(1)> or
I<http://www.ethereal.com/docs/man-pages/ethereal.1.html>
The I<capture file format> section of I<wireshark(1)> or
I<http://www.wireshark.org/docs/man-pages/wireshark.1.html>
provides a detailed description.
Compressed file support uses (and therefore requires) the zlib library.
@ -71,7 +71,7 @@ packets' time stamps.
When writing a decoded form of packets, B<TShark> writes, by
default, a summary line containing the fields specified by the
preferences file (which are also the fields displayed in the packet list
pane in B<Ethereal>), although if it's writing packets as it captures
pane in B<Wireshark>), although if it's writing packets as it captures
them, rather than writting packets from a saved capture file, it won't
show the "frame number" field. If the B<-V> option is specified, it
writes instead a view of the details of the packet, showing all the
@ -132,7 +132,7 @@ B<duration>:I<value> Stop writing to a capture file after I<value> seconds have
B<filesize>:I<value> Stop writing to a capture file after it reaches a size of I<value>
kilobytes (where a kilobyte is 1024 bytes). If this option
is used together with the -b option, Ethereal will stop writing to the
is used together with the -b option, Wireshark will stop writing to the
current capture file and switch to the next one if filesize is reached.
B<files>:I<value> Stop writing to capture files after I<value> number of files were written.
@ -414,7 +414,7 @@ after printing the summary or details.
Specify an option to be passed to a B<TShark> module. The eXtension option
is in the form I<extension_key>B<:>I<value>, where I<extension_key> can be:
B<lua_script>:I<lua_script_filename> tells B<Ethereal> to load the given script in addition to the
B<lua_script>:I<lua_script_filename> tells B<Wireshark> to load the given script in addition to the
default Lua scripts.
@ -715,11 +715,11 @@ See the manual page of I<tcpdump(8)>.
=head1 READ FILTER SYNTAX
For a complete table of protocol and protocol fields that are filterable
in B<TShark> see the I<ethereal-filter(4)> manual page.
in B<TShark> see the I<wireshark-filter(4)> manual page.
=head1 FILES
These files contains various B<Ethereal> configuration values.
These files contains various B<Wireshark> configuration values.
=over 4
@ -745,17 +745,17 @@ starts a comment that runs to the end of the line:
# TRUE or FALSE (case-insensitive).
capture.prom_mode: TRUE
The global preferences file is looked for in the F<ethereal> directory
The global preferences file is looked for in the F<wireshark> directory
under the F<share> subdirectory of the main installation directory (for
example, F</usr/local/share/ethereal/preferences>) on UNIX-compatible
example, F</usr/local/share/wireshark/preferences>) on UNIX-compatible
systems, and in the main installation directory (for example,
F<C:\Program Files\Ethereal\preferences>) on Windows systems.
F<C:\Program Files\Wireshark\preferences>) on Windows systems.
The personal preferences file is looked for in
F<$HOME/.ethereal/preferences> on
UNIX-compatible systems and F<%APPDATA%\Ethereal\preferences> (or, if
F<$HOME/.wireshark/preferences> on
UNIX-compatible systems and F<%APPDATA%\Wireshark\preferences> (or, if
%APPDATA% isn't defined, F<%USERPROFILE%\Application
Data\Ethereal\preferences>) on Windows systems.
Data\Wireshark\preferences>) on Windows systems.
=item Disabled (Enabled) Protocols
@ -801,7 +801,7 @@ lines of an F<ethers> file:
The global F<ethers> file is looked for in the F</etc> directory on
UNIX-compatible systems, and in the main installation directory (for
example, F<C:\Program Files\Ethereal>) on Windows systems.
example, F<C:\Program Files\Wireshark>) on Windows systems.
The personal F<ethers> file is looked for in the same directory as the personal
preferences file.
@ -848,7 +848,7 @@ For example, these four lines are valid lines of an F<ipxnets> file:
The global F<ipxnets> file is looked for in the F</etc> directory on
UNIX-compatible systems, and in the main installation directory (for
example, F<C:\Program Files\Ethereal>) on Windows systems.
example, F<C:\Program Files\Wireshark>) on Windows systems.
The personal F<ipxnets> file is looked for in the same directory as the
personal preferences file.
@ -857,18 +857,18 @@ personal preferences file.
=head1 SEE ALSO
I<ethereal-filter(4)> I<ethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
I<wireshark-filter(4)> I<wireshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
=head1 NOTES
B<TShark> is part of the B<Ethereal> distribution. The latest version
of B<Ethereal> can be found at B<http://www.ethereal.com>.
B<TShark> is part of the B<Wireshark> distribution. The latest version
of B<Wireshark> can be found at B<http://www.wireshark.org>.
HTML versions of the Wireshark project man pages are available at:
http://www.ethereal.com/docs/man-pages
http://www.wireshark.org/docs/man-pages
=head1 AUTHORS
B<TShark> uses the same packet dissection code that B<Ethereal> does,
as well as using many other modules from B<Ethereal>; see the list of
authors in the B<Ethereal> man page for a list of authors of that code.
B<TShark> uses the same packet dissection code that B<Wireshark> does,
as well as using many other modules from B<Wireshark>; see the list of
authors in the B<Wireshark> man page for a list of authors of that code.

34
doc/ethereal-filter.pod.template → doc/wireshark-filter.pod.template
View File

@ -1,10 +1,10 @@
=head1 NAME
ethereal-filter - Ethereal filter syntax and reference
wireshark-filter - Wireshark filter syntax and reference
=head1 SYNOPSYS
B<ethereal> [other options]
B<wireshark> [other options]
S<[ B<-R> "filter expression" ]>
B<tshark> [other options]
@ -12,7 +12,7 @@ S<[ B<-R> "filter expression" ]>
=head1 DESCRIPTION
B<Ethereal> and B<TShark> share a powerful filter engine that helps remove
B<Wireshark> and B<TShark> share a powerful filter engine that helps remove
the noise from a packet trace and lets you see only the packets that interest
you. If a packet meets the requirements expressed in your filter, then it
is displayed in the list of packets. Display filters let you compare the
@ -20,7 +20,7 @@ fields within a protocol against a specific value, compare fields against
fields, and check the existence of specified fields or protocols.
Filters are also used by other features such as statistics generation and
packet list colorization (the latter is only available to B<Ethereal>). This
packet list colorization (the latter is only available to B<Wireshark>). This
manual page describes their syntax and provides a comprehensive reference of
filter fields.
@ -36,7 +36,7 @@ that contain a Token-Ring RIF field, use "tr.rif".
Think of a protocol or field in a filter as implicitly having the "exists"
operator.
Note: all protocol and field names that are available in B<Ethereal> and
Note: all protocol and field names that are available in B<Wireshark> and
B<TShark> filters are listed in the comprehensive B<FILTER PROTOCOL
REFERENCE> (see below).
@ -66,7 +66,7 @@ characters, expressed as a string (quoted or unquoted), or bytes,
expressed as a byte array. For example, to search for a given HTTP
URL in a capture, the following filter can be used:
http contains "http://www.ethereal.com"
http contains "http://www.wireshark.org"
The "contains" operator cannot be used on atomic fields,
such as numbers or IP addresses.
@ -85,13 +85,13 @@ a case-insensitive pattern match. More information on PCRE can be found in the
pcrepattern(3) man page (Perl Regular Expressions are explained in
B<http://www.perldoc.com/perl5.8.0/pod/perlre.html>).
Note: the "matches" operator is only available if B<Ethereal> or B<TShark>
Note: the "matches" operator is only available if B<Wireshark> or B<TShark>
have been compiled with the PCRE library. This can be checked by running:
ethereal -v
wireshark -v
tshark -v
or selecting the "About Ethereal" item from the "Help" menu in B<Ethereal>.
or selecting the "About Wireshark" item from the "Help" menu in B<Wireshark>.
=head2 Functions
@ -221,11 +221,11 @@ Another example is:
You can use the slice operator on a protocol name, too.
The "frame" protocol can be useful, encompassing all the data captured
by B<Ethereal> or B<TShark>.
by B<Wireshark> or B<TShark>.
token[0:5] ne 0.0.0.1.1
llc[0] eq aa
frame[100-199] contains "ethereal"
frame[100-199] contains "wireshark"
The following syntax governs slices:
@ -309,7 +309,7 @@ all valid display filter expressions:
tcp.port == 80 and ip.src == 192.168.2.1
not llc
http and frame[100-199] contains "ethereal"
http and frame[100-199] contains "wireshark"
(ipx.src.net == 0xbad && ipx.src.node == 0.0.0.0.0.1) || ip
Remember that whenever a protocol or field name occurs in an expression, the
@ -378,9 +378,9 @@ field is also given.
=head1 NOTES
The B<ethereal-filters> manpage is part of the B<Ethereal> distribution.
The latest version of B<Ethereal> can be found at
B<http://www.ethereal.com>.
The B<wireshark-filters> manpage is part of the B<Wireshark> distribution.
The latest version of B<Wireshark> can be found at
B<http://www.wireshark.org>.
Regular expressions in the "matches" operator are provided with B<libpcre>,
the Perl-Compatible Regular Expressions library: see B<http://www.pcre.org/>.
@ -393,9 +393,9 @@ in B<http://www.winpcap.org/docs/man/html/group__language.html>.
=head1 SEE ALSO
I<ethereal(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
I<wireshark(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
=head1 AUTHORS
See the list of authors in the B<Ethereal> man page for a list of authors of
See the list of authors in the B<Wireshark> man page for a list of authors of
that code.

202
doc/ethereal.pod → doc/wireshark.pod
View File

@ -1,11 +1,11 @@
=head1 NAME
ethereal - Interactively dump and analyze network traffic
wireshark - Interactively dump and analyze network traffic
=head1 SYNOPSYS
B<ethereal>
B<wireshark>
S<[ B<-a> E<lt>capture autostop conditionE<gt> ] ...>
S<[ B<-b> E<lt>capture ring buffer optionE<gt> ] ...>
S<[ B<-B> E<lt>capture buffer size (Win32 only)E<gt> ] >
@ -38,13 +38,13 @@ S<[ E<lt>infileE<gt> ]>
=head1 DESCRIPTION
B<Ethereal> is a GUI network protocol analyzer. It lets you
B<Wireshark> is a GUI network protocol analyzer. It lets you
interactively browse packet data from a live network or from a
previously saved capture file. B<Ethereal>'s native capture file format
previously saved capture file. B<Wireshark>'s native capture file format
is B<libpcap> format, which is also the format used by B<tcpdump> and
various other tools.
B<Ethereal> can read / import the following file formats:
B<Wireshark> can read / import the following file formats:
=over 4
@ -131,25 +131,25 @@ Catapult DCT2000 .out files
=back 4
There is no need to tell B<Ethereal> what type of
There is no need to tell B<Wireshark> what type of
file you are reading; it will determine the file type by itself.
B<Ethereal> is also capable of reading any of these file formats if they
are compressed using gzip. B<Ethereal> recognizes this directly from
B<Wireshark> is also capable of reading any of these file formats if they
are compressed using gzip. B<Wireshark> recognizes this directly from
the file; the '.gz' extension is not required for this purpose.
Like other protocol analyzers, B<Ethereal>'s main window shows 3 views
Like other protocol analyzers, B<Wireshark>'s main window shows 3 views
of a packet. It shows a summary line, briefly describing what the
packet is. A packet details display is shown, allowing you to drill
down to exact protocol or field that you interested in. Finally, a hex
dump shows you exactly what the packet looks like when it goes over the
wire.
In addition, B<Ethereal> has some features that make it unique. It can
In addition, B<Wireshark> has some features that make it unique. It can
assemble all the packets in a TCP conversation and show you the ASCII
(or EBCDIC, or hex) data in that conversation. Display filters in
B<Ethereal> are very powerful; more fields are filterable in B<Ethereal>
B<Wireshark> are very powerful; more fields are filterable in B<Wireshark>
than in other protocol analyzers, and the syntax you can use to create
your filters is richer. As B<Ethereal> progresses, expect more and more
your filters is richer. As B<Wireshark> progresses, expect more and more
protocol fields to be allowed in display filters.
Packet capturing is performed with the pcap library. The capture filter
@ -157,7 +157,7 @@ syntax follows the rules of the pcap library. This syntax is different
from the display filter syntax.
Compressed file support uses (and therefore requires) the zlib library.
If the zlib library is not present, B<Ethereal> will compile, but will
If the zlib library is not present, B<Wireshark> will compile, but will
be unable to read compressed files.
The pathname of a capture file to be read can be specified with the
@ -167,12 +167,12 @@ B<-r> option or can be specified as a command-line argument.
=over 4
Most users will want to start B<Ethereal> without options and configure
Most users will want to start B<Wireshark> without options and configure
it from the menus instead. Those users may just skip this section.
=item -a E<lt>capture autostop conditionE<gt>
Specify a criterion that specifies when B<Ethereal> is to stop writing
Specify a criterion that specifies when B<Wireshark> is to stop writing
to a capture file. The criterion is of the form I<test>B<:>I<value>,
where I<test> is one of:
@ -180,16 +180,16 @@ B<duration>:I<value> Stop writing to a capture file after I<value> seconds have
B<filesize>:I<value> Stop writing to a capture file after it reaches a size of I<value>
kilobytes (where a kilobyte is 1024 bytes). If this option
is used together with the -b option, Ethereal will stop writing to the
is used together with the -b option, Wireshark will stop writing to the
current capture file and switch to the next one if filesize is reached.
B<files>:I<value> Stop writing to capture files after I<value> number of files were written.
=item -b E<lt>capture ring buffer optionE<gt>
Cause B<Ethereal> to run in "multiple files" mode. In "multiple files" mode,
B<Ethereal> will write to several capture files. When the first capture file
fills up, B<Ethereal> will switch writing to the next file and so on.
Cause B<Wireshark> to run in "multiple files" mode. In "multiple files" mode,
B<Wireshark> will write to several capture files. When the first capture file
fills up, B<Wireshark> will switch writing to the next file and so on.
The created filenames are based on the filename given with the B<-w> flag, the number of
the file and on the creation date and time,
@ -197,7 +197,7 @@ e.g. outfile_00001_20050604120117.pcap, outfile_00001_20050604120523.pcap, ...
With the I<files> option it's also possible to form a "ring buffer".
This will fill up new files until the number of files specified,
at which point B<Ethereal> will discard the data in the first file and start
at which point B<Wireshark> will discard the data in the first file and start
writing to that file and so on. If the I<files> option is not set,
new files filled up until one of the capture stop conditions match (or
until the disk if full).
@ -227,7 +227,7 @@ data.
=item -D
Print a list of the interfaces on which B<Ethereal> can capture, and
Print a list of the interfaces on which B<Wireshark> can capture, and
exit. For each network interface, a number and an
interface name, possibly followed by a text description of the
interface, is printed. The interface name or the number can be supplied
@ -238,10 +238,10 @@ This can be useful on systems that don't have a command to list them
the number can be useful on Windows 2000 and later systems, where the
interface name is a somewhat complex string.
Note that "can capture" means that B<Ethereal> was able to open
Note that "can capture" means that B<Wireshark> was able to open
that device to do a live capture; if, on your system, a program doing a
network capture must be run from an account with special privileges (for
example, as root), then, if B<Ethereal> is run with the B<-D> flag and
example, as root), then, if B<Wireshark> is run with the B<-D> flag and
is not run from such an account, it will not list any interfaces.
=item -f E<lt>capture filterE<gt>
@ -262,32 +262,32 @@ Set the name of the network interface or pipe to use for live packet
capture.
Network interface names should match one of the names listed in
"B<ethereal -D>" (described above); a number, as reported by
"B<ethereal -D>", can also be used. If you're using UNIX, "B<netstat
"B<wireshark -D>" (described above); a number, as reported by
"B<wireshark -D>", can also be used. If you're using UNIX, "B<netstat
-i>" or "B<ifconfig -a>" might also work to list interface names,
although not all versions of UNIX support the B<-a> flag to B<ifconfig>.
If no interface is specified, B<Ethereal> searches the list of
If no interface is specified, B<Wireshark> searches the list of
interfaces, choosing the first non-loopback interface if there are any
non-loopback interfaces, and choosing the first loopback interface if
there are no non-loopback interfaces. If there are no interfaces at all,
B<Ethereal> reports an error and doesn't start the capture.
B<Wireshark> reports an error and doesn't start the capture.
Pipe names should be either the name of a FIFO (named pipe) or ``-'' to
read data from the standard input. Data read from pipes must be in
standard libpcap format.
Note: the Win32 version of B<Ethereal> doesn't support capturing from
Note: the Win32 version of B<Wireshark> doesn't support capturing from
pipes or stdin!
=item -k
Start the capture session immediately. If the B<-i> flag was
specified, the capture uses the specified interface. Otherwise,
B<Ethereal> searches the list of interfaces, choosing the first
B<Wireshark> searches the list of interfaces, choosing the first
non-loopback interface if there are any non-loopback interfaces, and
choosing the first loopback interface if there are no non-loopback
interfaces; if there are no interfaces, B<Ethereal> reports an error and
interfaces; if there are no interfaces, B<Wireshark> reports an error and
doesn't start the capture.
=item -l
@ -302,7 +302,7 @@ List the data link types supported by the interface and exit.
=item -m E<lt>fontE<gt>
Set the name of the font used by B<Ethereal> for most text. B<Ethereal>
Set the name of the font used by B<Wireshark> for most text. B<Wireshark>
will construct the name of the bold font used for the data in the byte
view pane that corresponds to the field selected in the packet details
pane from the name of the main text font.
@ -337,7 +337,7 @@ read from a preference/recent file. The argument to the flag is a string of
the form I<prefname>B<:>I<value>, where I<prefname> is the name of the
preference/recent value (which is the same name that would appear in the
preference/recent file), and I<value> is the value to which it should be set.
Since B<Ethereal> 0.10.12, the recent settings replaces the formerly used
Since B<Wireshark> 0.10.12, the recent settings replaces the formerly used
-B, -P and -T flags to manipulate the GUI dimensions.
=item -p
@ -345,13 +345,13 @@ Since B<Ethereal> 0.10.12, the recent settings replaces the formerly used
I<Don't> put the interface into promiscuous mode. Note that the
interface might be in promiscuous mode for some other reason; hence,
B<-p> cannot be used to ensure that the only traffic that is captured is
traffic sent to or from the machine on which B<Ethereal> is running,
traffic sent to or from the machine on which B<Wireshark> is running,
broadcast traffic, and multicast traffic to addresses received by that
machine.
=item -Q
Cause B<Ethereal> to exit after the end of capture session (useful in
Cause B<Wireshark> to exit after the end of capture session (useful in
batch mode with B<-c> option for instance); this option requires the
B<-i> and B<-w> parameters.
@ -411,16 +411,16 @@ are the values that can be used.
=item -X E<lt>eXtension optionsE<gt>
Specify an option to be passed to an B<Ethereal> module. The eXtension option
Specify an option to be passed to an B<Wireshark> module. The eXtension option
is in the form I<extension_key>B<:>I<value>, where I<extension_key> can be:
B<lua_script>:I<lua_script_filename> tells B<Ethereal> to load the given script in addition to the
B<lua_script>:I<lua_script_filename> tells B<Wireshark> to load the given script in addition to the
default Lua scripts.
=item -z E<lt>statisticsE<gt>
Get B<Ethereal> to collect various types of statistics and display the result
Get B<Wireshark> to collect various types of statistics and display the result
in a window that updates in semi-real time.
Currently implemented statistics are:
@ -700,7 +700,7 @@ next / previous file in that set.
=item File:Export
Export captured data into an external format. Note: the data cannot be
imported back into Ethereal, so be sure to keep the capture file.
imported back into Wireshark, so be sure to keep the capture file.
=item File:Print
@ -861,7 +861,7 @@ consists of a name, a filter expression and a coloration. A packet is
colored according to the first filter that it matches. Color filter
expressions use exactly the same syntax as display filter expressions.
When Ethereal starts, the color filters are loaded from:
When Wireshark starts, the color filters are loaded from:
=over
@ -926,7 +926,7 @@ Beware: keeping this box open results in high system load!
Initiate a live packet capture (see L<Capture Options|/item_capture_options>
dialog below). If no filename is specified, a temporary file will be created
to hold the capture. The location of the file can be chosen by setting your
TMPDIR environment variable before starting B<Ethereal>. Otherwise, the
TMPDIR environment variable before starting B<Wireshark>. Otherwise, the
default TMPDIR location is system-dependent, but is likely either F</var/tmp>
or F</tmp>.
@ -990,13 +990,13 @@ The entire list can be enabled, disabled, or inverted using the buttons
below the list.
When a protocol is disabled, dissection in a particular packet stops
when that protocol is reached, and Ethereal moves on to the next packet.
when that protocol is reached, and Wireshark moves on to the next packet.
Any higher-layer protocols that would otherwise have been processed will
not be displayed. For example, disabling TCP will prevent the dissection
and display of TCP, HTTP, SMTP, Telnet, and any other protocol exclusively
dependent on TCP.
The list of protocols can be saved, so that Ethereal will start up with
The list of protocols can be saved, so that Wireshark will start up with
the protocols in that list disabled.
=item Analyze:Decode As
@ -1006,7 +1006,7 @@ which dissectors are used to decode this packet. The dialog has one
panel each for the link layer, network layer and transport layer
protocol/port numbers, and will allow each of these to be changed
independently. For example, if the selected packet is a TCP packet to
port 12345, using this dialog you can instruct Ethereal to decode all
port 12345, using this dialog you can instruct Wireshark to decode all
packets to or from that TCP port as HTTP packets.
=item Analyze:User Specified Decodes
@ -1112,7 +1112,7 @@ second intervals.
interval will be in the drawing area. The default is 5 pixels per tick.
"Y-scale:" controls the max value for the y-axis. Default value is
"auto" which means that B<Ethereal> will try to adjust the maxvalue
"auto" which means that B<Wireshark> will try to adjust the maxvalue
automatically.
"advanced..." If Unit:advanced... is selected the window will display
@ -1220,7 +1220,7 @@ ascending or descending order by any column.
By first selecting a conversation by clicking on it and then using the
right mouse button (on those platforms that have a right
mouse button) ethereal will display a popup menu offering several different
mouse button) wireshark will display a popup menu offering several different
filter operations to apply to the capture.
These statistics windows can also be invoked from the Wireshark command
@ -1234,7 +1234,7 @@ interface and display B<Procedure>, B<Number of Calls>, B<Minimum SRT>,
B<Maximum SRT> and B<Average SRT> for all procedures for that
program/version. These windows opened will update in semi-real time to
reflect changes when doing live captures or when reading new capture
files into B<Ethereal>.
files into B<Wireshark>.
This dialog will also allow an optional filter string to be used.
If an optional filter string is used only such DCE-RPC request/response pairs
@ -1248,7 +1248,7 @@ and display B<FC Type>, B<Number of Calls>, B<Minimum SRT>,
B<Maximum SRT> and B<Average SRT> for all FC types.
These windows opened will update in semi-real time to
reflect changes when doing live captures or when reading new capture
files into B<Ethereal>.
files into B<Wireshark>.
The Service Response Time is calculated as the time delta between the
First packet of the exchange and the Last packet of the exchange.
@ -1262,7 +1262,7 @@ string is specified all request/response pairs will be used.
Open a window to display statistics for an arbitrary ONC-RPC program interface
and display B<Procedure>, B<Number of Calls>, B<Minimum SRT>, B<Maximum SRT> and B<Average SRT> for all procedures for that program/version.
These windows opened will update in semi-real time to reflect changes when
doing live captures or when reading new capture files into B<Ethereal>.
doing live captures or when reading new capture files into B<Wireshark>.
This dialog will also allow an optional filter string to be used.
If an optional filter string is used only such ONC-RPC request/response pairs
@ -1271,7 +1271,7 @@ string is specified all request/response pairs will be used.
By first selecting a conversation by clicking on it and then using the
right mouse button (on those platforms that have a right
mouse button) ethereal will display a popup menu offering several different
mouse button) wireshark will display a popup menu offering several different
filter operations to apply to the capture.
=item Statistics:Service Response Time:SMB
@ -1294,7 +1294,7 @@ on those calls matching that filter.
By first selecting a conversation by clicking on it and then using the
right mouse button (on those platforms that have a right
mouse button) ethereal will display a popup menu offering several different
mouse button) wireshark will display a popup menu offering several different
filter operations to apply to the capture.
=item Statistics:Service Response Time:MGCP
@ -1303,7 +1303,7 @@ Collect requests/response SRT (Service Response Time) data for MGCP.
Data collected is B<number of calls> for each known MGCP Type,
B<Minimum SRT>, B<Maximum SRT>, B<Average SRT>, B<Minimum in Packet>, and B<Maximum in Packet>.
These windows opened will update in semi-real time to reflect changes when
doing live captures or when reading new capture files into B<Ethereal>.
doing live captures or when reading new capture files into B<Wireshark>.
You can apply an optional filter string in a dialog box, before starting
the calculation. The statistics will only be calculated
@ -1317,7 +1317,7 @@ B<Minimum SRT>, B<Maximum SRT>, B<Average SRT>, B<Minimum in Packet>, and B<Maxi
You will also get the number of B<Open Requests> (Unresponded Requests),
B<Discarded Responses> (Responses without matching request) and Duplicate Messages.
These windows opened will update in semi-real time to reflect changes when
doing live captures or when reading new capture files into B<Ethereal>.
doing live captures or when reading new capture files into B<Wireshark>.
You can apply an optional filter string in a dialog box, before starting
the calculation. The statistics will only be calculated
@ -1330,7 +1330,7 @@ list of H.225 messages and H.225 message reasons, which occur in the current
capture file. The number of occurences of each message or reason will be displayed
in the second column.
This window opened will update in semi-real time to reflect changes when
doing live captures or when reading new capture files into B<Ethereal>.
doing live captures or when reading new capture files into B<Wireshark>.
You can apply an optional filter string in a dialog box, before starting
the counter. The statistics will only be calculated
@ -1343,7 +1343,7 @@ SIP Method and of each SIP Status-Code. Additionally you also get the number of
resent SIP Messages (only for SIP over UDP).
This window opened will update in semi-real time to reflect changes when
doing live captures or when reading new capture files into B<Ethereal>.
doing live captures or when reading new capture files into B<Wireshark>.
You can apply an optional filter string in a dialog box, before starting
the counter. The statistics will only be calculated
@ -1366,13 +1366,13 @@ List of supported protocols and display filter protocol fields.
Display locally installed HTML versions of these manual pages in a web browser.
=item Help:Ethereal Online
=item Help:Wireshark Online
Various links to online resources to be open in a web browser, like http://www.ethereal.com.
Various links to online resources to be open in a web browser, like http://www.wireshark.org.
=item Help:About Ethereal
=item Help:About Wireshark
See various information about Ethereal (see L<About|/item_about> dialog below), like the
See various information about Wireshark (see L<About|/item_about> dialog below), like the
version, the folders used, the available plugins, ...
=back
@ -1424,7 +1424,7 @@ source and destination addresses, protocol, and description are
displayed for each packet; the I<Columns> page in the dialog box popped
up by I<Edit:Preferences> lets you change this (although, unfortunately,
you currently have to save the preferences, and exit and restart
Ethereal, for those changes to take effect).
Wireshark, for those changes to take effect).
If you click on the heading for a column, the display will be sorted by
that column; clicking on the heading again will reverse the sort order
@ -1467,7 +1467,7 @@ The statusbar can be hidden by I<View:Statusbar>.
=item Preferences
The I<Preferences> dialog lets you control various personal preferences
for the behavior of B<Ethereal>.
for the behavior of B<Wireshark>.
=over 6
@ -1513,19 +1513,19 @@ item can be set to use either inverse video, or bold characters.
=item Save Window Position
If this item is selected, the position of the main Wireshark window will
be saved when Ethereal exits, and used when Wireshark is started again.
be saved when Wireshark exits, and used when Wireshark is started again.
=item Save Window Size
If this item is selected, the size of the main Wireshark window will
be saved when Ethereal exits, and used when Wireshark is started again.
be saved when Wireshark exits, and used when Wireshark is started again.
=item File Open Dialog Behavior
This item allows the user to select how Ethereal handles the listing
This item allows the user to select how Wireshark handles the listing
of the "File Open" Dialog when opening trace files. "Remember Last
Directory" causes Ethereal to automatically position the dialog in the
directory of the most recently opened file, even between launches of Ethereal.
Directory" causes Wireshark to automatically position the dialog in the
directory of the most recently opened file, even between launches of Wireshark.
"Always Open in Directory" allows the user to define a persistent directory
that the dialog will always default to.
@ -1602,7 +1602,7 @@ The I<Filter:> text entry lets you set a capture filter expression to be
used when capturing.
If any of the environment variables SSH_CONNECTION, SSH_CLIENT,
REMOTEHOST, DISPLAY, or CLIENTNAME are set, Ethereal will create a
REMOTEHOST, DISPLAY, or CLIENTNAME are set, Wireshark will create a
default capture filter that excludes traffic from the hosts and ports
defined in those variables.
@ -1630,8 +1630,8 @@ system for a particular save file.
=item Protocol Preferences
There are also pages for various protocols that Ethereal dissects,
controlling the way Ethereal handles those protocols.
There are also pages for various protocols that Wireshark dissects,
controlling the way Wireshark handles those protocols.
=back
@ -1808,7 +1808,7 @@ does not close the dialog.
Saves the current list of color filters in your personal color filters
file. Unless you do this they will not be used the next time you start
Ethereal.
Wireshark.
=item CLOSE
@ -1870,22 +1870,22 @@ The I<Stop capture after ... files> field lets you specify the number
of capture files used, until the capture is stopped.
The I<Stop capture after ... packet(s)> check box and field let
you specify that Ethereal should stop capturing after having captured
some number of packets; if the check box is not checked, Ethereal will
you specify that Wireshark should stop capturing after having captured
some number of packets; if the check box is not checked, Wireshark will
not stop capturing at some fixed number of captured packets.
The I<Stop capture after ... megabyte(s)> check box and field lets
you specify that Ethereal should stop capturing after the file to which
you specify that Wireshark should stop capturing after the file to which
captured packets are being saved grows as large as or larger than some
specified number of megabytes. If the check box is not checked, Ethereal
specified number of megabytes. If the check box is not checked, Wireshark
will not stop capturing at some capture file size (although the operating
system on which Wireshark is running, or the available disk space, may still
limit the maximum size of a capture file). This option is disabled, if
"multiple files" mode is used,
The I<Stop capture after ... second(s)> check box and field let you
specify that Ethereal should stop capturing after it has been capturing
for some number of seconds; if the check box is not checked, Ethereal
specify that Wireshark should stop capturing after it has been capturing
for some number of seconds; if the check box is not checked, Wireshark
will not stop capturing after some fixed time has elapsed.
The I<Update list of packets in real time> check box lets you specify
@ -1901,11 +1901,11 @@ should be translated to names.
=item About
The I<About> dialog lets you view various information about Ethereal.
The I<About> dialog lets you view various information about Wireshark.
=item About:Ethereal
=item About:Wireshark
The I<Ethereal> page lets you view general information about Ethereal,
The I<Wireshark> page lets you view general information about Wireshark,
like the installed version, licensing information and such.
=item About:Authors
@ -1914,7 +1914,7 @@ The I<Authors> page shows the author and all contributors.
=item About:Folders
The I<Folders> page lets you view the directory names where Ethereal is
The I<Folders> page lets you view the directory names where Wireshark is
searching it's various configuration and other files.
=item About:Plugins
@ -1926,24 +1926,24 @@ The I<Plugins List> shows the name and version of each dissector plugin
module found on your system.
On Unix-compatible systems, the plugins are looked for in the following
directories: the F<lib/ethereal/plugins/$VERSION> directory under the
directories: the F<lib/wireshark/plugins/$VERSION> directory under the
main installation directory (for example,
F</usr/local/lib/ethereal/plugins/$VERSION>), and then
F<$HOME/.ethereal/plugins>.
F</usr/local/lib/wireshark/plugins/$VERSION>), and then
F<$HOME/.wireshark/plugins>.
On Windows systems, the plugins are looked for in the following
directories: F<plugins\$VERSION> directory under the main installation
directory (for example, F<C:\Program Files\Ethereal\plugins\$VERSION>),
and then F<%APPDATA%\Ethereal\plugins\$VERSION> (or, if %APPDATA% isn't
defined, F<%USERPROFILE%\Application Data\Ethereal\plugins\$VERSION>).
directory (for example, F<C:\Program Files\Wireshark\plugins\$VERSION>),
and then F<%APPDATA%\Wireshark\plugins\$VERSION> (or, if %APPDATA% isn't
defined, F<%USERPROFILE%\Application Data\Wireshark\plugins\$VERSION>).
$VERSION is the version number of the plugin interface, which
is typically the version number of Ethereal. Note that a dissector
is typically the version number of Wireshark. Note that a dissector
plugin module may support more than one protocol; there is not
necessarily a one-to-one correspondence between dissector plugin modules
and protocols. Protocols supported by a dissector plugin module are
enabled and disabled using the I<Edit:Protocols> dialog box, just as
protocols built into Ethereal are.
protocols built into Wireshark are.
=back
@ -1954,11 +1954,11 @@ See the manual page of I<tcpdump(8)>.
=head1 DISPLAY FILTER SYNTAX
For a complete table of protocol and protocol fields that are filterable
in B<Ethereal> see the I<ethereal-filter(4)> manual page.
in B<Wireshark> see the I<wireshark-filter(4)> manual page.
=head1 FILES
These files contains various B<Ethereal> configuration settings.
These files contains various B<Wireshark> configuration settings.
=over 4
@ -1984,16 +1984,16 @@ starts a comment that runs to the end of the line:
# TRUE or FALSE (case-insensitive).
gui.scrollbar_on_right: TRUE
The global preferences file is looked for in the F<ethereal> directory
The global preferences file is looked for in the F<wireshark> directory
under the F<share> subdirectory of the main installation directory (for
example, F</usr/local/share/ethereal/preferences>) on UNIX-compatible
example, F</usr/local/share/wireshark/preferences>) on UNIX-compatible
systems, and in the main installation directory (for example,
F<C:\Program Files\Ethereal\preferences>) on Windows systems.
F<C:\Program Files\Wireshark\preferences>) on Windows systems.
The personal preferences file is looked for in F<$HOME/.ethereal/preferences> on
UNIX-compatible systems and F<%APPDATA%\Ethereal\preferences> (or, if
The personal preferences file is looked for in F<$HOME/.wireshark/preferences> on
UNIX-compatible systems and F<%APPDATA%\Wireshark\preferences> (or, if
%APPDATA% isn't defined, F<%USERPROFILE%\Application
Data\Ethereal\preferences>) on Windows systems.
Data\Wireshark\preferences>) on Windows systems.
Note: Whenever the preferences are saved by using the I<Save> button
in the I<Edit:Preferences> dialog box, your personal preferences file
@ -2003,7 +2003,7 @@ unknown/obsolete settings that were in the file.
=item Recent
The F<recent> file contains personal settings (mostly GUI related) such
as the current B<Ethereal> window size. The file is saved at program exit and
as the current B<Wireshark> window size. The file is saved at program exit and
read in at program start automatically. Note: The command line flag B<-o>
may be used to override settings from this file.
@ -2067,7 +2067,7 @@ lines of an F<ethers> file:
The global F<ethers> file is looked for in the F</etc> directory on
UNIX-compatible systems, and in the main installation directory (for
example, F<C:\Program Files\Ethereal>) on Windows systems.
example, F<C:\Program Files\Wireshark>) on Windows systems.
The personal F<ethers> file is looked for in the same directory as the personal
preferences file.
@ -2114,7 +2114,7 @@ For example, these four lines are valid lines of an F<ipxnets> file:
The global F<ipxnets> file is looked for in the F</etc> directory on
UNIX-compatible systems, and in the main installation directory (for
example, F<C:\Program Files\Ethereal>) on Windows systems.
example, F<C:\Program Files\Wireshark>) on Windows systems.
The personal F<ipxnets> file is looked for in the same directory as the
personal preferences file.
@ -2199,12 +2199,12 @@ See above in the description of the About:Plugins page.
=head1 SEE ALSO
I<ethereal-filter(4)> I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
I<wireshark-filter(4)> I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
=head1 NOTES
The latest version of B<Ethereal> can be found at
B<http://www.ethereal.com>.
The latest version of B<Wireshark> can be found at
B<http://www.wireshark.org>.
=head1 AUTHORS

4
docbook/catalog.xml
View File

@ -46,10 +46,10 @@ Please note that if you shift any files in the directory structure you MUST adju
<!--
<system
systemId="EtherealMain1"
uri="./graphics/ethereal-main.jpg" />
uri="./graphics/wireshark-main.jpg" />
<system
systemId="EtherealThreePane1"
uri="./graphics/ethereal-main.jpg" />
uri="./graphics/wireshark-main.jpg" />
<uri
name="chunk.xsl"
uri="docbook-xsl-1.62.1/html/chunk.xsl" />

8
docbook/developer-guide.xml
View File

@ -46,15 +46,15 @@ DOCUMENT SECTION
Ethereal Info
-->
<!ENTITY EtherealCurrentVersion "0.10.14">
<!ENTITY EtherealWebSite "http://www.ethereal.com">
<!ENTITY EtherealWebSite "http://www.wireshark.org">
<!ENTITY EtherealDownloadPage "&EtherealWebSite;/download.html">
<!ENTITY EtherealAuthorsPage "&EtherealWebSite;/introduction.html#authors">
<!ENTITY EtherealFAQPage "&EtherealWebSite;/faq.html">
<!ENTITY EtherealDevMailList "ethereal-dev[AT]ethereal.com">
<!ENTITY EtherealDevMailList "wireshark-dev[AT]wireshark.org">
<!ENTITY EtherealDevsGuidePage "&EtherealWebSite;/docs">
<!ENTITY EtherealUsersGuidePage "&EtherealWebSite;/docs">
<!ENTITY EtherealWikiSite "http://wiki.ethereal.com">
<!ENTITY EtherealBugsSite "http://bugs.ethereal.com">
<!ENTITY EtherealWikiSite "http://wiki.wireshark.org">
<!ENTITY EtherealBugsSite "http://bugs.wireshark.org">
<!--
Gnu info

12
docbook/edg_src/EDG_chapter_env_intro.xml
View File

@ -353,7 +353,7 @@
<para>
There are several mailing lists of specific Ethereal topics available:
<variablelist>
<varlistentry><term><command>ethereal-announce</command></term>
<varlistentry><term><command>wireshark-announce</command></term>
<listitem>
<para>
This mailing list will inform you about new program
@ -361,7 +361,7 @@
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>ethereal-users</command></term>
<varlistentry><term><command>wireshark-users</command></term>
<listitem>
<para>
This list is for users of Ethereal. People post
@ -370,7 +370,7 @@
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>ethereal-dev</command></term>
<varlistentry><term><command>wireshark-dev</command></term>
<listitem>
<para>
This list is for Wireshark developers. People post questions about
@ -379,7 +379,7 @@
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>ethereal-bugs</command></term>
<varlistentry><term><command>wireshark-bugs</command></term>
<listitem>
<para>
This list is for Wireshark developers. Everytime a change to the bug
@ -390,7 +390,7 @@
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>ethereal-cvs</command></term>
<varlistentry><term><command>wireshark-commits</command></term>
<listitem>
<para>
This list is for Wireshark developers. Everytime a change to the SVN
@ -422,7 +422,7 @@
The Etereal community started collecting bug reports in a Bugzilla database at
<ulink url="&EtherealBugsSite;">&EtherealBugsSite;</ulink>.
This database is filled with manually filed bug reports, usually after some
discussion on ethereal-dev, and bug reports from the QA build tooling.
discussion on wireshark-dev, and bug reports from the QA build tooling.
</para>
</section>

6
docbook/edg_src/EDG_chapter_libraries.xml
View File

@ -31,7 +31,7 @@
<para>
Win32: All required libraries for the MSVC
generation are available at:
<ulink url="http://www.ethereal.com/distribution/win32/development/"/>,
<ulink url="http://www.wireshark.org/distribution/win32/development/"/>,
but see <xref linkend="ChLibsSetup"/> for an easier way to install the
libraries.
</para>
@ -107,7 +107,7 @@
</note>
<para>
By default the libraries will be downloaded and installed into
<filename>C:\ethereal-win32-libs</filename>.
<filename>C:\wireshark-win32-libs</filename>.
You can change this to any other location by editing the file
<filename>config.nmake</filename> and changing the line containing
the WIRESHARK_LIBS setting to your favourite place (use an absolute path
@ -247,7 +247,7 @@
Then libsnmp is compiled with the "libsnmp - Win32 Release" project
using MSVC++ 6.0. A file called "README.ethereal" has been placed in the
net-snmp zip archive at <ulink
url="http://anonsvn.ethereal.com/ethereal-win32-libs/trunk/packages/"/>
url="http://anonsvn.wireshark.org/wireshark-win32-libs/trunk/packages/"/>
describing the changes in more detail.
</para>
</section>

28
docbook/edg_src/EDG_chapter_sources.xml
View File

@ -34,7 +34,7 @@
<para>
Subversion is used to keep track of the changes made to the Wireshark
source code. The Wireshark source code is stored inside Ethereal project's
Subversion repository located at a server at the ethereal.com domain.
Subversion repository located at a server at the wireshark.org domain.
</para>
<para>
To qoute the Subversion book about "What is Subversion?":
@ -119,7 +119,7 @@
found at:
</para>
<para>
<ulink url="http://anonsvn.ethereal.com/ethereal/trunk/"/>.
<ulink url="http://anonsvn.wireshark.org/ethereal/trunk/"/>.
</para>
<para>
A <command>comprehensive view</command> of all source versions
@ -127,7 +127,7 @@
is available at:
</para>
<para>
<ulink url="http://anonsvn.ethereal.com/viewcvs/viewcvs.py/"/>.
<ulink url="http://anonsvn.wireshark.org/viewcvs/viewcvs.py/"/>.
</para>
<para>
Of special interest might be the subdirectories:
@ -183,7 +183,7 @@
You can use a Subversion client to download the source code from
Ethereal's anonymous Subversion repository. The URL for the repository
trunk is:
<ulink url="http://anonsvn.ethereal.com/ethereal/trunk/"/>.
<ulink url="http://anonsvn.wireshark.org/ethereal/trunk/"/>.
</para>
<para>
See <xref linkend="ChToolsSubversion"/> how to install a Subversion client.
@ -194,7 +194,7 @@
</para>
<para>
<prompt>$</prompt>
<userinput>svn checkout http://anonsvn.ethereal.com/ethereal/trunk ethereal</userinput>
<userinput>svn checkout http://anonsvn.wireshark.org/ethereal/trunk ethereal</userinput>
</para>
<para>
The checkout has to be only done once. This will copy all the sources of
@ -215,7 +215,7 @@
<para>
The entire source tree of the Subversion repository is available via a
web interface at:
<ulink url="http://anonsvn.ethereal.com/viewcvs/viewcvs.py/"/>.
<ulink url="http://anonsvn.wireshark.org/viewcvs/viewcvs.py/"/>.
You can view
each revision of a particular file, as well as diffs between different
revisions. You can also download individual files or entire directories.
@ -235,7 +235,7 @@
The buildbot server will automatically start to generate a snapshot of
Ethereal's sourcetree after a source code change committed.
These snapshots can be found at: <ulink
url="http://www.ethereal.com/distribution/buildbot-builds/source/"/>.
url="http://www.wireshark.org/distribution/buildbot-builds/source/"/>.
</para>
<para>
If anonymous Subversion access isn't possible, e.g. if the connection to
@ -258,7 +258,7 @@
</para>
<para>
The officially released source files can be found at: <ulink
url="http://www.ethereal.com/download.html"/>.
url="http://www.wireshark.org/download.html"/>.
You should use these sources if you want to build Ethereal on your
platform for productive use.
</para>
@ -542,8 +542,8 @@ make
Here is a small example of a patch file (XXX - generate a better example):
<programlisting>
<![CDATA[
diff -ur ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/packet-dcerpc.c
--- ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c 2004-08-12 15:42:26.000000000 -0700
diff -ur ../wireshark-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/packet-dcerpc.c
--- ../wireshark-0.10.6/epan/dissectors/packet-dcerpc.c 2004-08-12 15:42:26.000000000 -0700
+++ ./epan/dissectors/packet-dcerpc.c 2004-08-19 18:48:32.000000000 -0700
@@ -282,6 +282,7 @@
/* we need to keep track of what transport were used, ie what handle we came
@ -625,7 +625,7 @@ diff -ur ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/pa
do a diff, you should
have two source trees on your computer, one with your working copy
(containing your changes), and one with the "official" source tree
(hopefully the latest SVN files) from www.ethereal.com.
(hopefully the latest SVN files) from www.wireshark.org.
</para>
<para>
If you have only changed a single file, you could type something like
@ -781,7 +781,7 @@ diff -ur ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/pa
and the fuzz test randomly change bytes in this file, so unconditional
code paths in your dissector are passed. There are tools available to
automatically do this on any number of input files, see:
<ulink url="http://wiki.ethereal.com/FuzzTesting"/> for details.
<ulink url="http://wiki.wireshark.org/FuzzTesting"/> for details.
</para>
</listitem>
</itemizedlist>
@ -796,7 +796,7 @@ diff -ur ../ethereal-0.10.6/epan/dissectors/packet-dcerpc.c ./epan/dissectors/pa
</para>
<para>
You should send an email to <ulink
url="mailto:ethereal-dev[AT]ethereal.com"/> containing:
url="mailto:wireshark-dev[AT]wireshark.org"/> containing:
<itemizedlist>
<listitem><para>
subject: [PATCH] and a short description of your changes
@ -1077,7 +1077,7 @@ $Id$
</tip>
<para>
If everything went well, you will now find something like:
<filename>ethereal-setup-&EtherealCurrentVersion;.exe</filename> in
<filename>wireshark-setup-&EtherealCurrentVersion;.exe</filename> in
the <filename>packaging/nsis</filename> directory.
</para>
</section>

4
docbook/edg_src/EDG_chapter_tools.xml
View File

@ -201,7 +201,7 @@
<entry>-</entry>
<entry><ulink url="http://nsis.sourceforge.net">NSIS</ulink></entry>
<entry>Only needed if you want to build your own
ethereal-setup.exe.</entry>
wireshark-setup.exe.</entry>
</row>
</tbody>
</tgroup>
@ -347,7 +347,7 @@
<section>
<title>Nullsoft Scriptable Install System (NSIS)</title>
<para>
If you want to build your own ethereal-setup.exe, you'll need NSIS.
If you want to build your own wireshark-setup.exe, you'll need NSIS.
You can download the NSIS setup from
<ulink url="http://nsis.sourceforge.net"/> and simply install it.
</para>

28
docbook/release-notes.xml
View File

@ -101,8 +101,8 @@ Ethereal Info
<section id="GettingEthereal"><title>Getting Ethereal</title>
<section><title>Microsoft Windows</title>
<para>
Download ethereal-setup-&EtherealCurrentVersion;.exe from the
<ulink url="http://www.ethereal.com/distribution/win32/">Windows
Download wireshark-setup-&EtherealCurrentVersion;.exe from the
<ulink url="http://www.wireshark.org/distribution/win32/">Windows
download area</ulink> on the main web site. Double-click the
installer executable.
</para>
@ -111,7 +111,7 @@ Ethereal Info
<section><title>Sun Solaris</title>
<para>
Download the appropriate package from the
<ulink url="http://www.ethereal.com/distribution/solaris/">Solaris
<ulink url="http://www.wireshark.org/distribution/solaris/">Solaris
download area</ulink> on the main web site. Uncompress the package
using bzip2, and install it using pkgadd.
</para>
@ -119,8 +119,8 @@ Ethereal Info
<section><title>Source Code</title>
<para>
Download ethereal-&EtherealCurrentVersion;.tar.gz from the
<ulink url="http://www.ethereal.com/distribution/">main
Download wireshark-&EtherealCurrentVersion;.tar.gz from the
<ulink url="http://www.wireshark.org/distribution/">main
download area</ulink> on the web site. Extract the package
using tar and gzip. Run "configure ; make ; make install".
</para>
@ -131,7 +131,7 @@ Ethereal Info
Most Linux and Unix vendors supply their own Ethereal packages.
You can install or upgrade Ethereal using the package management
system specific to that platform. A list of third-party packages
can be found on the <ulink url="http://www.ethereal.com/download.html#otherplat">download page</ulink> on the Wireshark web site.
can be found on the <ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
</para>
</section>
@ -159,7 +159,7 @@ Ethereal Info
On Windows systems the packet list scroll bar can sometimes disappear
or become unusable. Until the problem is fixed you can work around it
by resizing the packet list or the main window.
(<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220">Bug
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220">Bug
#220</ulink>)
</para>
@ -170,25 +170,25 @@ Ethereal Info
<para>
Trying to save flow data may crash Ethereal.
(<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=396">Bug
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=396">Bug
#396</ulink>)
</para>
<para>
It may not be possible to re-order coloring rules under Windows.
(<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=699">Bug
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=699">Bug
#699</ulink>)
</para>
<para>
Multiple tap interfaces may cause a crash under FreeBSD.
(<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=757">Bug
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=757">Bug
#757</ulink>)
</para>
<para>
Ethereal may crash while viewing TCP streams.
(<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=852">Bug
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=852">Bug
#852</ulink>)
</para>
@ -196,9 +196,9 @@ Ethereal Info
<section id="GettingHelp"><title>Getting Help</title>
<para>
Community support is available on the ethereal-users mailing list.
Community support is available on the wireshark-users mailing list.
Subscription information and archives for all of Ethereal's mailing
lists can be found on <ulink url="http://www.ethereal.com/lists/">the
lists can be found on <ulink url="http://www.wireshark.org/lists/">the
web site</ulink>. There is also an <ulink url="irc://irc.freenode.net/ethereal">IRC channel dedicated to Ethereal</ulink>.
</para>
<para>
@ -210,7 +210,7 @@ Ethereal Info
<section id="FAQ"><title>Frequently Asked Questions</title>
<para>
A complete FAQ is available on the
<ulink url="http://www.ethereal.com/faq.html">Ethereal web site</ulink>.
<ulink url="http://www.wireshark.org/faq.html">Ethereal web site</ulink>.
</para>
</section>

20
docbook/wsug_src/WSUG_app_files.xml
View File

@ -39,7 +39,7 @@
<entry><command>preferences</command></entry>
<entry>Settings from the Preferences dialog box.</entry>
<entry>/etc/ethereal.conf, $HOME/.ethereal/preferences</entry>
<entry>%ETHEREAL%\ethereal.conf, %APPDATA%\Wireshark\preferences</entry>
<entry>%WIRESHARK%\ethereal.conf, %APPDATA%\Wireshark\preferences</entry>
</row>
<row>
<entry><command>recent</command></entry>
@ -51,37 +51,37 @@
<entry><command>cfilters</command></entry>
<entry>Capture filters.</entry>
<entry>$HOME/.ethereal/cfilters</entry>
<entry>%ETHEREAL%\cfilters, %APPDATA%\Wireshark\cfilters</entry>
<entry>%WIRESHARK%\cfilters, %APPDATA%\Wireshark\cfilters</entry>
</row>
<row>
<entry><command>dfilters</command></entry>
<entry>Display filters.</entry>
<entry>$HOME/.ethereal/dfilters</entry>
<entry>%ETHEREAL%\dfilters, %APPDATA%\Wireshark\dfilters</entry>
<entry>%WIRESHARK%\dfilters, %APPDATA%\Wireshark\dfilters</entry>
</row>
<row>
<entry><command>colorfilters</command></entry>
<entry>Coloring rules.</entry>
<entry>$HOME/.ethereal/colorfilters</entry>
<entry>%ETHEREAL%\colorfilters, %APPDATA%\Wireshark\colorfilters</entry>
<entry>%WIRESHARK%\colorfilters, %APPDATA%\Wireshark\colorfilters</entry>
</row>
<row>
<entry><command>disabled_protos</command></entry>
<entry>Disabled protocols.</entry>
<entry>$HOME/.ethereal/disabled_protos</entry>
<entry>%ETHEREAL%\disabled_protos, %APPDATA%\Wireshark\disabled_protos</entry>
<entry>%WIRESHARK%\disabled_protos, %APPDATA%\Wireshark\disabled_protos</entry>
</row>
<row>
<entry><command>ethers</command></entry>
<entry>Ethernet name resolution.</entry>
<entry>/etc/ethers, $HOME/.ethereal/ethers</entry>
<entry>%ETHEREAL%\ethers, %APPDATA%\Wireshark\ethers</entry>
<entry>%WIRESHARK%\ethers, %APPDATA%\Wireshark\ethers</entry>
</row>
<row>
<entry><command>manuf</command></entry>
<entry>Ethernet name resolution.</entry>
<entry>/etc/manuf</entry>
<entry>%ETHEREAL%\manuf</entry>
<entry>%WIRESHARK%\manuf</entry>
</row>
<row>
<entry><command>hosts</command></entry>
@ -93,7 +93,7 @@
<entry><command>ipxnets</command></entry>
<entry>IPX name resolution.</entry>
<entry>$HOME/.ethereal/ipxnets</entry>
<entry>%ETHEREAL%\ipxnets</entry>
<entry>%WIRESHARK%\ipxnets</entry>
</row>
<row>
<entry><command>plugins</command></entry>
@ -102,7 +102,7 @@
/usr/local/share/ethereal/plugins,
$HOME/.ethereal/plugins
</entry>
<entry>%ETHEREAL%\plugins\&lt;version&gt;,
<entry>%WIRESHARK%\plugins\&lt;version&gt;,
%APPDATA%\Wireshark\plugins</entry>
</row>
<row>
@ -119,7 +119,7 @@
%APPDATA% points to the personal configuration folder, typically
<filename>C:\Documents and Settings\&lt;username&gt;\Application Data</filename>
(for further details, have a look at <xref linkend="ChWindowsProfiles"/>),
%ETHEREAL% points to the Wireshark program folder, typically
%WIRESHARK% points to the Wireshark program folder, typically
<filename>C:\Program Files\Wireshark</filename>
</para>
</note>

2
docbook/wsug_src/WSUG_app_tools.xml
View File

@ -813,7 +813,7 @@ where &lt;input-filename&gt; specifies input filename (use - for standard input)
<para>
It is also COOL to work on a great Open Source project such as
the case with "Wireshark" (
<ulink url="http://www.ethereal.com">http://www.ethereal.com</ulink>
<ulink url="http://www.wireshark.org">http://www.wireshark.org</ulink>
)
</para>
</section>

4
docbook/wsug_src/WSUG_chapter_advanced.xml
View File

@ -683,7 +683,7 @@
<para><command>DNS/ADNS name resolution (system/library service)</command>
Wireshark will ask the operating system (or the ADNS library),
to convert an IP address to the hostname associated with it
(e.g. 65.208.228.223 -> www.ethereal.com). The DNS service is using
(e.g. 65.208.228.223 -> www.wireshark.org). The DNS service is using
synchronous calls to the DNS server. So Wireshark will stop responding
until a response to a DNS request is returned. If possible, you might
consider using the ADNS library (which won't wait for a network response).
@ -724,7 +724,7 @@
<para><command>hosts name resolution (hosts file)</command>
If DNS name resolution failed, Wireshark will try to convert an IP address
to the hostname associated with it, using an hosts file provided by the
user (e.g. 65.208.228.223 -> www.ethereal.com).
user (e.g. 65.208.228.223 -> www.wireshark.org).
</para>
</section>

28
docbook/wsug_src/WSUG_chapter_build_install.xml
View File

@ -285,22 +285,22 @@ apt-get install ethereal
version of UNIX uses GNU <command>tar</command>, you can use the
following command:
<programlisting>
tar zxvf ethereal-&WiresharkCurrentVersion;-tar.gz
tar zxvf wireshark-&WiresharkCurrentVersion;-tar.gz
</programlisting>
</para>
<para>
For other versions of UNIX, You will want to use the following
commands:
<programlisting>
gzip -d ethereal-&WiresharkCurrentVersion;-tar.gz
tar xvf ethereal-&WiresharkCurrentVersion;-tar
gzip -d wireshark-&WiresharkCurrentVersion;-tar.gz
tar xvf wireshark-&WiresharkCurrentVersion;-tar
</programlisting>
<note>
<title>Note!</title>
<para>
The pipeline
<command>
gzip -dc ethereal-&WiresharkCurrentVersion;-tar.gz | tar xvf -
gzip -dc wireshark-&WiresharkCurrentVersion;-tar.gz | tar xvf -
</command> will work here as well.
</para>
</note>
@ -375,7 +375,7 @@ make install
Use the following command to install the Wireshark RPM that you have
downloaded from the Wireshark web site:
<programlisting>
rpm -ivh ethereal-0.10.5-0.2.2.i386.rpm
rpm -ivh wireshark-0.10.5-0.2.2.i386.rpm
</programlisting>
If the above step fails because of missing dependencies, install the
dependencies first, and then retry the step above. See
@ -426,7 +426,7 @@ apt-get install ethereal
</para>
<para>
If you cannot determine what the problems are, send mail to the
<command>ethereal-dev</command> mailing list explaining your problem,
<command>wireshark-dev</command> mailing list explaining your problem,
and including the output from <filename>config.log</filename> and
anything else you think is relevant, like a trace of the
<command>make</command> stage.
@ -442,7 +442,7 @@ apt-get install ethereal
<para>
For further information how to build Wireshark for Windows from the
sources, have a look at the Development Wiki:
<ulink url="http://wiki.ethereal.com/Development">http://wiki.ethereal.com/Development</ulink>
<ulink url="http://wiki.wireshark.org/Development">http://wiki.wireshark.org/Development</ulink>
for the latest available development documentation.
</para>
</section>
@ -457,7 +457,7 @@ apt-get install ethereal
<title>Install Wireshark</title>
<para>
You may acquire a binary installer of Wireshark named something like:
<filename>ethereal-setup-x.y.z.exe</filename>.
<filename>wireshark-setup-x.y.z.exe</filename>.
</para>
<para>
Simply download the Wireshark installer from:
@ -522,7 +522,7 @@ apt-get install ethereal
</itemizedlist>
<para> Example:
<programlisting>
ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\Program Files\Foo
wireshark-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\Program Files\Foo
</programlisting>
</para>
</section>
@ -569,7 +569,7 @@ ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\P
<listitem><para>
<command>Mate - Meta Analysis and Tracing Engine</command> - user
configurable extension(s) of the display filter engine, see
<ulink url="http://wiki.ethereal.com/Mate">http://wiki.ethereal.com/Mate</ulink>
<ulink url="http://wiki.wireshark.org/Mate">http://wiki.wireshark.org/Mate</ulink>
for details.
</para></listitem>
<listitem><para>
@ -639,7 +639,7 @@ ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\P
<itemizedlist>
<listitem><para>
Wireshark related:
<ulink url="http://wiki.ethereal.com/WinPcap">http://wiki.ethereal.com/WinPcap</ulink>
<ulink url="http://wiki.wireshark.org/WinPcap">http://wiki.wireshark.org/WinPcap</ulink>
</para></listitem>
<listitem><para>
General WinPcap info:
@ -663,9 +663,9 @@ ethereal-setup-0.10.13.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\P
<ulink url="&WinPcapWebsite;">&WinPcapWebsite;</ulink>
</para></listitem>
<listitem><para>
The ethereal.com mirror:
<ulink url="http://winpcap.mirror.ethereal.com">
http://winpcap.mirror.ethereal.com</ulink>
The wireshark.org mirror:
<ulink url="http://winpcap.mirror.wireshark.org">
http://winpcap.mirror.wireshark.org</ulink>
</para></listitem>
<listitem><para>
The Wiretapped.net mirror:

2
docbook/wsug_src/WSUG_chapter_capture.xml
View File

@ -56,7 +56,7 @@
</para>
<tip><title>Tip!</title><para>
A comprehensive guide "How To setup a Capture" is available at:
<ulink url="http://wiki.ethereal.com/CaptureSetup">http://wiki.ethereal.com/CaptureSetup</ulink>.
<ulink url="http://wiki.wireshark.org/CaptureSetup">http://wiki.wireshark.org/CaptureSetup</ulink>.
</para></tip>
<para>
Here are some common pitfalls:

8
docbook/wsug_src/WSUG_chapter_introduction.xml
View File

@ -273,7 +273,7 @@
</para>
<para>
If you want to be notified about new Wireshark releases, you should
subscribe to the ethereal-announce mailing list. You will find more
subscribe to the wireshark-announce mailing list. You will find more
details in <xref linkend="ChIntroMailingLists"/>.
</para>
</section>
@ -455,7 +455,7 @@
<para>
There are several mailing lists of specific Wireshark topics available:
<variablelist>
<varlistentry><term><command>ethereal-announce</command></term>
<varlistentry><term><command>wireshark-announce</command></term>
<listitem>
<para>
This mailing list will inform you about new program
@ -463,7 +463,7 @@
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>ethereal-users</command></term>
<varlistentry><term><command>wireshark-users</command></term>
<listitem>
<para>
This list is for users of Wireshark. People post
@ -472,7 +472,7 @@
</para>
</listitem>
</varlistentry>
<varlistentry><term><command>ethereal-dev</command></term>
<varlistentry><term><command>wireshark-dev</command></term>
<listitem>
<para>
This list is for Wireshark developers. If you want to start

2
docbook/wsug_src/WSUG_chapter_statistics.xml
View File

@ -499,7 +499,7 @@
</para>
<para>
Some of these statistics are described at the
<ulink url="http://wiki.ethereal.com/Statistics"/> pages.
<ulink url="http://wiki.wireshark.org/Statistics"/> pages.
</para>
</section>

2
doxygen.cfg.in
View File

@ -60,6 +60,6 @@ EXCLUDE_PATTERNS =
# can add a path in front of the file if the result should not be
# written to the html output directory.
CHM_FILE = ethereal-gtk.chm
CHM_FILE = wireshark-gtk.chm
@INCLUDE = doxygen_global.cfg

2
epan/dfilter/README.dfilter
View File

@ -21,7 +21,7 @@ display filter engine.
Example: add an 'in' display filter operation
=============================================
This example has been discussed on ethereal-dev in April 2004. It illustrates
This example has been discussed on wireshark-dev in April 2004. It illustrates
how a more complex operation can be added to the display filter language.
Question:

2
epan/dissectors/pidl/packet-dcerpc-atsvc.c
View File

@ -5,7 +5,7 @@
Pidl is a perl based IDL compiler for DCE/RPC idl files.
It is maintained by the Samba team, not the Wireshark team.
Instructions on how to download and install Pidl can be
found at http://wiki.ethereal.com/Pidl
found at http://wiki.wireshark.org/Pidl
*/

2
epan/dissectors/pidl/packet-dcerpc-atsvc.h
View File

@ -7,7 +7,7 @@
Pidl is a perl based IDL compiler for DCE/RPC idl files.
It is maintained by the Samba team, not the Wireshark team.
Instructions on how to download and install Pidl can be
found at http://wiki.ethereal.com/Pidl
found at http://wiki.wireshark.org/Pidl
*/

2
epan/dissectors/pidl/packet-dcerpc-initshutdown.c
View File

@ -5,7 +5,7 @@
Pidl is a perl based IDL compiler for DCE/RPC idl files.
It is maintained by the Samba team, not the Wireshark team.
Instructions on how to download and install Pidl can be
found at http://wiki.ethereal.com/Pidl
found at http://wiki.wireshark.org/Pidl
*/

2
epan/dissectors/pidl/packet-dcerpc-initshutdown.h
View File

@ -7,7 +7,7 @@
Pidl is a perl based IDL compiler for DCE/RPC idl files.
It is maintained by the Samba team, not the Wireshark team.
Instructions on how to download and install Pidl can be
found at http://wiki.ethereal.com/Pidl
found at http://wiki.wireshark.org/Pidl
*/

2
epan/dissectors/pidl/packet-dcerpc-winreg.c
View File

@ -5,7 +5,7 @@
Pidl is a perl based IDL compiler for DCE/RPC idl files.
It is maintained by the Samba team, not the Wireshark team.
Instructions on how to download and install Pidl can be
found at http://wiki.ethereal.com/Pidl
found at http://wiki.wireshark.org/Pidl
*/

2
epan/dissectors/pidl/packet-dcerpc-winreg.h
View File

@ -7,7 +7,7 @@
Pidl is a perl based IDL compiler for DCE/RPC idl files.
It is maintained by the Samba team, not the Wireshark team.
Instructions on how to download and install Pidl can be
found at http://wiki.ethereal.com/Pidl
found at http://wiki.wireshark.org/Pidl
*/

2
epan/doxygen.cfg.in
View File

@ -1,7 +1,7 @@
# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
# by quotes) that should identify the project.
PROJECT_NAME = Ethereal-Epan
PROJECT_NAME = Wireshark-Epan
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or

16
gtk/Makefile.am
View File

@ -1,5 +1,5 @@
# Makefile.am
# Automake file for the GTK interface routines for Ethereal
# Automake file for the GTK interface routines for Wireshark
#
# $Id$
#
@ -33,9 +33,9 @@ MAINTAINERCLEANFILES = \
$(GENERATED_FILES) \
Makefile.in
ethereal-tap-register.c: $(ETHEREAL_TAP_SRC) $(top_srcdir)/make-tapreg-dotc
@echo Making ethereal-tap-register.c
@$(top_srcdir)/make-tapreg-dotc ethereal-tap-register.c $(srcdir) $(ETHEREAL_TAP_SRC)
wireshark-tap-register.c: $(WIRESHARK_TAP_SRC) $(top_srcdir)/make-tapreg-dotc
@echo Making wireshark-tap-register.c
@$(top_srcdir)/make-tapreg-dotc wireshark-tap-register.c $(srcdir) $(WIRESHARK_TAP_SRC)
noinst_HEADERS = \
about_dlg.h \
@ -108,16 +108,16 @@ noinst_HEADERS = \
if USE_GTK2
libui_a_SOURCES = \
$(ETHEREAL_GTK_SRC) \
$(WIRESHARK_GTK_SRC) \
$(noinst_HEADERS) \
$(ETHEREAL_TAP_SRC)
$(WIRESHARK_TAP_SRC)
else
libui_a_SOURCES = \
ethclist.c \
ethclist.h \
$(ETHEREAL_GTK_SRC) \
$(WIRESHARK_GTK_SRC) \
$(noinst_HEADERS) \
$(ETHEREAL_TAP_SRC)
$(WIRESHARK_TAP_SRC)
endif
libui_a_DEPENDENCIES =

8
gtk/Makefile.common
View File

@ -29,7 +29,7 @@ GENERATED_HEADER_FILES =
# Generated C source files that we want in the distribution.
GENERATED_C_FILES = \
ethereal-tap-register.c
wireshark-tap-register.c
# All the generated files we want in the distribution.
GENERATED_FILES = $(GENERATED_HEADER_FILES) $(GENERATED_C_FILES)
@ -38,7 +38,7 @@ GENERATED_FILES = $(GENERATED_HEADER_FILES) $(GENERATED_C_FILES)
# ethclist.obj is not in here because it is currently gtk+-1.2-only
# code, while the DLL for GTK+ on Windows is gtk+-1.3 or gtk+-2.x.
#
ETHEREAL_GTK_SRC = \
WIRESHARK_GTK_SRC = \
about_dlg.c \
capture_dlg.c \
capture_file_dlg.c \
@ -57,7 +57,7 @@ ETHEREAL_GTK_SRC = \
dfilter_expr_dlg.c \
dlg_utils.c \
drag_and_drop.c \
ethereal-tap-register.c \
wireshark-tap-register.c \
expert_comp_table.c \
file_dlg.c \
fileset_dlg.c \
@ -108,7 +108,7 @@ ETHEREAL_GTK_SRC = \
webbrowser.c
ETHEREAL_TAP_SRC = \
WIRESHARK_TAP_SRC = \
afp_stat.c \
ansi_a_stat.c \
ansi_map_stat.c \

26
gtk/Makefile.nmake
View File

@ -1,4 +1,4 @@
## Makefile for building ethereal.exe with Microsoft C and nmake
## Makefile for building wireshark.exe with Microsoft C and nmake
## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
#
# $Id$
@ -18,8 +18,8 @@ CFLAGS=-DHAVE_CONFIG_H /I.. /I../wiretap $(GTK_CFLAGS) $(GNUTLS_CFLAGS) \
CVARSDLL=-DWIN32 -DNULL=0 -D_MT -D_DLL
!IFDEF ETHEREAL_EUG_DIR
EUG_CFLAGS=-DETHEREAL_EUG_DIR
!IFDEF WIRESHARK_EUG_DIR
EUG_CFLAGS=-DWIRESHARK_EUG_DIR
!ENDIF
.c.obj::
@ -29,28 +29,28 @@ include Makefile.common
# if you add files here, be sure to include them also in Makefile.am EXTRA_DIST
ETHEREAL_WIN32_GTK_SRC = \
$(ETHEREAL_GTK_SRC) \
WIRESHARK_WIN32_GTK_SRC = \
$(WIRESHARK_GTK_SRC) \
print_mswin.c \
win32-file-dlg.c
ETHEREAL_TAP_OBJECTS = $(ETHEREAL_TAP_SRC:.c=.obj)
WIRESHARK_TAP_OBJECTS = $(WIRESHARK_TAP_SRC:.c=.obj)
ETHEREAL_WIN32_GTK_OBJECTS = $(ETHEREAL_WIN32_GTK_SRC:.c=.obj)
WIRESHARK_WIN32_GTK_OBJECTS = $(WIRESHARK_WIN32_GTK_SRC:.c=.obj)
libui.lib : ..\config.h $(ETHEREAL_WIN32_GTK_OBJECTS) $(ETHEREAL_TAP_OBJECTS)
link /lib /out:libui.lib $(ETHEREAL_WIN32_GTK_OBJECTS) $(ETHEREAL_TAP_OBJECTS)
libui.lib : ..\config.h $(WIRESHARK_WIN32_GTK_OBJECTS) $(WIRESHARK_TAP_OBJECTS)
link /lib /out:libui.lib $(WIRESHARK_WIN32_GTK_OBJECTS) $(WIRESHARK_TAP_OBJECTS)
ethereal-tap-register.c: $(ETHEREAL_TAP_SRC) ../make-tapreg-dotc Makefile.common
@echo Making ethereal-tap-register.c
@$(SH) ../make-tapreg-dotc ethereal-tap-register.c . $(ETHEREAL_TAP_SRC)
wireshark-tap-register.c: $(WIRESHARK_TAP_SRC) ../make-tapreg-dotc Makefile.common
@echo Making wireshark-tap-register.c
@$(SH) ../make-tapreg-dotc wireshark-tap-register.c . $(WIRESHARK_TAP_SRC)
clean:
rm -f $(ETHEREAL_WIN32_GTK_OBJECTS) $(ETHEREAL_TAP_OBJECTS) libui.lib $(PDB_FILE) doxygen.cfg html/*.*
rm -f $(WIRESHARK_WIN32_GTK_OBJECTS) $(WIRESHARK_TAP_OBJECTS) libui.lib $(PDB_FILE) doxygen.cfg html/*.*
if exist html rmdir html
distclean: clean

4
gtk/doxygen.cfg.in
View File

@ -1,7 +1,7 @@
# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
# by quotes) that should identify the project.
PROJECT_NAME = Ethereal-GTK
PROJECT_NAME = Wireshark-GTK
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or
@ -60,6 +60,6 @@ EXCLUDE_PATTERNS =
# can add a path in front of the file if the result should not be
# written to the html output directory.
CHM_FILE = ethereal-gtk.chm
CHM_FILE = wireshark-gtk.chm
@INCLUDE = ../doxygen_global.cfg

2
gtk/gui_utils.c
View File

@ -100,7 +100,7 @@ static gboolean window_geom_load(const gchar *name, window_geometry_t *geom);
or class name specified by the WM_CLASS property and base the
choice of icon for the window on one of those; WM_CLASS for
Wireshark's windows has a resource name of "ethereal" and a class
name of "Ethereal". However, the way that's done is window-manager-
name of "Wireshark". However, the way that's done is window-manager-
specific, and there's no way to determine what size a particular
window manager would want, so there's no way to automate this as
part of the installation of Wireshark.

12
gtk/win32-file-dlg.c
View File

@ -180,7 +180,7 @@ win32_open_file (HWND h_wnd) {
OFN_ENABLEHOOK;
ofn.lpstrDefExt = NULL;
ofn.lpfnHook = open_file_hook_proc;
ofn.lpTemplateName = _T("ETHEREAL_OPENFILENAME_TEMPLATE");
ofn.lpTemplateName = _T("WIRESHARK_OPENFILENAME_TEMPLATE");
/* XXX - Get our filter */
@ -233,7 +233,7 @@ win32_save_as_file(HWND h_wnd, action_after_save_e action_after_save, gpointer a
OFN_PATHMUSTEXIST | OFN_ENABLEHOOK;
ofn.lpstrDefExt = NULL;
ofn.lpfnHook = save_as_file_hook_proc;
ofn.lpTemplateName = _T("ETHEREAL_SAVEFILENAME_TEMPLATE");
ofn.lpTemplateName = _T("WIRESHARK_SAVEFILENAME_TEMPLATE");
if (GetSaveFileName(&ofn)) {
g_sf_hwnd = NULL;
@ -324,7 +324,7 @@ win32_merge_file (HWND h_wnd) {
OFN_ENABLEHOOK;
ofn.lpstrDefExt = NULL;
ofn.lpfnHook = merge_file_hook_proc;
ofn.lpTemplateName = _T("ETHEREAL_MERGEFILENAME_TEMPLATE");
ofn.lpTemplateName = _T("WIRESHARK_MERGEFILENAME_TEMPLATE");
if (GetOpenFileName(&ofn)) {
filetype = cfile.cd_t;
@ -426,7 +426,7 @@ win32_export_file(HWND h_wnd, export_type_e export_type) {
OFN_PATHMUSTEXIST | OFN_ENABLEHOOK;
ofn.lpstrDefExt = NULL;
ofn.lpfnHook = export_file_hook_proc;
ofn.lpTemplateName = _T("ETHEREAL_EXPORTFILENAME_TEMPLATE");
ofn.lpTemplateName = _T("WIRESHARK_EXPORTFILENAME_TEMPLATE");
/* Fill in our print (and export) args */
@ -526,7 +526,7 @@ win32_export_raw_file(HWND h_wnd) {
ofn.lpstrDefExt = NULL;
ofn.lCustData = cfile.finfo_selected->length;
ofn.lpfnHook = export_raw_file_hook_proc;
ofn.lpTemplateName = _T("ETHEREAL_EXPORTRAWFILENAME_TEMPLATE");
ofn.lpTemplateName = _T("WIRESHARK_EXPORTRAWFILENAME_TEMPLATE");
/*
* XXX - The GTK+ code uses get_byte_view_data_and_length(). We just
@ -884,7 +884,7 @@ preview_set_filename(HWND of_hwnd, gchar *preview_file) {
}
// XXX - Copied from "filter-util.c" in the ethereal-win32 branch
// XXX - Copied from "filter-util.c" in the wireshark-win32 branch
/* XXX - The only reason for the "filter_text" parameter is to be able to feed
* in the "real" filter string in the case of a CBN_SELCHANGE notification message.
*/

32
help/faq.txt
View File

@ -2,7 +2,7 @@
The Wireshark FAQ
Note: This is just an ASCII snapshot of the faq and may not be up to
date. Please go to http://www.ethereal.com/faq.html for the up
date. Please go to http://www.wireshark.org/faq.html for the up
to date version. The version of this snapshot can be found at
the end of this document.
@ -237,9 +237,9 @@
Q 1.1: Where can I get help?
A: Community support is available on the ethereal-users mailing list.
A: Community support is available on the wireshark-users mailing list.
Subscription information and archives for all of Ethereal's mailing lists
can be found at http://www.ethereal.com/lists. An IRC channel dedicated to
can be found at http://www.wireshark.org/lists. An IRC channel dedicated to
Ethereal can be found at irc://irc.freenode.net/ethereal.
Commercial support, training, and development services are available from
@ -1080,7 +1080,7 @@ cies
it means "we don't know whether it can capture on them"; we expect that it
will be able to capture on many of them, but we haven't tried it ourselves -
if you try one of those types and it works, please send an update to
ethereal-web[AT]ethereal.com).
wireshark-web[AT]wireshark.org).
It can also read a variety of capture file formats, including:
* AG Group/WildPackets EtherPeek/TokenPeek/AiroPeek/EtherHelp/Packet
@ -1177,12 +1177,12 @@ cies
nonwithstanding; newer versions make it a bit clearer by giving that RPM a
name starting with wireshark-base.
In those older versions, there's a separate ethereal-gnome RPM that includes
In those older versions, there's a separate wireshark-gnome RPM that includes
GUI components such as Ethereal itself, the fact that Ethereal doesn't use
GNOME nonwithstanding; newer versions make it a bit clearer by giving that
RPM a name starting with wireshark-gtk+.
Find the ethereal-gnome or ethereal-gtk+ RPM, and install that also.
Find the wireshark-gnome or wireshark-gtk+ RPM, and install that also.
4. Building Ethereal
@ -1729,7 +1729,7 @@ cies
that release, as, if there's a bug of that sort, it might've been fixed in a
release after the one you're running. If the hang occurs in the most recent
release of Ethereal, the bug should be reported to the Wireshark developers'
mailing list at ethereal-dev@ethereal.com.
mailing list at wireshark-dev@wireshark.org.
On UNIX-flavored OSes, please try to force Ethereal to dump core, by sending
it a SIGABRT signal (usually signal 6) with the kill command, and then get a
@ -1839,7 +1839,7 @@ cies
mirror of the WinDump Web site for information on using WinDump.
You would run WinDump with the -D flag; if it lists the interface, please
report this to ethereal-dev@ethereal.com giving full details of the problem,
report this to wireshark-dev@wireshark.org giving full details of the problem,
including
* the operating system you're using, and the version of that operating
system;
@ -1862,7 +1862,7 @@ cies
local mirror of the WinDump Web site for information on using WinDump.
If you can capture on the interface with WinDump, send mail to
ethereal-users@ethereal.com giving full details of the problem, including
wireshark-users@wireshark.org giving full details of the problem, including
* the operating system you're using, and the version of that operating
system;
* the type of network device you're using;
@ -1879,7 +1879,7 @@ cies
there. If not, then see the WinPcap support page (or the local mirror of
that page) - check the "Submitting bugs" section.
You may also want to ask the ethereal-users@ethereal.com and the
You may also want to ask the wireshark-users@wireshark.org and the
winpcap-users@winpcap.org mailing lists to see if anybody happens to know
about the problem and know a workaround or fix for the problem. (Note that
you will have to subscribe to that list in order to be allowed to mail to
@ -2044,7 +2044,7 @@ cies
If the attempt to capture on it succeeds, the interface is somehow not being
reported by the mechanism Ethereal uses to get a list of interfaces; please
report this to ethereal-dev@ethereal.com giving full details of the problem,
report this to wireshark-dev@wireshark.org giving full details of the problem,
including
* the operating system you're using, and the version of that operating
system (for Linux, give both the version number of the kernel and the
@ -2057,7 +2057,7 @@ cies
that device with tcpdump.
If you can capture on the interface with tcpdump, send mail to
ethereal-users@ethereal.com giving full details of the problem, including
wireshark-users@wireshark.org giving full details of the problem, including
* the operating system you're using, and the version of that operating
system (for Linux, give both the version number of the kernel and the
name and version number of the distribution you're using);
@ -2074,7 +2074,7 @@ cies
produces the OS (in the case of a Linux distribution, report the problem to
whoever produces the distribution).
You may also want to ask the ethereal-users@ethereal.com and the
You may also want to ask the wireshark-users@wireshark.org and the
tcpdump-workers@tcpdump.org mailing lists to see if anybody happens to know
about the problem and know a workaround or fix for the problem. In your
mail, please give full details of the problem, as described above, and also
@ -2187,7 +2187,7 @@ cies
boring. Where can I find more interesting captures?
A: We have a collection of strange and exotic sample capture files at
http://wiki.ethereal.com/SampleCaptures
http://wiki.wireshark.org/SampleCaptures
Q 11.3: Why doesn't Ethereal correctly identify RTP packets? It shows them
only as UDP.
@ -2278,8 +2278,8 @@ cies
detect various viruses, worms, and the like.
Please send support questions about Ethereal to the
ethereal-users[AT]ethereal.com mailing list.
wireshark-users[AT]wireshark.org mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal
support questions), please send email to ethereal-web[AT]ethereal.com.
support questions), please send email to wireshark-web[AT]wireshark.org.
Last modified: Thu, February 23 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.

4
help/getting_started.txt
View File

@ -27,7 +27,7 @@ This can be achieved by two methods:
-open an already existing capture file
-capture something from your own network
It might be easier to start with an example capture file from "http://www.ethereal.com/sample" before capturing your own data.
It might be easier to start with an example capture file from "http://www.wireshark.org/sample" before capturing your own data.
You can open a capture file through the menu "File->Open..." (or the toolbar).
@ -83,6 +83,6 @@ Conclusion
----------
There are a lot more features than described here. Just have a look at the menus to see them all. :-)
For more information about Ethereal, see: "http://www.ethereal.com". You can get a user's guide and other useful information there.
For more information about Ethereal, see: "http://www.wireshark.org". You can get a user's guide and other useful information there.
We hope this helped you with the first steps of using Ethereal and that you will enjoy using this program.

2
help/overview.txt
View File

@ -2,7 +2,7 @@ Wireshark is a GUI network protocol analyzer.
It lets you interactively browse packet data from a live network or from a previously saved capture file.
See: http://www.ethereal.com for new versions, documentation, ...
See: http://www.wireshark.org for new versions, documentation, ...
Ethereal's native capture file format is libpcap format, which is also the format used by tcpdump and various other tools. So Ethereal can read capture files from:

10
image/win32-file-dlg.rc
View File

@ -2,7 +2,7 @@
#include "richedit.h"
#include "gtk/win32-file-dlg.h"
ETHEREAL_OPENFILENAME_TEMPLATE DIALOG 0, 0, 368, 94
WIRESHARK_OPENFILENAME_TEMPLATE DIALOG 0, 0, 368, 94
STYLE WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | DS_3DLOOK | DS_CONTROL
FONT 8, "MS Shell Dlg"
{
@ -28,7 +28,7 @@ FONT 8, "MS Shell Dlg"
LTEXT "-", EWFD_PTX_ELAPSED, 211, 79, 150, 8
}
ETHEREAL_SAVEFILENAME_TEMPLATE DIALOG 0, 0, 368, 116
WIRESHARK_SAVEFILENAME_TEMPLATE DIALOG 0, 0, 368, 116
STYLE WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | DS_3DLOOK | DS_CONTROL
FONT 8, "MS Shell Dlg"
{
@ -62,7 +62,7 @@ FONT 8, "MS Shell Dlg"
LTEXT "0", EWFD_RANGE_DISP, 160, 93, 41, 8, SS_RIGHT
}
ETHEREAL_MERGEFILENAME_TEMPLATE DIALOG 0, 0, 368, 94
WIRESHARK_MERGEFILENAME_TEMPLATE DIALOG 0, 0, 368, 94
STYLE WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | DS_3DLOOK | DS_CONTROL
FONT 8, "MS Shell Dlg"
{
@ -88,7 +88,7 @@ FONT 8, "MS Shell Dlg"
LTEXT "-", EWFD_PTX_ELAPSED, 211, 79, 150, 8
}
ETHEREAL_EXPORTFILENAME_TEMPLATE DIALOG 0, 0, 319, 97
WIRESHARK_EXPORTFILENAME_TEMPLATE DIALOG 0, 0, 319, 97
STYLE WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | DS_3DLOOK | DS_CONTROL
FONT 8, "MS Shell Dlg"
{
@ -129,7 +129,7 @@ FONT 8, "MS Shell Dlg"
}
ETHEREAL_EXPORTRAWFILENAME_TEMPLATE DIALOG 0, 0, 200, 18
WIRESHARK_EXPORTRAWFILENAME_TEMPLATE DIALOG 0, 0, 200, 18
STYLE WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | DS_3DLOOK | DS_CONTROL
FONT 8, "MS Shell Dlg"
{

6
make-faq
View File

@ -3,7 +3,7 @@
# $Id$
#
# Make-faq - Creates a plain text version of the Wireshark FAQ
# from http://www.ethereal.com/faq.html
# from http://www.wireshark.org/faq.html
rm -f FAQ
cat >FAQ <<EOF
@ -11,7 +11,7 @@ cat >FAQ <<EOF
The Wireshark FAQ
Note: This is just an ASCII snapshot of the faq and may not be up to
date. Please go to http://www.ethereal.com/faq.html for the up
date. Please go to http://www.wireshark.org/faq.html for the up
to date version. The version of this snapshot can be found at
the end of this document.
@ -19,7 +19,7 @@ cat >FAQ <<EOF
EOF
lynx -dump -nolist "http://www.ethereal.com/faq.html" | sed -e '1,/^Index/d' >>FAQ
lynx -dump -nolist "http://www.wireshark.org/faq.html" | sed -e '1,/^Index/d' >>FAQ
echo
echo "Now verfiy everything is OK and copy FAQ to help/faq.txt"

4
manuf
View File

@ -9,7 +9,7 @@
# Laurent Deniel <laurent.deniel [AT] free.fr>
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald [AT] ethereal.com>
# By Gerald Combs <gerald [AT] wireshark.org>
# Copyright 1998 Gerald Combs
#
# This program is free software; you can redistribute it and/or
@ -9234,7 +9234,7 @@ EC:10:00 EnanceSour # Enance Source Co., Ltd. PC clones(?)
# $Id$
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald [AT] ethereal.com>
# By Gerald Combs <gerald [AT] wireshark.org>
# Copyright 1998 Gerald Combs
#
# This program is free software; you can redistribute it and/or

2
manuf.tmpl
View File

@ -6,7 +6,7 @@
# Laurent Deniel <laurent.deniel [AT] free.fr>
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald [AT] ethereal.com>
# By Gerald Combs <gerald [AT] wireshark.org>
# Copyright 1998 Gerald Combs
#
# This program is free software; you can redistribute it and/or

8
packaging/nsis/Makefile.nmake
View File

@ -37,16 +37,16 @@ DEST=wireshark
EXE=../../tshark.exe ../../editcap.exe \
!IFDEF GTK1_DIR
../../ethereal.exe \
../../wireshark.exe \
!ENDIF
!IFDEF GTK2_DIR
../../ethereal-gtk2.exe \
../../wireshark-gtk2.exe \
!ENDIF
../../text2pcap.exe ../../mergecap.exe ../../capinfos.exe WinPcap_3_1.exe
DLL=../../wiretap/wiretap-$(WTAP_VERSION).dll
DOC=../../doc/ethereal.html \
DOC=../../doc/wireshark.html \
../../doc/tshark.html \
../../doc/ethereal-filter.html \
../../doc/wireshark-filter.html \
../../doc/editcap.html \
../../doc/text2pcap.html \
../../doc/mergecap.html \

2
packaging/nsis/WinPcapPage.ini
View File

@ -49,7 +49,7 @@ Right=100
Top=120
Bottom=135
Text=What is WinPcap?
State=http://wiki.ethereal.com/WinPcap
State=http://wiki.wireshark.org/WinPcap
[Field 7]
Type=GroupBox

12
packaging/nsis/wireshark.nsi
View File

@ -330,8 +330,8 @@ File "..\..\AUTHORS-SHORT-FORMAT"
File "..\..\COPYING"
File "NEWS.txt"
File "..\..\manuf"
File "..\..\doc\ethereal.html"
File "..\..\doc\ethereal-filter.html"
File "..\..\doc\wireshark.html"
File "..\..\doc\wireshark-filter.html"
File "..\..\dumpcap.exe"
File "..\..\doc\dumpcap.html"
@ -478,8 +478,8 @@ CreateDirectory "$SMPROGRAMS\Wireshark"
Delete "$SMPROGRAMS\Wireshark\Wireshark Web Site.lnk"
;WriteINIStr "$SMPROGRAMS\Wireshark\Wireshark Web Site.url" "InternetShortcut" "URL" "http://www.wireshark.org/"
CreateShortCut "$SMPROGRAMS\Wireshark\Wireshark.lnk" "$INSTDIR\wireshark.exe" "" "$INSTDIR\wireshark.exe" 0 "" "" "The Wireshark Network Protocol Analyzer"
;CreateShortCut "$SMPROGRAMS\Wireshark\Wireshark Manual.lnk" "$INSTDIR\ethereal.html"
;CreateShortCut "$SMPROGRAMS\Wireshark\Display Filters Manual.lnk" "$INSTDIR\ethereal-filter.html"
;CreateShortCut "$SMPROGRAMS\Wireshark\Wireshark Manual.lnk" "$INSTDIR\wireshark.html"
;CreateShortCut "$SMPROGRAMS\Wireshark\Display Filters Manual.lnk" "$INSTDIR\wireshark-filter.html"
CreateShortCut "$SMPROGRAMS\Wireshark\Wireshark Program Directory.lnk" \
"$INSTDIR"
;CreateShortCut "$SMPROGRAMS\Wireshark\Uninstall Wireshark.lnk" "$INSTDIR\uninstall.exe"
@ -603,7 +603,7 @@ Section "Wireshark GTK1" SecWiresharkGTK1
SectionIn 2 RO
!endif
SetOutPath $INSTDIR
File "..\..\ethereal.exe"
File "..\..\wireshark.exe"
File "${GTK1_DIR}\lib\libgtk-0.dll"
File "${GTK1_DIR}\lib\libgdk-0.dll"
SectionEnd
@ -616,7 +616,7 @@ Section "Wireshark GTK2" SecWiresharkGTK2
SectionIn 1 RO
!endif
SetOutPath $INSTDIR
File /oname=wireshark.exe "..\..\ethereal-gtk2.exe"
File /oname=wireshark.exe "..\..\wireshark-gtk2.exe"
File "${GTK2_DIR}\bin\libgdk-win32-2.0-0.dll"
File "${GTK2_DIR}\bin\libgdk_pixbuf-2.0-0.dll"
File "${GTK2_DIR}\bin\libgtk-win32-2.0-0.dll"

8
packaging/rpm/SPECS/ethereal.spec.in → packaging/rpm/SPECS/wireshark.spec.in
View File

@ -9,12 +9,12 @@ Version: %ver
Release: %rel
License: GPL
Group: Networking/Utilities
Source: http://ethereal.com/distribution/all-versions/%{name}-%{version}.tar.gz
Source: http://wireshark.org/download/all-versions/%{name}-%{version}.tar.gz
Source1: %{name}.desktop
Source2: %{name}.png
URL: http://www.ethereal.com/
BuildRoot: /tmp/ethereal-%{PACKAGE_VERSION}-root
Packager: Gerald Combs <gerald[AT]ethereal.com>
URL: http://www.wireshark.org/
BuildRoot: /tmp/wireshark-%{PACKAGE_VERSION}-root
Packager: Gerald Combs <gerald[AT]wireshark.org>
Requires: gtk2
Requires: libpcap openssl

2
test/config.sh
View File

@ -27,7 +27,7 @@
ETH_BIN_PATH=../Debug_GTK2
# Tweak the following to your liking.
ETHEREAL=$ETH_BIN_PATH/ethereal
WIRESHARK=$ETH_BIN_PATH/ethereal
TSHARK=$ETH_BIN_PATH/tshark
CAPINFOS=$ETH_BIN_PATH/capinfos
DUMPCAP=$ETH_BIN_PATH/dumpcap

2
test/suite-capture.sh
View File

@ -187,7 +187,7 @@ capture_step_snapshot() {
ethereal_capture_suite() {
# Q: quit after cap, k: start capture immediately
DUT="$ETHEREAL -Q -k"
DUT="$WIRESHARK -Q -k"
test_step_add "Capture 10 packets" capture_step_10packets
# piping to stdout doesn't work with Ethereal and capturing!
#test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout

2
test/suite-io.sh
View File

@ -127,7 +127,7 @@ io_step_input_piping() {
ethereal_io_suite() {
# Q: quit after cap, k: start capture immediately
DUT="$ETHEREAL"
DUT="$WIRESHARK"
test_step_add "Input file" io_step_input_file
}

2
test/test.sh
View File

@ -39,7 +39,7 @@ source suite-capture.sh
test_step_prerequisites() {
NOTFOUND=0
for i in "$ETHEREAL" "$TSHARK" "$CAPINFOS" "$DUMPCAP" ; do
for i in "$WIRESHARK" "$TSHARK" "$CAPINFOS" "$DUMPCAP" ; do
if [ ! -x $i ]; then
echo "Couldn't find $i"
NOTFOUND=1

0
tools/EtherealXML.py → tools/WiresharkXML.py
View File

2
tools/fuzz-test.sh
View File

@ -32,7 +32,7 @@ MAX_VMEM=500000
ERR_PROB=0.02
# Trigger an abort if a dissector finds a bug.
# Uncomment to disable
ETHEREAL_ABORT_ON_DISSECTOR_BUG="True"
WIRESHARK_ABORT_ON_DISSECTOR_BUG="True"
# set some limits to the child processes, e.g. stop it if it's running longer then MAX_CPU_TIME seconds
# (ulimit is not supported well on cygwin and probably other platforms, e.g. cygwin shows some warnings)

2
tools/idl2wrs.sh
View File

@ -18,7 +18,7 @@
# GIOP/IIOP get_CDR_XXX API.
#
# Please see packet-giop.h in Wireshark distro for API description.
# Wireshark is available at http://www.ethereal.com/
# Wireshark is available at http://www.wireshark.org/
#
# Omniidl is part of the OmniOrb distribution, and is available at
# http://omniorb.sourceforge.net/

0
tools/pidl/lib/Parse/Pidl/Ethereal/Conformance.pm → tools/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm
View File

2
tools/pidl/lib/Parse/Pidl/Ethereal/NDR.pm → tools/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
View File

@ -810,7 +810,7 @@ sub Parse($$$$)
Pidl is a perl based IDL compiler for DCE/RPC idl files.
It is maintained by the Samba team, not the Wireshark team.
Instructions on how to download and install Pidl can be
found at http://wiki.ethereal.com/Pidl
found at http://wiki.wireshark.org/Pidl
*/
";

2
tools/pidl/pidl
View File

@ -384,7 +384,7 @@ usesgetlasterror, vararg, vi_progid, wire_marshal.
=head1 SEE ALSO
L<http://msdn.microsoft.com/library/en-us/rpc/rpc/field_attributes.asp>,
L<http://wiki.ethereal.com/DCE/RPC>,
L<http://wiki.wireshark.org/DCE/RPC>,
L<http://www.samba.org/>,
L<yapp(1)>

0
ethereal.desktop → wireshark.desktop
View File

2
wiretap/AUTHORS
View File

@ -3,7 +3,7 @@ Authors
Gilbert Ramirez <gram[AT]alumni.rice.edu>
Guy Harris <guy[AT]alum.mit.edu>
Olivier Abad <oabad[AT]noos.fr>
Gerald Combs <gerald[AT]ethereal.com>
Gerald Combs <gerald[AT]wireshark.org>
Joerg Mayer <jmayer[AT]loplof.de>
Tim Farley <tfarley[AT]iss.net>
Bert Driehuis <driehuis[AT]playbeing.org>

2
wiretap/README
View File

@ -5,7 +5,7 @@ libpcap, the current standard Unix library for packet capturing. Libpcap
is great in that it is very platform independent and has a wonderful
BPF optimizing engine. But it has some shortcomings as well. These
shortcomings came to a head during the development of Ethereal
(http://www.ethereal.com/), a packet analyzer. As such, I began developing
(http://www.wireshark.org/), a packet analyzer. As such, I began developing
wiretap so that:
1. The library can easily be amended with new packet filtering objects.

2
wka.tmpl
View File

@ -4,7 +4,7 @@
# $Id$
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald [AT] ethereal.com>
# By Gerald Combs <gerald [AT] wireshark.org>
# Copyright 1998 Gerald Combs
#
# This program is free software; you can redistribute it and/or