now), the capture file's header encapsulation type is set to 1 for Ethernet for
backwards compability only. These files use per-packet encapsulation types
instead. For now, set it to Unknown file encapsulation until we can find a
way to set it to WTAP_ENCAP_PER_PACKET without having to assert in wtap_read()
so the user can see that it is a per-packet encapulation in places such as
the capinfos program.
svn path=/trunk/; revision=31213
From me: Remove changes related to the ARP protocol because it doesn't
appear to be necessary for SocketCAN. Will add later if Felix says it is
needed.
svn path=/trunk/; revision=31196
"... a patch to make the netscaler wiretap code independent of the
host system endian-ness.
I have taken care of (1) reading and writing nstrace files (netscaler.c) and
(2) reading in dissector code (packet-nstrace.c) also."
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3540#c26
svn path=/trunk/; revision=31171
Added support for Solaris IPNET layer
From me:
Some code cleanup in packet-ipnet.c
Added packet-ipnet.c to CMakeFiles.txt
Added WTAP_ENCAP_IPNET to encap_table_base[]
svn path=/trunk/; revision=31159
to have been set. Do not set it to something g_mallocated in that case,
as that will cause a memory leak - the error string will not be freed by
the caller, as it's presumed not to have been set.
svn path=/trunk/; revision=31001
more than just dumping, indicate what stuff is used for dumping, and
note that it probably shouldn't be used for that (one should not have to
have a Catapult 2000 input file in order to write a Catapult 2000 output
file).
svn path=/trunk/; revision=30719
threads reading from two different wtap_t's in different threads.
file_externals_table considered unnecessary - a wtap_t has a member
specifically intended to point to private data.
Clean up indentation.
svn path=/trunk/; revision=30707
are any BSD/OS users still out there using Wireshark to read RFC 1483
ATM captures from BSD/OS, they can still do so, but all other users get
to read OpenBSD DLT_ENC captures, not just users *on* OpenBSD.
That also lets us simplify some hacks to deal with a link-layer type of
13 on Nokia IPSO captures.
svn path=/trunk/; revision=30159
on the stack! There is no guarantee that the header length won't cause a
buffer overflow - there could be a bug in some version of Surveyor
generating a bad file, there could be a future version of Surveyor that
has a really big pseudo-header, the file could've been written by
something other than Surveyor that has a bug in it, there could be a
file that's corrupted in transit, or there could be a deliberately
malformed packet trying to cause *Shark to execute arbitrary code.
Also, explicitly check for a too-short header length and fail with
WTAP_ERR_BAD_RECORD in that case.
Add some comments asking some questions about the header.
(The previous change was for bug 3856:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3856
not bug 3865.)
svn path=/trunk/; revision=29958
The Shomiti Wireless head was modified in a recent release such that wireshark
can no longer read Shomiti wireless capture files.
This new format is backwards compatible with the old format.
svn path=/trunk/; revision=29956
It's only beginnings, so epan is commented out in
the subdirs statement.
This is more a synch to avoid duplicate work and creating
conflicting patches to the cmake stuff.
svn path=/trunk/; revision=29666
Anders Broman