does capturing any more. (We will be inserting a call to give up
privileges after the pcap_open_live(), which should fix 2273; we're
currently only giving up privileges on platforms with libcap.)
svn path=/trunk/; revision=24345
a list of fields, prints the field values found in each packet.
Packet data can be specified as a libpcap DLT, e.g. "EN10MB" or an upper-layer protocol, e.g. "http".
svn path=/trunk/; revision=24339
The attached patch makes the Statistics -> RTP -> Show All Streams feature of
wireshark accessible via tshark.
I found it helpful in dealing with tons of RTP captures.
svn path=/trunk/; revision=24252
by tshark as well as Wireshark to fix compilation on Unix platforms.
This is due to the introduction of capture_sync.c (which calls
sync_pipe_errmsg_to_parent) to tshark_SOURCES in SVN revision 22969.
svn path=/trunk/; revision=22981
rewrite the tshark capture code almost completely, to use dumpcap instead of it's own pcap functionality.
This works on Win32 and should work on unix/linux (but I'm not sure here). Some stuff needs to be cleaned up, some more may need to be rewritten to specifically work with unix/win32. Futher work needs to be done at:
1. read filters (simply document current behaviour?)
2. event loop polling
3. privileges
4. code cleanup (e.g. in capture_loop.c)
Be prepared that tshark might not work as before / expected at least in the next days!
svn path=/trunk/; revision=22969
anywhere else). Instead of using getaddrinfo() and getnameinfo(),
promote inet_pton.c and inet_ntop.c to the top level and use those
routines instead.
(It's 2007, for crying out loud. Why is this even an issue?)
svn path=/trunk/; revision=22075
epan/filesystem.c
have get_plugin_dir() calling init_plugin_dir() if necessary
epan/epan.c and epan/report_err.c
move the report_failure family into the new report_err.c file, have epan_init() calling the initializer
epan/plugins.h and epan/proto.c
do not have init_plugins() calling the proto_reg functions instead do it in init_proto()
gtk/main.c and tshark.c
init_plugin_dir() has become suprefluous
capinfos.c and editcap.c
load the wiretap plugins
Makefiles
do what's needed to build withe the above changes.
svn path=/trunk/; revision=21935
- Update the wireless/AirPcap GUI code to support 802.11n as well as
some related upcoming code changes.
- Remove airpcap.h from the repository, since it exists in the AirPcap
devpack (and will be superseded Real Soon Now).
- Show the individual channel flag bits in radiotap.
Fix the 802.11n MCS set display.
This is a partial checkin, so hopefully nothing is broken.
svn path=/trunk/; revision=21831
in last year by Gianluca Varenni.
Add partial support for reading from named pipes (currently disabled).
Move utf_8to16() and utf_16to8() to a separate module (unicode-utils.[ch])
so that we don't have to cut and paste code in dumpcap.c.
Fix up whitespace.
svn path=/trunk/; revision=19291
is disabled by default, and can be enabled by setting AIRPCAP_CONFIG
in config.nmake. The code is currently limited to Windows, but should
be adaptable to other platforms.
The official announcement won't come until next week, so you'll have to
read the source for details. :)
svn path=/trunk/; revision=18928
by dumpcap and Ethereal (so that, on UN*X, the child process can report
a detailed "can't exec dumpcap" error).
Rename most of the "sync_pipe_XXX_to_parent()" routines, as they're also
in Tethereal, which doesn't have a sync pipe.
svn path=/trunk/; revision=17789
bypass Wiretap; that means we don't have to run the packet through
wtap_process_pcap_packet() and then undo that conversion in Wiretap if
we're just going to write it out, shortening the code path.
svn path=/trunk/; revision=17461
not available on all platforms. Include getopt.c in
EXTRA_ethereal_SOURCES and include getopt.h in EXTRA_ethereal_INCLUDES,
as we do with the other files that supply routines not available on all
platforms, rather than always including them in the source for dumpcap.
svn path=/trunk/; revision=17311
no longer needs util.c, so it no longer includes routines that use
host_ip_af(), so it no longer needs to define its own host_ip_af().
That also means dumpcap.c no longer needs to include <sys/socket.h>.
svn path=/trunk/; revision=17278
using dumpcap as the capture child for Ethereal.
dumpcap is a plain console application now, even for Win32 (so no WinMain, create_console and special piping stuff reguired). The undocumented command line option -Z will switch dumpcap into "child mode", using binary instead of plain text output messages to communicate with a parent Ethereal.
Ethereal's main.c no longer needs to distinguish between child mode or not, so some simplifying here.
capture_sync.c has to call dumpcap in a "hidden window" mode using CreateProcess instead of spawnvp, otherwise an uggly console window would appear. The handles created by _pipe doesn't seem to be inheritable for this function, using CreatePipe instead.
The file capture_loop.c is only needed by dumpcap, removed from Ethereal link objects.
Some debugging aid added and other minor cleanup done.
svn path=/trunk/; revision=17256
remove a lot of redundant code from tethereal and use (move) stuff from capture_loop.c instead.
concentrate common capture related code in capture_opts.c, e.g. trying to find the right interface to capture from (command line option, preference, first usable) instead of duplicating this code over several files.
remove redundant code from dumpcap.c
this also implements command line option -D (and indexed interfaces at -i) for Ethereal and Dumpcap (as we have it in Tethereal already for a while)
svn path=/trunk/; revision=16787
this way, the capture prefix will "logically" group the files together and file browsers will also group them
we may want to move the files into a subdir capture later
svn path=/trunk/; revision=16691
This way, the capture child don't need to now any of the packet_counter things (no epan/packet.h and all alike).
Currently the capture_info code will always open another wiretap file instance to build it's own counter values. This isn't optimized for now (next step: use data from cf_continue_tail() somehow).
svn path=/trunk/; revision=16669
this fortunately removes *a lot* of dependencies and make the resulting binary a lot smaller (and hopefully faster to load :-)
some more cleanup (like replacing // by /**/)
svn path=/trunk/; revision=16620
personal backup only, not meant for public testing!
I've copied main.c into dumpcap.c and carved out all things not needed
currently won't work as a command line tool, capture_loop.c wants an input pipe
console output is also very ugly and the whole code needs a lot of further cleanup
shouldn't break the unix build as I've only changed the nmake files so far, but who knows ...
svn path=/trunk/; revision=16615
necessary there.
Add a "cmdarg_err()" routine to report command-line option errors; it
creates a console if necessary, and prints the command name and the
trailing newline. Also add "cmdarg_err_cont()", which also creates a
console if necessary, and prints a trailing newline but no command name;
it's used to continue the message. Use those, rather than
"g_warning()", for errors.
That means that we no longer need to pass the command name to various
command-line argument parsing routines.
svn path=/trunk/; revision=16526
problems, and use the first routine in it in multiple places.
Get rid of DISSECTOR_SUPPORT_INCLUDES - just add its contents to
ETHEREAL_COMMON_INCLUDES.
svn path=/trunk/; revision=16109
directory to the epan directory. Some of them should perhaps ultimately
be moved to epan/dissectors, if they pertain only to stuff exported by a
particular dissector.
Fix Gerald's e-mail address in files we're moving.
svn path=/trunk/; revision=15844
filter as an argument on the command line and have a dialog box to enter
the display filter through the GUI. Use it for all stats using
"gtk_tap_dfilter_dlg_cb()".
Add a top-level "stat_menu.h" file to declare "REGISTER_STAT_GROUP_E"
for the benefit of the declaration of "register_dfilter_stat()" in the
top-level "tap_dfilter_dlg.h". Rename the "stat_menu.h" in the gtk
directory to "gtk_stat_menu.h", so as not to have two headers with the
same name.
Get rid of headers not declaring any functions not being used in the
module.
svn path=/trunk/; revision=15493
possible, and, for AFP replies, add in the frame with the request and
the time between those two frames.
Have AFP per-request-type RTT statistics, similar to SMB's statistics.
svn path=/trunk/; revision=15456
and "Statistics" menu items into "stat.h" and "stat.c", to separate them
from the core tapping APIs. A tap could conceivably not register as a
"-z" command-line argument or "Statistics" menu item, and a stat could
conceivably not be implemented as a tap, and dissectors that implement
tapping points don't need the UI-related stuff from "stat.h", they just
want the tap-related stuff in <epan/tap.h>.
svn path=/trunk/; revision=15427
Guy Harris