link-layer header types for interfaces; if special privileges are
necessary to open capture devices, Wireshark and TShark shouldn't have
those privileges, but dumpcap should.
svn path=/trunk/; revision=32104
used for this purpose and using it also prevents the 2 signals the child gets:
- the user's Ctrl-C (which is sent as a SIGINT to both *shark and its
child dumpcap)
- the signal *shark generates to shut down the child
from colliding (and running 2 signal handlers in the child).
It might be possible for tshark to not send the signal at all when it gets
SIGINT, but it doesn't do any harm now.
Also, do not call g_log() within the signal handler: doing so can cause
aborts (if g_log is being called by the process when the signal comes, the
2nd entrance into g_log is detected as a recursion).
This fixes https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2767
svn path=/trunk/; revision=29881
substitute our own (I wrote them all, so I can steal them from the
BSD-licensed libpcap if I want :-)). This means that
linktype_name_to_val() and linktype_val_to_name() are always available,
and we don't need to #ifdef use of them.
Use pcap_datalink_val_to_description() to get the description for a
particular DLT_ value, rather than mapping the DLT_ value to a
WTAP_ENCAP_ value and getting the description for the latter.
svn path=/trunk/; revision=27074
capinfos and dumpcap don't need to depend on libwireshark nor directly pull
in those modules). Because capinfos and editcap were only being linked with
privileges.c if we had plugins, this allows those programs to be linked when
someone is compiling --without-plugins.
svn path=/trunk/; revision=25640
libwireshark (and the plugins using those functions) do not depend on
wiretap on Windows.
While doing that, rename the eth_* functions to ws_*.
svn path=/trunk/; revision=25354
the right thing in Wireshark and TShark, as both of them call
epan_init() to set the appropriate "report an error" function.
That obviates the need to have TShark have its own private version of
simple_dialog().
Have cmdarg_err() just call failure_message() instead of duplicating the
code in failure_message().
svn path=/trunk/; revision=25201
1. Clean up dumpcap 'as a child' err msg handling so that:
- all err msgs are properly formatted when being sent
back to the parent.
- any log Critical, Warning, etc messages
are sent back to parent and are properly formatted.
2. Change handling of -w <...> slightly in capture_opts.c
so that wireshark provides a good error message if
there is a 'write permissions' issue on the file.
(Previously the error popup said only
"Child exited with status 2").
This fixes bug #2288.
Add some conditionalized DEBUG_CHILD_DUMPCAP code for
dumpcap debug logging to a file.
svn path=/trunk/; revision=24446
given file descriptor get duped to another descriptor.
Handle exec errors in sync_pipe_open_command() the same way they're
handled in sync_pipe_start(); that fixes bug 2177.
svn path=/trunk/; revision=24040
- retrieving the list of remote PCAP interfaces
- password authentication support
- UDP data fransfer
- packet sampling (available in WinPcap 4.x)
etc.
fix problem if non-default rpcap port is used
svn path=/trunk/; revision=23750
In capture_sync.c: Don't clobber the DLT value.
In packet-cops.c (modified by me): Instead of adding an item as a static,
mis-cast FT_UINT16 to the tree, add it as an FT_NONE.
In packet-802.11.c: Add the right address to the tree.
svn path=/trunk/; revision=23624
pipe instead of stdin. Add an argument (currently the parent PID) back
to the "-Z" flag and use it to construct the pipe name. This lets us
pass the parent's stdin handle to dumpcap, which lets us capture from
stdin on Windows. Add a comment about checking for the parent process.
In capture_loop.c, remove the wait_forever argument from cap_pipe_select()
since it was always FALSE. Set the timeout under Windows to 250 ms
instead of 250000 ms.
svn path=/trunk/; revision=23279
dumpcap, when using it as a capture child; leave the standard output
alone, in case tshark was told to write the capture to the standard
error.
Get rid of the argument to the "-Z" option to dumpcap; it might not work
on Windows.
svn path=/trunk/; revision=23124
this in the GUI rather than calling pcap_stats() directly. This gets rid
of the last pcap_open_live() call in the GUI code. Update
README.packaging.
svn path=/trunk/; revision=22443
that "-D" and "-L" should produce machine-readable output. Use this to
move an indirect get_pcap_linktype() call from the GUI to dumpcap.
svn path=/trunk/; revision=22367
Add a capture_interface_list(), which works similar to
get_interface_list() except that it forks dumpcap instead of calling
the pcap routines directly. Use it in the GUI.
Add a "-I" flag to dumpcap, which prints out verbose interface
information.
Tested under Windows and Linux.
svn path=/trunk/; revision=22071
directory and most of the plugins to match the same command
put in the Makefile.nmake files for Windows compliations. Fix
a few warnings when compiling under gcc 3.4.4 on FreeBSD. Create
new automake file variable called USING_GCC in configure.in and
wiretap/configure.in to acomplish the above -Werror addition.
svn path=/trunk/; revision=21127
programs, by reporting it with a dialog box that at least attempts to
indicate what the problem is, and by giving up early on running dumpcap.
svn path=/trunk/; revision=18051
by dumpcap and Ethereal (so that, on UN*X, the child process can report
a detailed "can't exec dumpcap" error).
Rename most of the "sync_pipe_XXX_to_parent()" routines, as they're also
in Tethereal, which doesn't have a sync pipe.
svn path=/trunk/; revision=17789
I've also changed the way the secondary error message is transported from former "header message 0 secondary 0" to "header header message 0 header secondary 0" as that might be a bit more clearer, and I'll need it for further development anyway.
I was using this while debugging and not recognizing the real problem - for about four hours :-(. I'll need this feature when doing the interface (and link layer type) browsing later (transferring this data from dumpcap to Ethereal) to get a full blown privilege seperation.
svn path=/trunk/; revision=17608
primary and secondary error messages and let the parent worry about how
to display them. This means dumpcap doesn't need stub routines for
generating the formatting tags for the primary and secondary messages.
Have a separate message for capture filter errors, so that the parent
can check whether the capture filter looks like a display filter and
report the appropriate message. This means that dumpcap doesn't need a
stub routine for compiling display filters (a stub routine also means
that Ethereal won't do the check for capture filters that look like
display filters!).
svn path=/trunk/; revision=17465
Guy Harris