Add an "nb_data1()" routine to add DATA1 values to the protocol tree.
Have "nb_data2()" take an hf_ value as an argument and add the field
with "proto_tree_add_item()".
Decode the values for "largest frame".
svn path=/trunk/; revision=5342
Make the transmit and receive correlators unsigned quantities - they're
just opaque hex packet IDs.
"nb_data2()" always processes 16-bit quantities; get rid of the "len"
argument to it. Make it use its "label" argument as a format.
Show the data in an unknown command as "Unknown NetBIOS command data".
Add routines to dissect TERMINATE TRACE and SESSION ALIVE commands.
Note where we'd do reassembly were we to do that.
Don't dissect the payload of the packet as NetBIOS payload unless the
command was DATAGRAM, BROADCAST DATAGRAM, DATA FIRST MIDDLE, or DATA
ONLY LAST.
Fix up the lengths and names of some fields.
svn path=/trunk/; revision=5338
Make the loop to dissect NBSS packets run to the end of the reported
data, so it throws an exception on a short frame.
Use -1 rather than "tvb_length(tvb)" for the length of items that run to
the end of the frame.
svn path=/trunk/; revision=5336
later wants to make one of the message dissectors add to the Info
column).
Use -1 rather than "tvb_reported_length_remaining(tvb, offset)" to
specify that a subset tvbuff should run to the end of the parent tvbuff.
svn path=/trunk/; revision=5331
As a result of that, we now construct a tvbuff for each Gryphon message;
this obviates the need to pass a message length to the dissectors for
each message type.
svn path=/trunk/; revision=5321
"dissect_nt_sec_desc()".
Also, get rid of code to handle lengths of -1 in "dissect_nt_sec_desc()"
- we never pass it a length of -1, as security descriptors aren't sent
over the wire with NDR syntax.
svn path=/trunk/; revision=5317
more calls supported in AFP;
ATP desegmentation;
show the name for NBP function 1 (broadcast request);
"get status" reply for DSI.
svn path=/trunk/; revision=5316
into Wiretap, so that if you read a frame from Wiretap you have what
traffic type information could be gleaned from the information in the
capture file, and can write the frame out to a capture file where the
file contains some or all of that information without having to
determine it outside of Wiretap.
svn path=/trunk/; revision=5314
Remove the declaration of "dissect_nt_sid()" from
"packet-dcerpc-samr.c"; get it by including "packet-smb-common.h",
instead.
svn path=/trunk/; revision=5313
just an image of the ATM Sniffer data. This means that Ethereal doesn't
have to know any ATM Sniffer-specific details (that's all hidden in
Wiretap), and allows us to add to that pseudo-header fields, traffic
types, etc. unknown to ATM Sniffers.
Have Wiretap map VPI 0/VCI 5 to the signalling AAL - for some capture
files, this might not be necessary, as they may mark all signalling
traffic as such, but, on other platforms, we don't know the AAL, so we
assume AAL5 except for 0/5 traffic. Doing it in Wiretap lets us hide
those details from Ethereal (and lets Ethereal interpret 0/5 traffic as
non-signalling traffic, in case that happens to be what it is).
We may know that traffic is LANE, but not whether it's LE Control or
emulated 802.3/802.5; handle that case.
svn path=/trunk/; revision=5302
Ronnie Sahlberg