Here is a patch that:
- Replaces the arrow labels by the beginning of the COLINFO column if available (usually containing message names/types).
- Change the comment area to be "protocol: colinfo_content"
From Anders
Added ID tag
Camel
Use col_set_str to remove TCAP info in col_info
svn path=/trunk/; revision=16975
Browsing through the wishlist I came across this old one by Steve Brown:
------8<------
The GTK1 UI wordwraps assembled TCP streams, the GTK2 UI doesn't, but
should also. Not wrapping makes reading any protocol that lacks linebreaks
virtually impossible (XML, etc.) as it all ends up on one line. I'm tired
of having to install the GTK1 UI :P
------8<------
It seems like a simple request. The oneliner patch implements this wish.
Maybe someone feels the need to make it a preference or selectable.
svn path=/trunk/; revision=16939
set the read filter dialog modal and transient to the parent window if requested. This way, it will receive input signals (solving problems with GTK2's gtk_file_chooser).
To do this, add another construct_args flag, so it will be modal only if really needed ...
svn path=/trunk/; revision=16926
"error_t" is defined elsewhere on at least some versions of Fedora Core,
so it collides with our usage; use "expert_comp_dlg_t" instead.
svn path=/trunk/; revision=16889
After investigating the time-sequence graphs (Stevens and tcptrace) produced
using an FTP capture file supplied by Eduardo Segura
(see http://www.ethereal.com/lists/ethereal-users/200512/msg00153.html )
I've identified several problems in tcp_trace.c.
The problems mostly involve incorrect determination of the lower/upper
sequence number bounds (for the Y axis) in certain cases (e.g. having to do
with 'partial' conversations).
I've reworked the '...get_bounds' code to handle cases such as:
1. out of order data segments (e.g.: the first segment in a captured
conversation has a higher sequence number than a later segment);
2. 'ack' sequence numbers for initial ack segments in a conversation lower
than the sequence numbers of the initial data segments;
3. maximum 'ack + win' sequence number in a conversation greater than the
max data sequence number;
4. Stevens graph: only use data segment sequence numbers when
determining bounds;
5. TCP RST packet without 'ack' flag: do not try to use the 'ack' seq num from
the packet in this case. (This was the specific cause of the originally reported
problem).
I've also reworked the tcptrace display code slightly to properly handle
the initial ack packet of a sequence;
As an example of the some of the fixes the Ethereal tcptrace style graph
of the following conversation fragment will now be similar to the graph
produced by Tcptrace.
data: seq 10000 len 100
data: seq 10100 len 200
ack: ack 5000 win 6000
ack: ack 5400 win 5600
svn path=/trunk/; revision=16874
> here is a small patch for the flow graph feature. It allows
> to have SS7 nodes (network indicator/point codes) to be
> recognized as nodes in the graphs.
> The patch consists in using "pinfo->net_src" or
> "pinfo->net_dst" instead of "pinfo->src" or "pinfo->dst".
> I did some tests with other IP protocols and behavior was
> still the same as before. But I do not guaranty that it
> doesn't have some bad side effects for some protocols.
svn path=/trunk/; revision=16817
warnings.
Include "wiretap/libpcap.h" in "capture_loop.h", to get its declarations
of data structures for headers in libpcap files. This lets us remove
the includes of "wiretap/libpcap.h from files including
"capture_loop.h".
Make "log_func_ignore()" in "tethereal.c" static, and declare some of
its arguments unused. Also get rid of an unused variable.
Include <pcap.h> before including "wiretap/wtap-capture.h", to declare
"struct pcap_pkthdr".
svn path=/trunk/; revision=16791
remove a lot of redundant code from tethereal and use (move) stuff from capture_loop.c instead.
concentrate common capture related code in capture_opts.c, e.g. trying to find the right interface to capture from (command line option, preference, first usable) instead of duplicating this code over several files.
remove redundant code from dumpcap.c
this also implements command line option -D (and indexed interfaces at -i) for Ethereal and Dumpcap (as we have it in Tethereal already for a while)
svn path=/trunk/; revision=16787
Update the window title, right after the fixed capture finished. This might be required if the loading of the capture file afterwards just fails, leaving the title unchanged.
svn path=/trunk/; revision=16772
this way, the capture prefix will "logically" group the files together and file browsers will also group them
we may want to move the files into a subdir capture later
svn path=/trunk/; revision=16691
This way, the capture child don't need to now any of the packet_counter things (no epan/packet.h and all alike).
Currently the capture_info code will always open another wiretap file instance to build it's own counter values. This isn't optimized for now (next step: use data from cf_continue_tail() somehow).
svn path=/trunk/; revision=16669
Well, we actually only need the filename here, so create a temp file with the "official" create_tempfile function, keep that tempfile name and then delete this file again, leaving only the name.
I know that's a bit uncommon, but should work and uses the same mechanisms as with other temporary files. So if there are still problems with the official function, we only have one place to fix :-)
svn path=/trunk/; revision=16597
necessary there.
Add a "cmdarg_err()" routine to report command-line option errors; it
creates a console if necessary, and prints the command name and the
trailing newline. Also add "cmdarg_err_cont()", which also creates a
console if necessary, and prints a trailing newline but no command name;
it's used to continue the message. Use those, rather than
"g_warning()", for errors.
That means that we no longer need to pass the command name to various
command-line argument parsing routines.
svn path=/trunk/; revision=16526
On Windows, show it using the same usage-message syntax as other
options.
Clean up the usage message.
When doing the "pre-scan" of command-line arguments, suppress error
messages - that suppresses bogus messages for GTK+ command-line flags,
and gets rid of double messages for other errors.
svn path=/trunk/; revision=16521
button"; "Stop" should be used for operations that can only be stopped
(meaning that what it's already done isn't undone), not cancelled
(meaning that whatever it's already done *is* undone), for which
"Cancel" is used.
Allow the merging process to be cancelled.
Clean up indentation.
Update some comments.
svn path=/trunk/; revision=16489
If we get a getopt() error in the pre-scanning, quit - don't do all the
GUI stuff and re-scan the arguments (and print the error message twice).
svn path=/trunk/; revision=16443
to do this, I've added file_util.h to wiretap (would file_compat.h be a better name?), and provide compat_macros like eth_open() instead of open(). While at it, move other file related things there, like #include <io.h>, definition of O_BINARY and alike, so it's all in one place.
deleted related things from config.h.win32
As of these massive changes, I'm almost certain that this will break the Unix build. I'll keep an eye on the buildbot so hopefully everything is working again soon.
svn path=/trunk/; revision=16403
Rename some variables to make the names used in progress bars more
common. (Should more of that functionality be moved into common
progress bar code?)
svn path=/trunk/; revision=16347
like that of the Ethereal I/O stat tap. Improve error messages in both
taps.
Use nstime() routines and structure assignment to do operations on
nstime_t values.
svn path=/trunk/; revision=16346
rather than checking only on every progress bar update quantum, so that
if the update quantum is *very* large, we don't end up waiting longer
than the standard time for a dialog box before checking.
svn path=/trunk/; revision=16327
The localtime call will return NULL on invalid input which results in a NULL pointer exception. Simply print '?' if localtime returned NULL.
svn path=/trunk/; revision=16317
Anders Broman