Note: I don't know anything about the limitations of nmake, so I don't know
whether the `find ...` will work and I can't test it, as I don't have a
Windows system with anything even remotely resembling a compiler on it.
svn path=/trunk/; revision=9687
DISSECTOR_SUPPORT_{SRC,OBJECTS}.
Add some additional files, required by dissectors, to those lists.
Extract the stuff to get version information strings for libraries and
the OS, which is *not* needed by dissectors, from "util.c", which
contains routines that *are* needed by dissectors, and put it into a
separate file.
Make "dftest" link only with the dissector support stuff, not with all
of the Ethereal common files.
svn path=/trunk/; revision=9645
containing helper routines, to DISSECTOR_HELPER_SRC. Include
DISSECTOR_HELPER_SRC in ETHEREAL_COMMON_SRC, and include BUILT_SOURCES
in ETHEREAL_COMMON_SRC rather than repeating those headers directly. Do
similar things with ETHEREAL_COMMON_OBJECTS and DISSECTOR_COMMON_OBJECTS
in Makefile.nmake.
Add "packet-x11-keysymdef.h" to "noinst_Headers", so it's built as part
of the tarball.
svn path=/trunk/; revision=9627
The JFIF dissector processes everything up to the start of scan as the data
thereafter is encoded and I didn't have the time to figure out how it is :)
TODO: fix the WTP dissector so it doesn't hand off unreassembled data to WSP.
svn path=/trunk/; revision=9541
NOTE: I propose to use packet-MIME-TREE for future media types that will be
added to Ethereal (E.g., packet-image-png.c).
svn path=/trunk/; revision=9437
a static Windows library (netsnmp.lib) has been placed at
http://www.ethereal.com/distribution/win32/development/
The Net-SNMP documentation recommends against using a DLL at the
present time.
svn path=/trunk/; revision=9177
From Michael Lum:
Modified for better TCAP separation, fixed EOC handling (a la
TCAP).
Added parameter parsing (although not dissection or naming).
svn path=/trunk/; revision=9160
add a message statistics tap for ANSI A interface for Tethereal;
fix the BSSAP, BSMAP, and DTAP interface dissectors to call
subdissectors even if no protocol tree is being built.
svn path=/trunk/; revision=9132
KPasswd is partially dissected for UDP.
It would be very useful if someone added dissection of the asn.1 encoded
AP_REQ and the KRB-PRIV blobs. I dont think I will add those.
svn path=/trunk/; revision=8905
- Dissector for FICON
- Dissector for FC-SP (Security Protocol for Fibre Channel)
- Patches to correct the reassembly of FC fragments.
- Support for new MDS Port Analyzer Adapters that carry the
frame length for truncated frames.
svn path=/trunk/; revision=8823
recurse into subdirectories doing "nmake -f Makefile.nmake distclean".
Have "nmake -f Makefile.nmake clean" not remove stuff that "make clean"
doesn't remove (such as Flex/Bison output and config.h files) - and have
"nmake -f Makefile.nmake distclean" remove stuff that "make distclean"
removes, including "tethereal-tap-register.c" and
"ethereal-tap-register.c".
svn path=/trunk/; revision=8672
set in the config.nmake file.
Configure whether we have pcap_findalldevs() based on whether
WINPCAP_VERSION is 2.3 (if so, we don't) or 3.0 or 3.1 (if so, we do).
WinPcap 3.0 has the new libpcap declarations of "pcap_lookupnet()" and
"pcap_open_live()" in which the first argument is a "const char *"
rather than a "char *"; declare the functions and pointers to them
appropriately based on the version of WinPcap.
If we don't have pcap_findalldevs(), don't declare a pointer to it, as
we don't have a declaration of pcap_if_t.
We also need to refer to "pcap_freealldevs()", so make a pointer for it.
"symbols[]" is a const array; make the pointer to elements in it a const
pointer.
Fix some typoes.
svn path=/trunk/; revision=8660
1) string tables for t35CountryCode, t35Extension and
h221ManufacturerCode were moved into the new file t35.c
because they are common for more dissectors
2) the dissect_h245_NonStandardParameter_with_extension_marker()
was moved from h245 to h225 and renamed to
dissect_h225_NonStandardParameter() because the
NonStandardData type is different for H.225.0 and H.245
3) type of the "h245.nsp.object" dissector table was changed from
FT_UINT32 to FT_STRING, so it can select a dissector based on
an OID rather than the Adler-32 hash of an OID
4) the "h225.nsp.object" and "h225.nsp.h221" dissector tables
were created
svn path=/trunk/; revision=8550
Service-over-Frame-Relay support, including preference for Frame Relay
to select FRF 3.2/Cisco HDLC encapsulation or encapsulation of GPRS NS
PDUs.
svn path=/trunk/; revision=8362
a list of disabled protocols, and to save that list from the Edit >
Protocols dialog box.
Add checks for read errors in "read_prefs()".
Clean up white space.
svn path=/trunk/; revision=8144
Still something wrong with NonStandardParameter, I cant find why ethereal is
wrong but it misses misses one bit in the decoding causing malformed frames.
I cant see what is wrong when looking at the packets. need furhter investigations.
Make h225 compile in as default
svn path=/trunk/; revision=8119
constrained integers with an extension marker.
Update all calls to the constrained integer dissector
Add dissection to the rfc_number type which is a constrasined integer with an extension marker
Add H245 so that it builds by default in ethereal.
It has been tested extensively by a semi-large number of people with a lot of real and synthetic captures and seems to work very well.
New protocol added to ethereal
svn path=/trunk/; revision=8032
and put them in their own file.
I had to put them im packet-per.c instead of asn1-per.c since othervise
i couldnt get it to invoke the register routine from register.c
the per dissector is compiled into ethereal by default, but there are no callers in ethereal until the h245 dissector is added.
someone that knows the registry stuff better might consider renaming it to asn1-per.c instead of packet-per.c
svn path=/trunk/; revision=8017
variables the user configures - the user isn't expected to change
GLIB_LIBS or GTK_LIBS, and there's a comment nothing that users
shouldn't have to do so), which contain the appropriate libraries for
building stuff that requires only GLib, and stuff that required GTK+ and
GLib, respectively, and use those macros in the Makefile.nmake files.
svn path=/trunk/; revision=7885
variables the user configures - the user isn't expected to change
GLIB_CFLAGS or GTK_CFLAGS, and there's a comment nothing that users
shouldn't have to do so), which contain the appropriate "/I" flags for
building stuff that requires only GLib, and stuff that required GTK+ and
GLib, respectively, and use those macros in the Makefile.nmake files.
svn path=/trunk/; revision=7884
GNU ADNS or not - set it based on whether ADNS_DIR is defined by
"config.nmake", and make "config.h.win32" files that specify whether we
have GNU ADNS dependent on "config.nmake".
Note in "config.nmake" that:
if you have GNU ADNS, ADNS_DIR should be defined as the
directory in which the ADNS .lib file resides;
if you don't have GNU ADNS, ADNS_DIR shouldn't be defined.
svn path=/trunk/; revision=7860
"EtherNet/IP" name in his original version ("IP" there is "Industrial
Protocol", not "Internet Protocol"), and to the original file name, and
getting rid of some unused variables.
svn path=/trunk/; revision=7851
you build Ethereal without ADNS. (It'd be nice if ADNS_DIR not being
defined caused the config.h file to have the appropriate #ifdefs turned
off; we can probably do that with another @xxx@ variable in
config.h.win32, and !IFDEFs in the rules to make the config.h files,
although we should then make config.h also depend on config.nmake.)
svn path=/trunk/; revision=7827
to just be an extension to AODV - and the dissectors use the same port,
which doesn't work unless there's only one dissector).
svn path=/trunk/; revision=7616
Add Response-Time statistics for each known mgcp message-type.
Fix a few bugs and remove trailing whitespace.
Use "gdouble" for printing time-values and calculating the
average. It is easier to use and shouldn't overflow on big
trace files like "guint32".
Move some functions for time statistics into the new file
timestats.c in the main directory. This code may be useful in
the rpc and smb rtt-taps as well.
svn path=/trunk/; revision=7469
Socket 0x9001 is for NLSP - it supports LANs as well as WANs, at least
as I read the specification.
Socket 0x9004 is for "IPX WAN 2".
svn path=/trunk/; revision=7387
This feature, when enabled through Edit/preferences/protocols/smb,
will look at certain SMB and CIFS related protocols to discover the
mapping between SIDs and their Names.
For those SIDs whose name has been snooped/discovered ethereal will
also add "(<name>)" to the end of the SID when printed in the tree pane
through the function dissect_nt_sid().
Currently the feature is not too exciting since the only thing that packet-smb-sidsnooping.c will look at to build this mapping table is
replies to the LSA/QueryInfoPolicy infolevel 3 packets and thus
discover mappings between a Domain SID and a Domain Name.
In the near future this future will be enhanced to also look at more interesting calls such as LSA/LookupSIDs2 and similar.
svn path=/trunk/; revision=7362
- A new decoder called MDSHDR which decodes the internal header of the
Cisco MDS switch (this is different from the Boardwalk header).
- Support for some more new columns as part of FC support.
- Fixed the decoding of the Special Frame in FCIP.
- Fixed the decoding of credit management type field in FLOGI/PLOGI frame
in FC-ELS.
svn path=/trunk/; revision=6974
IO-Users is a feature for tethereal that will print statistics on io usage
similar to top talkers in other tools.
It needs to be ported to ethereal with a nice graph sometime later.
try:
-z io,users,ip
see man-page
svn path=/trunk/; revision=6972
SMB RTT statistics are similar to the RTT statistics already supported by ONC-RPC and DCE-RPC.
It will present a table with all seen SMB commands and present the Min/Max and Avg response time in ms.
Transaction2 and NT-Transaction commands are broken out and presented in its own subtables.
tethereal feature is activated with -z smb,rtt switch
and in ethereal it is activated either through -0z smb,rtt switch or through the Menu.
svn path=/trunk/; revision=6966
- Decoders for the few remaining FC protocols not included in my first
patch. Included in this list are decoders for FC-CT (common transport),
Name Server (dNS), Fabric Configuration Server (FCS) and Zone Server
(FZS).
- Decoder for MDS Debug Port Adapter. MDS Debug Port Adapter (internal
name was Boardwalk and this is the file name) is a piece of hardware
that can be purchased with Cisco's MDS Fibre Channel switches that
converts FC frames into Ethernet frames. One end is connected to a
port on a FC switch and the other end is connected to a FE/GE Ethernet
port. The decoder included here decodes the encapsulation header that
carries information such as SOF/EOF of FC frames.
svn path=/trunk/; revision=6919
The Q bit in X.25 doesn't mean "this is QLLC traffic", it's just a "this
packet is special" indication. Have the X.25 dissector pass as the
"private_data" pointer a pointer to a gboolean indicating whether the Q
bit was set or not. Replace the "decode non-Q-bit traffic as SNA"
option with a "decode traffic as QLLC/SNA if we didn't see the Call
Request packet and thus don't know what it is" option, which hands
traffic to the QLLC dissector for that traffic. Have the QLLC dissector
hand traffic to the SNA dissector if the Q bit isn't set.
Arrange that we determine whether the Q bit is set regardless of whether
we're building the protocol tree or not.
If we don't just dissect traffic as QLLC/SNA if we didn't see the Call
Request packet, check not only for 0x45 (as an indication that it's
probably IP), check also for NLPID_ISO8473_CLNP and treat that as an
indication that it's probably OSI CLNP.
svn path=/trunk/; revision=6854
make ANSI point codes filterable in MTP3;
fix a bug in the ANSI SLS dissection;
have MTP3 store the SI for use by subdissectors;
add a new MTP3-Management dissector.
Fix Makefile.nmake to include the Wellfleet HDLC dissector.
svn path=/trunk/; revision=6837
using NTLMSSP version 1.
Show stub data as such for all requests and replies where we can't
dissect the stub data as a request or reply for some DCERPC-based
protocol.
svn path=/trunk/; revision=6825
The MD5 is copyrighted by L. Peter Deutsch, and released under the same
license as zlib. It is GPL-compatible, and should NOT have the GPL
applied to it.
svn path=/trunk/; revision=6790
header.
Add overflow checks to "BYTES_ARE_IN_FRAME()", and cast all arguments to
unsigned values (negative values should never be passed) to squelch
compiler warnings.
svn path=/trunk/; revision=6567
Using this command line option you canb now place any arbitrary display-filter fields on the COL_INFO line.
Assume you want NFS dissector in tethereal to put ALL filehandle hashes (nfs.fh.hash) on COL_INFO.
No worries, just add
-z proto,colinfo,nfs.fh.hash,nfs.fh.hash
as a parameter to tethereal.
Never again do you need to hack tethereal and recompile just because you want some extra info on the COL_INFO line.
svn path=/trunk/; revision=6560
Similar to what is available on ethereal:/Tools/ProtocolHierarchyStatistics
but this one can handle ALL protocols that tethereal has dissectors for.
Maybe a gtk/gtk2 version of this should replace the existing one in ethereal?
Try -z io,phs or -z io,phs,<filter> to test it.
svn path=/trunk/; revision=6532
and generate the table of stuff to register from tap source files, so
Tethereal doesn't need to know what tap listeners exist.
Get rid of "tap-xxx.h" files, as they're now empty.
Add "tethereal-tap-register.c" to the .cvsignore file, as it's a new
generated file.
Update "Makefile.nmake" to generate "tethereal-tap-register.c".
Clean up "Makefile.am" and "Makefile.nmake" a bit.
svn path=/trunk/; revision=6525
WTAP_ENCAP_ISDN encapsulation type, which includes a pseudo-header
giving the direction (user-to-network or network-to-user) and the
channel number.
Add a new circuit type, using the ISDN channel number as the circuit ID.
Add an ISDN dissector to put the direction and channel number into the
protocol tree and to call the appropriate dissector for the payload
based on the channel (LAPD for the D channel; V.120, PPP, or data for B
channels, based on some heuristics).
svn path=/trunk/; revision=6521
Jörg Mayer