This reverts commit c0c480d08c.
A better way to do this is to have the record type be part of struct wtap_pkthdr; that keeps the metadata for the record together and requires fewer API changes. That is in-progress.
Change-Id: Ic558f163a48e2c6d0df7f55e81a35a5e24b53bc6
Reviewed-on: https://code.wireshark.org/review/1741
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is the first step towards implementing the mechanisms requestd in
bug 8590; currently, we don't return any records other than packet
records from libwiretap, and just ignore non-packet records in the rest
of Wireshark, but this at least gets the ball rolling.
Change-Id: I34a45b54dd361f69fdad1a758d8ca4f42d67d574
Reviewed-on: https://code.wireshark.org/review/1736
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit 1abeb277f5.
This isn't building, and looks as if it requires significant work to fix.
Change-Id: I622b1bb243e353e874883a302ab419532b7601f2
Reviewed-on: https://code.wireshark.org/review/1568
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Start of refactoring Wiretap and breaking structures down into "generally useful fields for dissection" and "capture specific". Since this in intended as a "base" for Wiretap and Filetap, the "wft" prefix is used for "common" functionality.
The "architectural" changes can be found in cfile.h, wtap.h, wtap-int.h and (new file) wftap-int.h. Most of the other (painstaking) changes were really just the result of compiling those new architecture changes.
bug:9607
Change-Id: Ife858a61760d7a8a03be073546c0e7e582cab2ae
Reviewed-on: https://code.wireshark.org/review/1485
Reviewed-by: Michael Mann <mmann78@netscape.net>
That way, the packet counts are will be valid when capturing.
Change-Id: I0a21cc817d918e7f849620db5ca6dfd84bd2cd87
Reviewed-on: https://code.wireshark.org/review/936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The best heuristic can fail, so add possibility to manually choose
capture file format type, so not correctly recognize file format can be
loaded in Wireshark.
On the other side now it is possible to open capture file
as file format to be dissected.
Change-Id: I5a9f662b32ff7e042f753a92eaaa86c6e41f400a
Reviewed-on: https://code.wireshark.org/review/16
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
subtypes, e.g. Network Monitor version 1 and Network Monitor version 2
are separate "file types", even though they both come from Network
Monitor.
Rename various functions, #defines, and variables appropriately.
svn path=/trunk/; revision=53166
it into a separate capture_session structure. capture_opts should
contain only user-specified option information (and stuff directly
derived from it, such as the "capturing from a pipe" flag).
svn path=/trunk/; revision=49493
encapsulations.
For pre-V9 AiroPeek captures, leave the radio information in the packet
data, just as we do with the Prism, AVS, radiotap, and NetMon headers.
Add a dissector for it.
svn path=/trunk/; revision=42379
form of corruption/bogosity in a file, including in a file header as
well as in records in the file. Change the error message
wtap_strerror() returns for it to reflect that.
Use it for some file header problems for which it wasn't already being
used - WTAP_ERR_UNSUPPORTED shouldn't be used for that, it should only
be used for files that we have no reason to believe are invalid but that
have a version number we don't know about or some other
non-link-layer-encapsulation-type value we don't know about.
svn path=/trunk/; revision=40175
by the gunzipping code. Have it also supply a err_info string, and
report it. Have file_error() supply an err_info string.
Put "the file" - or, for WTAP_ERR_DECOMPRESS, "the compressed file", to
suggest a decompression error - into the rawshark and tshark errors,
along the lines of what other programs print.
Fix a case in the Netscaler code where we weren't fetching the error
code on a read failure.
svn path=/trunk/; revision=36748
don't need global_capture_opts don't need to have it declared and thus
don't need capture_options defined.
Include gtk/capture_globals in the files in question.
Change some more capture_opts references to refer to
global_capture_opts.
Change some global_capture_opts references in routines with a
capture_opts argument to refer to capture_opts.
The structure type is capture_options, not capture_opts; fix some
references.
Include <sys/types.h>, if it's present, in capture_opts.h, so we get
gid_t defined.
Clean up indentation.
svn path=/trunk/; revision=25574
the capture_opts structure as an argument, rather than just a pointer to
the interface name.
Don't declare a global "capture_opts" pointer, as we don't define it any
more.
svn path=/trunk/; revision=25570
have them use least some of the radio-information fields, so that the
same field name can be used for multiple radio header types. The AVS
header can supply the data rate in bits/second, so have that field be in
those units, and make it 64 bits to leave room for the future, Just In
Case. Display it as Mb/s, however.
svn path=/trunk/; revision=23911
In "capture_input_new_file()", don't call the callbacks unless we
succeed in opening the new file. Have "capture_info_new_file()" return
a success/failure indication.
Improve the message logged when we fail to open the new file if we're
only opening it for the quick packet counts. We really should put up an
alert box and give up on the capture at that point.
svn path=/trunk/; revision=17437
headers.
Fix capture_radiotap() to check for padding between the 802.11 header
and the 802.11 payload and to call different capture routines depending
on whether it's present or not, and create capture_ieee80211_datapad()
to handle the case where it's present.
Fix capture_radiotap() to convert the Radiotap header length from
little-endian, and to do some sanity checking of that length.
Fix capture_ieee80211_common() to use the offset supplied to it to fetch
the frame control field, as that offset isn't necessarily 0.
svn path=/trunk/; revision=17083
Declare the "pd" argument to be "const guchar *", to match the way
packet data is declared elsewhere, and so that if the headers
"capture_info.c" includes don't define "u_char" it still compiles.
svn path=/trunk/; revision=16671
This way, the capture child don't need to now any of the packet_counter things (no epan/packet.h and all alike).
Currently the capture_info code will always open another wiretap file instance to build it's own counter values. This isn't optimized for now (next step: use data from cf_continue_tail() somehow).
svn path=/trunk/; revision=16669
Guy Harris