Changed the name of SAM_ACCOUNT_INFO to the real name : DELTA_USER
also fixed some bugs in this structure. Surprised that ethereal could
dissect this structure at all previously since the structure description was
broken. Pure luck I guess.
Other implementors of NETLOGON would benefit from looking at ethereal source
in the future since it seems the public IDL definitions for this interface is
very buggy.
svn path=/trunk/; revision=5823
Get rid of some presumably-unneeded #includes.
Fix the handling of the DLCI field.
Hand off "protocol data" parameters to the Q.931 dissector.
svn path=/trunk/; revision=5818
flag is never set on packets sent by the machine on which the capture is
being done is not a 2.0[.x]-only problem; it's in 2.4.18, and may well
be in all 2.x kernels with at least some drivers.
svn path=/trunk/; revision=5812
fetched the source and destination port numbers, so that they're
available to the "Follow TCP Stream" code even if we throw an exception
dissecting the rest of the TCP header.
svn path=/trunk/; revision=5811
"broadcast message waiting" indications.
When handing off dissection from the IPX dissector:
Check the socket numbers before we check the packet type;
we've seen IPX message packets with a type of NCP and a
destination socket of IPX_SOCKET_IPX_MESSAGE, and SAP
packets with a type of NCP and a destination socket of
IPX_SOCKET_SAP.
Assume the lower-numbered socket number is more likely
to be the right one, along the lines of what we do for
TCP and UDP. We've seen NCP packets with a type of NCP,
a source socket of IPX_SOCKET_NCP, and a destination
socket of IPX_SOCKET_IPX_MESSAGE, and we've seen NCP
packets with a type of NCP, a source socket of
IPX_SOCKET_IPX_MESSAGE, and a destination socket of
IPX_SOCKET_NCP.
svn path=/trunk/; revision=5810
pass a non-zero count to "pcap_dispatch()" when possible;
fix the check after "test_for_fifo()";
if there's a maximum file size, we're definitely saving to a
file, so don't bother checking "ld.pdh", as it won't be null;
if writing to a FIFO, flush after "pcap_dispatch()" returns,
rather than after every packet, so we don't do as many writes to
the FIFO.
svn path=/trunk/; revision=5805
Add Zone Information Protocol support.
Rename "ddp.dst.socket" and "ddp.src.socket" to "ddp.dst_socket"
and "ddp.src_socket", as the socket number is no longer
considered part of the DDP address.
svn path=/trunk/; revision=5800
padding when printing text and use "putline" when printing PostScript.
Eliminate "hexdump", as it's just a special case of "putline".
Have "proto_tree_print_node()" just call "print_line()".
Get rid of "print_ps_hex()" - the font used for the hex dump and the
protocol tree are the same, so there's no need to switch fonts.
svn path=/trunk/; revision=5798
supported in Win32 applications; use the native Win32 mechanism for
catching ^C (and other events that would terminate a program running in
a console window).
That mechanism (and the signal mechanism in the MSVC++ C run-time) cause
the handler to be run in a separate thread, so it can't just do a
longjmp. Fortunately, WinPcap's packet-dispatch loop, unlike the
libpcap loop on some UNIX platforms, can be interrupted by ^C, so we
don't have to do the longjmp there - we can just set "ld.go" to FALSE to
terminate the capture loop.
svn path=/trunk/; revision=5776
Gerald Combs