Now all we need is some enterprising individual to write the small amount of
preferences code to actually allow it to be changed etc, but I have to go to
Costco, so, later...
svn path=/trunk/; revision=9463
Windows - the problem is that GTK+ 1.3[.x] and later assume strings
handed to them are UTF-8 strings, not, for example, ISO 8859/x strings.
In packet-radius.c, re-define "isprint()" rather than #ifdeffing its use
(the old code was also incorrectly treating 0x7f as a printable).
svn path=/trunk/; revision=9436
currently-selected packet.
Use "cfile.count" as the total number of packets in the capture.
Use "plurality" to display "packet" vs. "packets".
svn path=/trunk/; revision=9423
Fix NaN when a capture and/or a filter don't have any matching packets
so the average packet size is obtained by dividing by zero.
svn path=/trunk/; revision=9369
use the common display filter dialog infrastructure in the MGCP
service response time tap;
add common infrastructure for updating the titles of tap dialogs
when the capture file name changes.
svn path=/trunk/; revision=9366
Do the same checks for negative and >255 version numbers in the
Tethereal DCE RPC statistics tap that are done in the Ethereal tap.
In the Ethereal tap, do those checks before looking up the protocol name.
svn path=/trunk/; revision=9290
"opened capture files" and "display filter used",
the settings will be saved in the file "recent" in the users config path
svn path=/trunk/; revision=9275
captures, as it has to compute the width of an auto-resizing column in
every row. Just pick fixed widths for the columns (and tune the width
of the "Protocol" column so that it's not narrower than the column
title).
svn path=/trunk/; revision=9219
pointers to the first *and* last child, in the "proto_node" structure
itself. That saves us one level of indirection and memory allocation,
and lets us append to a tree by appending to the last child directly,
rather than having to scan through the list of siblings of the first
child to find the end of that list.
svn path=/trunk/; revision=9171
last columns, if any, with that format, and use that to speed up
processing of columns with a particular format and checking whether
we're displaying a column with a particular format.
svn path=/trunk/; revision=9147
structure, rather than separately allocating "fvalue_t"s and having the
"field_info" structure point to them - this appears to speed up protocol
tree construction a bit.
svn path=/trunk/; revision=9146
"construct_args_t" is for use with filter dialogs, and the members other
than the title apply only to filter dialogs.
Have "select_file_cb()" actually use the title supplied to it.
svn path=/trunk/; revision=9125
rename it to select_file_cb to reflect its function.
While this cleans things up a bit, I am still not happy because now
filter_prefs.h must be included before file_dlg.h just to get
construct_args_t.
svn path=/trunk/; revision=9119
data to a file. This allows the user to select some stuff, and analyse it with
external tools, and is very useful for quickly prototying dissectors etc.
This works by retrieving the info that is needed to define where the selected
region is.
It puts up a dialog box that asks for the file to save in.
However, it is an ugly hack, because it reuses print_file_cb, while
print_file_cb should be moved into file_dlg.c.
It also needs to have some warning dialogs put up in error cases.
Finally, it would be good to be able to select a region in the byte_view,
which you can do with click and drag, and then have a menu item to save the
selected bytes.
svn path=/trunk/; revision=9116
This function is also very small, so small that teh overhead for the actual function call and return is likely to be a significant part
of its execution time.
change it into a macro and make it thus slightly faster by eliminating the function call overhead.
svn path=/trunk/; revision=9083
- added a pointer to raw rtp data to _rtp_info that can be used by
taps;
- RTP packets are passed to the tap queue only if they are not
error packets (so that you don't need to filter out ICMP
packets)
- use that pointer in rtp_stream, so it handles packets with
padding, and should handle RTP packets fragmented across
lower-level packets
- moved rtp_stream from tap sources to normal files
(prevents on-start-up registration of the rtp_stream tap
listener)
- rtp_stream tap gets registered/unregistered with the "RTP
Streams" dialog box
i.e. the tap is registered as long as the dialog box is open.
Alternatively, it is de-/registered on demand if RTP Analysis is
called directly on a packet.
- rtp_stream tap listener no longer uses a filter in dissection
` and does not need to have a proto tree being built.
(performance increase)
- fixed: RTP Streams list will get updated in real time if the
dialog box is open while a redissection takes place.
svn path=/trunk/; revision=9051
DISPLAY, and CLIENTNAME (in that order). If any of them are set, create
a capture filter that excludes their traffic and set it as the default.
The longer filters should be efficient without being overly long; they
may need some tweaking.
svn path=/trunk/; revision=8994
variables to be initialized to non-constant values (C89 says that "All
the expressions in an initializer for an object that has static storage
duration or in an initializer list for an object that has aggregate or
union type shall be constant expressions"; presumably the intent of the
former was to avoid run-time initialization and of the latter was to let
the initialization be done by copying from a compile-time-created blob
of memory), so we have to initialize "info->counts" by hand.
svn path=/trunk/; revision=8984
Make "proto_is_protocol_enabled()" and "proto_get_protocol_short_name()"
take a "protocol_t *" as an argument, so they don't have to look up the
"protocol_t" - this will probably speed them up considerably, and
they're called on almost every dissector handoff.
Get rid of a number of "proto_is_protocol_enabled()" calls that aren't
necessary (dissectors called through handles, including those called
through dissector tables, or called as heuristic dissectors, aren't even
called if their protocol isn't enabled).
Change some direct dissector calls to go through handles.
svn path=/trunk/; revision=8979
If we failed to dissect the GSS-SPNEGO blob it probably means that the segment
is somewhere in the middle of an LDAP PDU.
Just bail out and stop dissecting the PDU instead of aborting ethereal completely
using g_assert() since this is not really a pathological error, its just something that can and will happen normally.
svn path=/trunk/; revision=8925
open.
The toolbar equivalent should *not* be available if we have an "Update
list of packets in real time" capture running.
The toolbar "Save" button should not be available if we don't have an
unsaved capture file.
svn path=/trunk/; revision=8902
somewhat; this fixes a bug wherein we were assuming all modules
necessarily had preference pages (they won't, if the only preferences
for the module are obsolete preferences).
svn path=/trunk/; revision=8880
the interface isn't in the list of known (local) interfaces - that way
we don't try to get entries if the user's in the middle of changing the
"Interface:" text, or if the interface is an rpcap: URL (getting the
link-layer header type list for a remote interface is currently
impossible, and even just getting its *default* interface type could
hang for a long time if the remote machine isn't responding).
Free the link-layer header type list when we're done with it.
Label the option menu for that list "Link-layer header type", as it
doesn't control the data link type of the interface in the only case I
know of where it's settable, namely 802.11 interfaces - it just controls
whether the packets you get from the interface have a fake Ethernet
header or a real 802.11 header.
svn path=/trunk/; revision=8867
need to call it if you already have a pointer to the first entry in the
list, which is what "a pointer to the list" is.
svn path=/trunk/; revision=8866
- fix missing detection of first packet when writing payload.
- fix bug of erroneous handling of confort noise when writing payload.
- fix bug of possible endless silence insertion on first packet when
writing payload.
svn path=/trunk/; revision=8846
"Edit -> Display Filters..." menu item, as per Ulf Lamping - there's
apparently some problem wherein &args doesn't get passed properly to the
callback.
svn path=/trunk/; revision=8819
a button that brings up the Create Filter dialog box. While it works, the
problem is that it also acts as an Enter keypress as far as the start_stat
button is concerned.
Probably needs a small fix.
svn path=/trunk/; revision=8782
return "<no file>" if there is no file loaded yet instead of crashing in io-stat
io-stat only print the label for the top tick on the y axis to make it look less cluttered
svn path=/trunk/; revision=8781
"selected_tree_row_enabled()" routine, enable it by default, so that
tap windows can be popped up even if you have no capture file.
Assorted code cleanups.
svn path=/trunk/; revision=8740
- return FALSE immediately if the text entry is empty ;
- return FALSE at the end of the function so that the signal is sent to
the entry. It avoids a Gtk-ERROR (and an abort) :
file: gtkentry.c: line 4338 (blink_cb): assertion failed:
GTK_WIDGET_HAS_FOCUS(entry))
svn path=/trunk/; revision=8735
style.
Make the style text arrays static, as nobody uses them outside prefs.c.
Use FALSE and TRUE for the values for the Boolean controlling the
highlighting style.
Note that we're now using stock icons in the toolbar in GTK+ 2.x.
Put back the resizing of elements in the top-level container, at least
for GTK+ 1.2[.x]; otherwise, the toolbar's height never gets smaller,
even if you change the style in such a way as to reduce the height of
the elements (icons+text -> icons or text, icons -> text).
Make some routines and variables not used outside gtk/toolbar.c static.
svn path=/trunk/; revision=8720
- use GTK1/2 compatibility macros [GS]ET_OBJECT_DATA where needed
- add a set_toolbar_object_data() function which associates the display
filter entry (from the main window) with the E_DFILTER_TE_KEY for the
open and reload buttons (it is needed by the open and reload
callbacks). The function is called in create_main_window()
- reindent
svn path=/trunk/; revision=8718
of the filter text entry when reloading the file, and:
1) that doesn't work with the toolbar "reload" button (the
widget passed in for that button doesn't have a
E_DFILTER_TE_KEY data item pointing to the text entry);
2) that causes the Tools > Summary dialog box to report what
you've typed in that box, not the filter that's actually in
effect (i.e., it causes "cfile.dfilter" to reflect what's
been typed, not what's been applied);
so don't bother doing so. That also means that the "/File/Reload" menu
item doesn't need a E_DFILTER_TE_KEY data item, so don't give it one.
svn path=/trunk/; revision=8713
See manpage (hopefully manpage does not reformat my nice ascii graph)
While Service Response Times and the MIN/MAX/AVG thing in io-stat are measurements on the server load. The new measurement type LOAD is a measurement of Client LOAD.
Or rather, it is an attempt to measure client LOAD by measuring how much concurrency in its requests the client generates. It the client is slow in starting new i/o when a previous i/o has completed, this willb e indicated by the concurrency being lowered.
it is an experiment. i am not aware of any other attempts in deducing client workload from looking at captures.
svn path=/trunk/; revision=8706
Add a preference to control whether the "File > Open" dialog box
should start out in the last directory in which it looked - and
save that in the preferences file across invocations - or should
always start out in a user-specified directory, and add another
preference to specify that directory.
Write out section name comments into the preferences file.
Clean up white space a bit.
svn path=/trunk/; revision=8699
in preparation of more features.
The most visible changes are
graps drawn as sawtoots instead of bars.
relative times (mainly used for response times FT_RELATIVE_TIME) will be plotted as time measured in "s" "ms" or "us" on the y axis
future updates may be smoothed graphs and better relative time support
svn path=/trunk/; revision=8676
recurse into subdirectories doing "nmake -f Makefile.nmake distclean".
Have "nmake -f Makefile.nmake clean" not remove stuff that "make clean"
doesn't remove (such as Flex/Bison output and config.h files) - and have
"nmake -f Makefile.nmake distclean" remove stuff that "make distclean"
removes, including "tethereal-tap-register.c" and
"ethereal-tap-register.c".
svn path=/trunk/; revision=8672
endpoint talkers now have an extra submenu on the popup where one can select :
Colorize Conversation.
This opens up the create color filter dialog with the filter preset to the
selected conversation.
svn path=/trunk/; revision=8637
By using Find Next/Previous you will jump to the next/previous matching packet in the ethereal main window.
I could not get CTRL-N / CTRL-B to work and was too lazy to research.
It would be nice if CTRL-N / CTRL-P would invoke the same thing as selecting
/Find Frame/Find Next/EP1 <-> EP2
or
/Find Frame/Find Previous/EP1 <-> EP2
from the menu.
I could not figure out how to get gtk to do this.
The person that adds CTRL-N/CTRL-B here will be a hero.
svn path=/trunk/; revision=8635
file.
Fetch the geometry information whenever we get a configure_notify event,
i.e. if it actually changes, rather than doing so when we get asked to
delete the main window or we exit. Don't save the geometry if we've
never gotten such an event, as it presumably means the size and position
haven't changed.
svn path=/trunk/; revision=8634
Rename "max_count_types and "max_calc_types" to "count_type_names" and
"calc_type_names", to make it clearer what they are.
For the advanced statistics, give different error messages for the case
where no field name was specified and where an invalid field name was
specified.
Give better error messages for the cases where the calculation type
isn't supported for a particular field.
Initialize the calculation type for a given field.
svn path=/trunk/; revision=8630
Use "gtk_dialog_new()" to create the window - that doesn't create a
"dialog box" in the sense of a transient-for window, but it does create
a window with a button vbox that the code expects to be present.
svn path=/trunk/; revision=8622
IO-Stat failed to produce Advanced/COUNT(*) statistics for fields of type FT_NONE.
Fixed.
Now it is possible to do :
Advanced/COUNT(*) Filter:tcp.analysis.retransmission Field:tcp.analysis.retransmission
Advanced/COUNT(*) Filter:tcp.analysis.duplicate_ack Field:tcp.analysis.duplicate_ack
And it will plot the number of Retransmissions and Duplicate ACKs seen in each time interval.
svn path=/trunk/; revision=8609
radio button group for a button changes when new buttons are added to it
(adding to the beginning of a singly-linked list takes constant time,
adding to the end takes time linear in the length of the list, and a
GSList * points to the beginning of the list). Re-fetch the radio
button group each time through the loop that adds new radio buttons to a
radio button group for a preference.
svn path=/trunk/; revision=8591
For short packets, we might not have enough of the payload to decode
the transaction info levels and thus that data structure is NULL.
check the pointer to this struct first before we try to dereference it.
svn path=/trunk/; revision=8558
update the CList as you enter/modify options;
give Windows users OS descriptions in the displayed devices
list;
display at least 5 rows in the lists;
get rid of the "extra" CList for storing edited values.
svn path=/trunk/; revision=8552
- can now handle streams with different payload types
- detects payload changes
- detects comfort noise (PT=13 and 19)
- status line now shows: sequence errors, payload changes,
comfort noise (if any)
- uses colours for lines with status != "Ok"
- new button "next": jumps to next line with status != "Ok"
(starting from selected line)
- fixed: wrong jitter calculation (bug from tap_rtp)
- fixed: marker was not shown on first packet or erroneous
packets (bug from tap_rtp)
- code refactored to improve readability and reuse
svn path=/trunk/; revision=8543
handle 802.1Q frames;
catch the destroy signal on the main Ethereal window and destroy
our windows (avoids a crash).
Get the PPP type value for IP from "ppptypes.h" rather than defining it
ourselves.
svn path=/trunk/; revision=8537
2.x) and transient-for setting that's done for other dialogs, and use it
for dialogs that come from the main window or from children of the main
window.
svn path=/trunk/; revision=8531
- put back the event_button->window == GTK_CLIST(w)->clist_window test
now that we use the correct structure definition for GtkCList (from
the right include file, not from our version of gtkclist.h).
svn path=/trunk/; revision=8528
"set_menus_for_selected_packet()" and
"set_menus_for_selected_tree_row()", and have them decide whether to
enable or disable menu items based on whether that structure indicates
that a packet or field is selected and, if one is, on its properties.
Pass to the "selected packet enabled" routine for a menu item the
"frame_data" and "edt" members of the "capture_file" structure, and pass
to the "selected tree row enabled" routine the "field_info" member of
that structure.
Clear "cf->current_frame" if no packet is selected.
svn path=/trunk/; revision=8525
We should use the same test (event_button->window == GTK_CLIST(w)->clist_window)
we already use in gtk v1.2 code but in doesn't seem to work in gtk2.
svn path=/trunk/; revision=8515
in GTK+ 2.x, center dialogs on the parent;
make the file selection dialogs transient for the main window,
just as other dialogs are.
Update Gerald's e-mail address.
svn path=/trunk/; revision=8503
or disabled based on a currently-selected packet (or lack of same) or a
currently-selected protocol tree item (or lack of same). Not currently
used, but necessary if we ever make the TCP graph stuff a tap. API is
tentative and subject to change.
Also, enable and disable taps based on whether we have any packets to
process.
svn path=/trunk/; revision=8498
Tools/Statistics; change the taps to put things under Statistics
themselves. That allows taps to go elsewhere if appropriate.
svn path=/trunk/; revision=8488
capture temporary files, it's "<capture", and for saved capture files,
it's the last component of the pathname of the file. Use that in
various places when displaying the file name.
svn path=/trunk/; revision=8474
Don't crash if "-z" is used on the command line when a live
capture is being done (e.g., with "-k -S" - in that case,
"cfile.filename" is null when the window is created), just don't
display the file name in the title.
Don't set the title of a non-existent window - create the window
first.
svn path=/trunk/; revision=8472
One can now select a packet and mark it as a TimeReference packet using the menu.
A TimeReference packet will be indicated by having all timestamp related column entries replaced by the string *REF*
A TimeReference packet will always be displayed in the packet pane, and overrides any display filters.
When a frame is a TimeReference frame, all later frames will calculate the TimeRelativeToFirstPacket relative to the timestamp of the TimeReference frame instead of the first frame of the capture.
You can have any number of TimeReference frames you like.
svn path=/trunk/; revision=8459
the option to print only marked packets similarly, rather than as
"Suppress unmarked packets" (for consistency, and because the latter
isn't unlike a double negative).
svn path=/trunk/; revision=8451
- AM_PROC_LIBTOOL is just an alias for AC_PROG_LIBTOOL, which is
called earlier.
- Use AM_CPPFLAGS instead of CFLAGS and CPPFLAGS to add inlude
directories
svn path=/trunk/; revision=8445
Capture Options dialog box to the first string in the combo box, not to
the first interface name in the list, so we get the description.
svn path=/trunk/; revision=8444
containing a pointer to an interface name and possibly a pointer to an
interface description (although that pointer might be null if no
description is available), rather than having the Windows version glue
together the name and description into a single string.
Supply for the Linux "any" device the same description that libpcap's
"pcap_findalldevs()" returns.
svn path=/trunk/; revision=8440
support for user-supplied interface descriptions;
support for hiding interfaces in drop-down list in capture
dialog.
Clean up comments written to preferences file.
svn path=/trunk/; revision=8419
Make the Ethereal "decode as" stuff not blow up with string dissector
tables.
Selectors for uint dissector tables are unsigned, not signed.
svn path=/trunk/; revision=8408
probably be variable-width, so that doesn't work. Just put a dash
between them.
Boost the size of the buffer used for the field text to 256 characters.
In GTK+ 1.2[.x], put the entries for fields (rather than protocols) in
as leaf nodes.
svn path=/trunk/; revision=8388
that will open the find frame dialogue and preload the filter string
with the conversation and the direction the user selected from the menu.
svn path=/trunk/; revision=8386
It was very cnfusing where some protocols such as SMB had multiple items all called the same thing. Now one can distinguish between them
svn path=/trunk/; revision=8383
Make the selction of what is endpoint 1 and what is endpoint 2
first check the port (if a port is present it will be !=0) and if
the ports are present set the lowest port as endpoint2.
If the prots are not present or the ports are identical then compare the addresses instead.
The idea is that low port numbers usually refer to server daemons
and this sorting thus usually puts the client as endpoint 1 and the server as endpoint 2.
It is much more intuitive and makes the table much more readable.
svn path=/trunk/; revision=8381
Rename it from Endpoint Talkers to : Conversation List
Change command line arguments to both tethereal and ethereal
to be -z conv,<type>
to reflect the new name Conversations
This is the last time the tethereal cmd line arg is changed. But now it has a
proper intuitive name at least.
io,users was weird
talkers was too close to names used in other tools
svn path=/trunk/; revision=8379
make it know how to build the filter strings, address and port hf_ fields properly so TCP and UDP works and is agnostic on whether ipv4 or ipv6 is used as transport
svn path=/trunk/; revision=8368
Ethereal presents a column to display culmulative bytes into the capture.
A new column type is added : Culmulative Bytes.
While PacketLength column type specifies the number of bytes in the current packet,
Culmulative Bytes specifies the culmulative number of bytes from the start of the capture.
svn path=/trunk/; revision=8359
The code used to rely on min_time==0 to determine whether this was the first
packet or not and whereby we had to initialize min_time to the current value.
This obviously does not work for capture files with poor timestamp resolution
where the response time is actually, according to the capture file, 0
and we got all sorts of weird effects like average response time being less than the minimum response time.
note, the bug only affected the minimum response time in the tables and not max or average response time.
it would "miss" tose minimum response times that were ==0 and display the minumin response time in the capture that were >0
svn path=/trunk/; revision=8358
packets that passed the current display filter, as well as about the
entire capture.
Document the Tools:Summary item in the man page.
Update Gerald's e-mail address.
svn path=/trunk/; revision=8344
Guy Harris