osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity
70,692 Commits 23 Branches 0 Tags 1.3 GiB
Commit Graph

6 Commits

Author SHA1 Message Date
Dario Lombardo 16b07fa6bc writecap: use SPDX identifiers. 
Change-Id: I800f8ccb516f69a15b535ee96a4b34754c008028
Reviewed-on: https://code.wireshark.org/review/25663
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
 2018-02-08 16:15:42 +00:00
Guy Harris af0f49e80d Use pcapng as the name of the file format. 
At one point, I remember a discussion resulting in the official name of
the next-generation replacement for pcap format being changed to
"pcapng", with no hyphen.

Make Wireshark reflect that.

Change-Id: Ie66fb13a0fe3a8682143106dab601952e9154e2a
Reviewed-on: https://code.wireshark.org/review/25214
Reviewed-by: Guy Harris <guy@alum.mit.edu>
 2018-01-09 00:38:51 +00:00
James Ko 8606062cb3 dumpcap: enable capture of pcapng from pipe 
Reads pcapng blocks from a pipe.  Section header blocks are parsed for
endianess.  All other blocks only have the general block header parsed
for type and length, and then endianess converted if necessary.
Outputs all blocks using the original endianess format so none of the
other block types or options require parsing.

Change-Id: I2f4f0175013d8fc2cda42a63e7deacad537951e3
Bug: 11370
Reviewed-on: https://code.wireshark.org/review/24536
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
 2017-12-01 08:18:16 +00:00
Guy Harris b8b9bbcbd3 *Always* write out the trailing pcapng block total length in host byte order. 
In the fast-path "no options" case for writing an Enhanced Packet Block,
just copy the block total length to the buffer, don't put it into the
buffer in little-endian byte order.  If we're running on a big-endian
machine, and thus *should* be writing out multi-byte integral block
fields in big-endian byte order, that'll write out a corrupt pcapng
file.

Bug: 13802
Change-Id: I33958e3fc1d205ca6df3ef4057d92b461831c50e
Reviewed-on: https://code.wireshark.org/review/22753
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
 2017-07-21 12:59:28 +00:00
AndersBroman bd9afdddfe Reduce number of fwrite when writing pcap-ng EPB. 
According to callgrind with the patch dumping 3000 pakets the number of
calls to write_to_file is reduced from 11541 to 9000 reducing the number
of lr from 4 681 518 to 4 314 101.

If the buffer holding the packet was guaranteed to be padded to 32 bit
boundary the code could be simplified and if there was space "in front"
for the packet header it would be even better.

Change-Id: Ie991c05fa9d831ee4d703bd47b8123f2b1f83277
Reviewed-on: https://code.wireshark.org/review/20256
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
 2017-02-24 04:42:31 +00:00
Guy Harris a4aa8930bb Put pcapio.c into a writecap library, and use it. 
Change-Id: Ib89f345c072a38bc01f0513366a4bdae3bf6f08e
Reviewed-on: https://code.wireshark.org/review/14615
Reviewed-by: Guy Harris <guy@alum.mit.edu>
 2016-03-24 20:49:37 +00:00