access their own "pinfo". A packet_info is stored in epan_dissect_t,
which is created for the dissection of a single packet.
GUI functions which need to access the packet_info of the currently
selected packet used to use "pi"; now they use cfile.edt->pi. cfile's
"edt" member is the epan_dissect_t of the currently-selected packet.
The functionality of blank_packetinfo() was moved into
dissect_packet(), as that's the only place that called blank_packetinfo(),
after a spurious call to blank_packetinfo() was removed from
packet_list_select_cb().
svn path=/trunk/; revision=4246
for AIX 5.x's non-standard libpcap, where "pcap_datalink()" doesn't
return DLT_ values, it returns RFC 1573 ifType values.
Put that wrapper, and the routine to get the interface list, in a
separate file, for packet-capture utility routines, so not everybody who
includes "util.h" needs to include <pcap.h>.
Fix up the Wiretap hack for dealing with said incompatibility to use the
correct ifType value for Token Ring.
svn path=/trunk/; revision=4184
obsolete; we silently ignore attempts to set those in a preferences
file, so that we don't spam the user with error messages caused by them
having saved preferences in an earlier release that contained those
preferences.
Make the Diameter and iSCSI dissectors register obsolete preferences.
Crash if some code tries to register a preferences module with a name
that contains something other than lower-case ASCII letters, numbers, or
underscores, or that has already been registered, or if some code tries
to register a preference with a name that contains something other than
lower-case ASCII letters, numbers, underscores, or periods, or that has
already been registered, so that we don't put code like that in a
release and have to shovel code into "prefs.c" to fix it up later. (The
problem with multiple modules or preferences with the same name should
be obvious; the problem with names with blanks, or upper-case letters,
or punctuation, is that they're a pain to type on the command line.)
svn path=/trunk/; revision=4148
reside. Use it, rather than concatenating the user's home directory and
".ethereal" in a number of files.
Fix up some additional places to use G_DIR_SEPARATOR_S as the pathname
separator.
svn path=/trunk/; revision=4061
buffered data is written out to the file;
headers are written if the capture file header depends on the
number or sizes of the packets;
etc..
svn path=/trunk/; revision=3909
"--with-pcap", it adds the "include" subdirectory of that directory to
the list of directories to search for include files, rather than adding
the directory itself.
Check whether libpcap defines "pcap_version", and define
HAVE_PCAP_VERSION if it does. Use "pcap_version" iff HAVE_PCAP_VERSION
is defined, rather than special-casing MacOS X.
Don't #define a string for the WinPcap version; just leave
HAVE_PCAP_VERSION undefined on Windows, as WinPcap 2.2beta is out, so we
can no longer assume that the Windows version of Ethereal is using
WinPcap 2.1.
svn path=/trunk/; revision=3792
replace "--with-plugindir" with "--with-plugins", and have the
plugin directory optional - this allows plugins to be disabled;
add "--traditional-cpp" on MacOS X/Darwin (Apple's "cc" compiler
requires it, for some annoying reason, even though it is, as far
as I know, GCC-based, and other GCC's don't require it);
on MacOS X, don't use "pcap_version[]", as, for some annoying
reason, libpcap on MacOS X doesn't define it.
Clean up some whitespace in the help messages for the configure script.
Move the AM_CONDITIONAL for SETUID_INSTALL after the point at which
"enable_setuid_install" is set, as it tests "enable_setuid_install".
svn path=/trunk/; revision=3788
allow you to suppress the printing of unmarked packets.
This allows a user to mark the packets they wish to print and
print ONLY those packets by suppressing all other unmarked packets.
This may seem like a bit of a convoluted way of expressing things,
as usually the desired behavior would be to print the marked packets.
However, we do NOT print marked packets that are not displayed under
the current filter. To be maximally explicite I've expressed this
as suppressing unmarked frames.
svn path=/trunk/; revision=3736
get from calling "wtap_file()", so get rid of the call and the
(otherwise unused) variable to which its result gets assigned.
That lets us get rid of "wtap_file()" in Wiretap.
It also lets us get rid of the include of "zlib.h" in "file.h"; the
#defines of "file_open()", "filed_open()", and "file_close()" are also
unnecessary, so we get rid of those as well.
However, that means we need to include <zlib.h> in "gtk/main.c" and
"tethereal.c", so that the version number of libz is defined and can
show up in the version string.
svn path=/trunk/; revision=3652
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
Joerg Meyer.
Support for saving to the preferences file the settings for all types of
name resolution.
Do a case-insensitive check for "true" and "false" in Boolean preference
settings.
svn path=/trunk/; revision=3489
"main()", the program exits, and exits with an exit status equal to the
return value of "main()", so "return 0;" is sufficient at the end of
"main()".
svn path=/trunk/; revision=3350
and never was - there's only an Ethereal-wide "enable name resolution"
preference. Name it just "name_resolve".
Replace all tests of "g_resolving_actif" with tests of
"prefs.name_resolv", and replace all code that sets "g_resolving_actif"
with code that sets "prefs.name_resolv", so that the setting of
"prefs.name_resolv" actually affects whether names are resolved or not.
svn path=/trunk/; revision=3300
binaries, so users only need to make sure they have that version
installed in order to have Ethereal (and tcpdump, and snort, and so on)
accept "lanN"-style names (i.e., names of the sort reported by lanscan
and handled by ifconfig), rather than "dlpiN".
Get rid of the patches to update libpcap, get rid of the discussion in
"README.hpux" of patching libpcap and just say "get 0.6.2", and make the
notes on HP-UX kernel patches to fix problems with capturing outgoing
packets a separate item in the list of items in "README.hpux".
Also update the error messages Ethereal and Tethereal display if they
can't open a device and the error is "can't find PPA for XXX" to say
"get 0.6.2" rather than "patch libpcap and recompile.
svn path=/trunk/; revision=3288
for Win32, and show a slightly more informative (i.e., geared to the
user) help message when trying to capture without having WinPcap installed.
svn path=/trunk/; revision=3261
That means that I no longer need to distribute capture and non-capture
versions of Ethereal for Win32; one version (compiled with WinPcap headers)
can run on systems with or without WinPcap.
For systems that don't have WinPcap, instead of disabling the Capture
menu, Capture|Start brings up a dialogue informing the user that wpcap.dll
was not loadable, and gives a URL to the WinPcap home page.
svn path=/trunk/; revision=3249
allow the passing of register_all_protocols() and
register_all_protocol_handoffs() through epan_init() to proto_init().
This allows the removal of the compile time dependence of proto.c
on register.h. Modified dftest.c, tethereal.c, and gtk/main.c to
use the new style epan_init() and depend on register.h.
svn path=/trunk/; revision=3237
"gtk/main.c" in Ethereal.
Add the GLib version to it in Ethereal, and put in the GLib version
rather than the GTK+ version in Tethereal (which isn't linked with
GTK+...).
Make it a GString; this makes the code to construct it slightly less
ugly, especially now that we're putting the GLib version in.
Fix the code for the "-D" flag in Tethereal to compile in a no-libpcap
version (in a no-libpcap version, it just says that this version of
Tethereal wasn't compiled with capture support).
svn path=/trunk/; revision=3196
prints a list of all network interfaces it found on which it can capture
(the same list as the one that shows up in the "Interface" combo box in
Ethereal's "Capture Preferences" dialog).
svn path=/trunk/; revision=3194
expect - it means "same as fully-buffered". This means that the "-l"
flag is a no-op on Windows.
Instead of setting line-buffered mode with "setvbuf()", set a flag and,
if that flag is set, flush the standard output after the information for
ever packet is printed; this isn't "line-buffered", either, but, as the
reason for doing line-buffering is to allow the output of Tethereal to
be piped to a program and to have that program see the output for a
packet as soon as the packet is seen and dissected, it should be just as
good as line-buffered.
svn path=/trunk/; revision=3047
Print the "Capturing on <interface>" message, the running count of
packets captured, and error messages to the standard error in Tethereal,
so that you can pipe the output of a live capture that's printing
packets to a program or script without that script having to worry about
parsing stuff other than dissected packet summaries or details (tcpdump
does the same).
svn path=/trunk/; revision=3017
capturing; if we succeed, display the packet drops count as the "Drops"
value in the status line and as the "Dropped packets" statistics in the
summary dialog box, otherwise don't display it at all.
In Tethereal, attempt to get the packet statistics from libpcap when
capturing; if we succeed, and if there were any dropped packets, print
out the count of dropped packets when the capture finishes.
svn path=/trunk/; revision=3016
into epan/ftypes.
Re-write display filter routines using Lemon parser instead of yacc.
Besides using a different tool, the new grammar is much simpler, while
the display filter engine itself is more powerful and more easily extended.
Add dftest executable, to test display filter "bytecode" generation.
Add option to "configure" to build dftest or randpkt, both of which are not
built by default.
Implement Ed Warnicke's ideas about dranges in the new display filter and
ftype code.
Remove type FT_TEXT_ONLY in favor of FT_NONE, and have protocols registered
as FT_PROTOCOL. Thus, FT_NONE is used only for simple labels in the proto tree,
while FT_PROTOCOL is used for protocols. This was necessary for being
able to make byte slices (ranges) out of protocols, like "frame[0:3]"
Win32 Makefile.nmake's will be added tonight.
svn path=/trunk/; revision=2967
compiled capture filter program, so remove it, and remove the include of
<pcap.h> from "file.h"; instead, have local "struct bpf_program"
structures where needed, and have those files that need stuff from
<pcap.h> include it.
This cleans stuff up a bit, and should eliminate a pile of compile
warnings with Visual C++ due to <pcap.h> and some GTK+/GLib header file
(or files they include) both defining "inline".
svn path=/trunk/; revision=2955
compiled capture filter program, so remove it, and remove the include of
<pcap.h> from "file.h"; instead, have local "struct bpf_program"
structures where needed, and have those files that need stuff from
<pcap.h> include it.
This cleans stuff up a bit, and should eliminate a pile of compile
warnings with Visual C++ due to <pcap.h> and some GTK+/GLib header file
(or files they include) both defining "inline".
svn path=/trunk/; revision=2954
can be put, and a pointer to the string for the column, which might or
might not point to that buffer.
Add a routine "col_set_str()", which sets the string for the column to
the string passed to it as an argument; it should only be handed a
static string (a string constant would be ideal). It doesn't do any
copying, so it's faster than "col_add_str()".
Make the routines that append to columns check whether the pointer to
the string for the column points to the buffer for the column and, if
not, copy the string for the column to the buffer for the column so that
you can append to it (so you can use "col_set_str()" and then use
"col_append_str()" or "col_append_fstr()").
Convert a bunch of "col_add_str()" calls that take a string constant as
an argument to "col_set_str()" calls.
Convert some "col_add_fstr()" calls that take a string constant as the
only argument - i.e., the format string doesn't have any "%" slots into
which to put strings for subsequent arguments to "col_set_str()" calls
(those calls are just like "col_add_str()" calls).
Replace an END_OF_FRAME reference in a tvbuffified dissector with a
"tvb_length(tvb)" call.
svn path=/trunk/; revision=2670
we're capturing, just use a netmask of 0, and warn the user in Tethereal
(doing it in Ethereal would be more disruptive, and doing so only once
per interface in a session is a bit of work, as, in an "Update list of
packets in real time" capture the child process would have to tell the
parent that it couldn't get the netmask).
svn path=/trunk/; revision=2546
"compute_timestamp_diff()" to compute the difference betwen time stamps
but that wasn't deleted, causing the time difference between a frame and
the previous frame to be computed incorrectly in Tethereal.
svn path=/trunk/; revision=2543
file, rather than the top-level Ethereal configuration file, check for
"inet_aton()", "inet_pton()", and "inet_ntop()". Then make its
Makefile.am include the appropriate object files if necessary.
Otherwise, they don't get built and put into libethereal, and therefore
attempts to link with anything in libethereal that uses them fail on
platforms that lack ethem, causing the build to fail.
That means a bunch of things need to be fixed to cope with libethereal
having its own "config.h" file; this means removing the include of
"config.h" from some libethereal header files. Move the definitions of
the path names used only by "resolv.c" to "resolv.c" from "resolv.h" (so
"resolv.h" doesn't need "config.h", define HAVE_PLUGINS in the configure
script (so we don't have to include it in "plugins.h" to check whether
HAVE_DLFCN_H is defined).
Unfortunately, stuff outside libethereal needs to know PLUGIN_DIR; for
now, define that in the top-level configuration file, and have Ethereal
and Tethereal pass it as an argument to "epan_init()" - that should be
cleaned up at some point.
Remove from the top-level configure script checks for things used only
in libethereal.
svn path=/trunk/; revision=2498
Guy Harris