strings are unsigned, so that we can hand them to "isXXX()" macros
without GCC warning us that an array subscript is "char" (as in "if this
is a character with the 8th bit set, you may not get the answer you
think you should from 'isXXX()'").
svn path=/trunk/; revision=2972
"get_opterr()" so they don't collide with "getopt()"s "optarg" and
"opterr" globals (Solaris 2.6's <stdio.h> declares both "optarg" and
"opterr", causing "lemon.c" not to compile).
Define "safe_isXXX()" macros to call "isXXX()" after casting the
argument to "unsigned char" to handle characters with the 8th bit set.
Make some "int" variables used only to hold characters "char" instead.
svn path=/trunk/; revision=2970
doesn't appearn and disappear depending on the size of the proto tree
in relation to the view window. I didn't like the horizontal jumps that
the proto tree had to do when the scrollbar either disappeared or
appeared.
svn path=/trunk/; revision=2969
into epan/ftypes.
Re-write display filter routines using Lemon parser instead of yacc.
Besides using a different tool, the new grammar is much simpler, while
the display filter engine itself is more powerful and more easily extended.
Add dftest executable, to test display filter "bytecode" generation.
Add option to "configure" to build dftest or randpkt, both of which are not
built by default.
Implement Ed Warnicke's ideas about dranges in the new display filter and
ftype code.
Remove type FT_TEXT_ONLY in favor of FT_NONE, and have protocols registered
as FT_PROTOCOL. Thus, FT_NONE is used only for simple labels in the proto tree,
while FT_PROTOCOL is used for protocols. This was necessary for being
able to make byte slices (ranges) out of protocols, like "frame[0:3]"
Win32 Makefile.nmake's will be added tonight.
svn path=/trunk/; revision=2967
Correct number of addresses shown in dataframes.
Duration ID changed to "Association ID" in power-save polls
Added sequence and fragment numbers.
Corrected representation of frame-control flags.
Added dissection of data frames with piggybacked CF-Ack, Poll but no
data.
Cleaned up code a bit (mostly empty lines)...
svn path=/trunk/; revision=2964
compiled capture filter program, so remove it, and remove the include of
<pcap.h> from "file.h"; instead, have local "struct bpf_program"
structures where needed, and have those files that need stuff from
<pcap.h> include it.
This cleans stuff up a bit, and should eliminate a pile of compile
warnings with Visual C++ due to <pcap.h> and some GTK+/GLib header file
(or files they include) both defining "inline".
svn path=/trunk/; revision=2955
compiled capture filter program, so remove it, and remove the include of
<pcap.h> from "file.h"; instead, have local "struct bpf_program"
structures where needed, and have those files that need stuff from
<pcap.h> include it.
This cleans stuff up a bit, and should eliminate a pile of compile
warnings with Visual C++ due to <pcap.h> and some GTK+/GLib header file
(or files they include) both defining "inline".
svn path=/trunk/; revision=2954
that button doesn't undo edits you've made to the list of filters it's
displaying.
Don't show an "OK" button if the dialog isn't attached to a text entry
box, as the "OK" button means "enter the current filter into the
attached text entry box, and close the dialog", and if there *is* no
attached text entry box, "OK" doesn't do what you might expect (it's
equivalent to "Close").
svn path=/trunk/; revision=2952
requires that the dfilter code be initialized before the plugins are
added; this required us to *re*-initialize the dfilter code after
reading in all the plugins, as the plugins may themselves have added new
filterable fields - that was a bit of a mess), and make the
"Tools->Plugins" dialog box show the new-style plugins.
svn path=/trunk/; revision=2951
requires that the dfilter code be initialized before the plugins are
added; this required us to *re*-initialize the dfilter code after
reading in all the plugins, as the plugins may themselves have added new
filterable fields - that was a bit of a mess), and make the
"Tools->Plugins" dialog box show the new-style plugins.
svn path=/trunk/; revision=2950
plugins, as the MGCP dissector uses it.
Don't set pointers to "dfilter_init()" and "dfilter_cleanup()" in that
transfer vector, as there *aren't* any pointers to them in the transfer
vector.
svn path=/trunk/; revision=2949
use the capture filter lists, and others use the display filter list, as
appropriate.
Have separate menu items for editing the capture and display filter
lists.
Have separate "~/.ethereal/cfilters" and "~/.ethereal/dfilters" files
for the two lists; if either of those files isn't found, we try
"~/.ethereal/filters", which means that you will start out with two
identical lists holding all your filters - if certain filters belong
only in one list, you'll have to delete them by hand from the other
list.
Do I/O error checking when reading and writing filter lists; when
writing a filter list, write it to a new file, and then rename the new
file on top of the old file, so that you don't lose your old filter list
if, for example, you run out of disk space or disk quota.
svn path=/trunk/; revision=2948
either with a table of old-style dissectors or a table of tvbuffified
dissectors, and have the RPC dissector pass the appropriate arguments to
the dissectors.
Finish tvbuffifying the NLM dissector, getting rid of the last traces of
old-style dissector code.
In those routines in the NFS dissector that take new-style arguments
(because they're called from the NLM dissector), make them take an
offset as an argument, so they don't assume that they're handed a tvbuff
starting at the stuff they're supposed to dissect, and make the versions
that take old-style arguments construct a tvbuff and call the versions
that take new-style arguments. Do the latter with the routines in
"packet-rpc.c" as well.
svn path=/trunk/; revision=2943
HAVE_XXX_H if xxx.h is present, but doesn't recognize AC_CHECK_HEADER as
such, and thus doesn't put anything about HAVE_XXX_H into "config.h.in",
and thus HAVE_XXX_H doesn't get defined even if xxx.h is present.
svn path=/trunk/; revision=2942
be loaded and their initialization routines called in right after we
call the initialization routines for built-in dissectors, but don't call
their handoff registration routines yet, and then call the handoff
registration routines right after calling the handoff registration
routines for built-in dissectors.
Do all that in "proto_init()", rather than "epan_init()".
That way, we call all dissector registration routines together, and then
call all dissector handoff registration routines together; all the
registration routines are called before any handoff registration
routines, as is required, and, as "proto_init()" is called by
"epan_init()" before "dfilter_init()" is called, all filterable fields
have been registered before "dfilter_init()" is called, and no plugins
have to call "dfilter_init()" themselves to get their fields registered.
Remove pointers to "dfilter_init()" and "dfilter_cleanup()" from the
plugin address table, as plugins shouldn't be calling them any more, and
remove calls to them from plugins.
svn path=/trunk/; revision=2940
(We really need to put in some rudimentary 64-bit integer support, for
the benefit of platforms+compilers that don't support it; the
floating-point calculations we're doing now appear not to get exactly
the right answer, from an experiment at reading a NetMon 2.x file and
writing it back out as NetMon 2.x with editcap.)
svn path=/trunk/; revision=2939
statements.
Move the setting of the Protocol column in various dissectors before
anything is fetched from the packet, and also clear the Info column at
that point in those and some other dissectors, so that if an exception
is thrown, the columns don't reflect the previous protocol.
"Tvbuffify" the Mobile IP dissector (it took old-style arguments, and
then converted them into tvbuff arguments, so there wasn't much to do,
other than to fix references to "fd" to refer to "pinfo->fd").
In the SCTP dissector, refer to the port type and source and destination
ports through "pinfo" rather than through the global "pi", as it's a
tvbuffified dissector.
In the SMTP and Time Protocol dissectors, use "pinfo->match_port" rather
than "TCP_PORT_SMTP" when checking whether the packet is a request or
reply, just in case somebody makes a non-standard port be dissected as
SMTP or Time. (Also, remove a bogus comment from the Time dissector; it
was probably cut-and-pasted from the TFTP dissector.)
svn path=/trunk/; revision=2938
Digital^H^H^H^H^H^H^HTru64 UNIX, but make the note about DU 3.2 a bit
speculative (I don't have 3.2 documentation handy to check whether, for
example, you can use "doconfig" interactively).
Add a note about using "doconfig" interactively - the Tru64 UNIX FAQ
mentions that in its not on using tcpdump.
Expand on the discussion of "pfconfig" to explain that you're also
enabling "local copy" mode, and to mention the "-a" option to let you
enable local copy and promiscuous mode on all devices, and to explain
*why* you want to enable local copy and promiscuous mode. Also, in the
example pfconfig command, put the network device name at the end - the
Tru64 UNIX FAQ, and the pfconfig man page, both put it there.
svn path=/trunk/; revision=2937
delete event on that window, revert all the protocol enabling settings
to the values they had when the dialog box was first popped up.
svn path=/trunk/; revision=2934
statements.
Move the setting of the Protocol column in various dissectors before
anything is fetched from the packet, and also clear the Info column at
that point in those and some other dissectors, so that if an exception
is thrown, the columns don't reflect the previous protocol.
svn path=/trunk/; revision=2932
statements.
Move the setting of the Protocol column in various dissectors before
anything is fetched from the packet, and also clear the Info column at
that point in those and some other dissectors, so that if an exception
is thrown, the columns don't reflect the previous protocol.
Don't use
col_add_fstr(..., "%s", string);
Use
col_add_str(..., string);
as it does the same thing, but doesn't drag all the heavy *printf
machinery in.
Fix the DDTP dissector to set the Info column regardless of whether
we're building a protocol tree or not, and to set it to "Encrypted
payload" if the payload is encrypted. Also fix a typo in a field name.
Register the FTP data dissector as being associated with the FTP data
protocol, not the FTP protocol (the removed "CHECK_DISPLAY_AS_DATA()"
call checked "proto_ftp_data", and the removed "pinfo->current_proto ="
line set it to "FTP-DATA", so it should be associated with
"proto_ftp_data").
Make the H1 dissector check whether the frame has at least 2 bytes in it
before checking the first two bytes; heuristic dissectors must not throw
exceptions until they've accepted the packet as one of theirs.
Use "tvb_format_text()" rather than "tvb_get_ptr()" and "format_text()"
in some dissectors where the result of "tvb_get_ptr()" is used only in
the "format_text()" call.
In the Quake dissector, don't check whether there are at least 4 bytes
in the packet - if we return, the packet won't be dissected at all (it's
not as if some other dissector will get to handle it), and, if we don't
return, we'll throw an exception if there aren't at least 4 bytes in the
packet, so the packet will be marked as short or malformed, as
appropriate.
In the RIPng dissector, associate the table of strings for the command
field with the command field, so that the dissector doesn't have to
format the string for the protocol tree entry itself, and so that the
filter construction dialog box can let you select "Request" or
"Response" from a list rather than requiring you to know the values for
"Request" and "Response".
Make "dissect_rpc()" static, as it's called only through a heuristic
dissector list.
Use "col_set_str()" to set the COL_PROTOCOL column for RPC protocols;
the string used is from a table provided by the dissector, and is a
string constant.
Don't format the Info column for WSP into a buffer and then format that
buffer into the column with "%s" - "col_add_fstr()" can do the
formatting for you, without having to allocate your own buffer (or run
through the *printf machinery twice).
Don't fetch fields from the WTP packet until you're ready to use them,
so that you don't throw an exception before you even set the Protocol
column or clear the Info column.
Use "pinfo->destport", not "pi.destport", in the Zebra dissector when
checking whether the packet is a request or reply, and do the check by
comparing with "pinfo->match_port" rather than TCP_PORT_ZEBRA (so that
if the dissector is ever registered on another port, it still correctly
determines whether the packet is a request or reply - the Network
Monitor HTTP dissector has port 80 wired into its brain, which is a bit
irritating if you're trying to get it to dissect HTTP proxy traffic on
port 3128 or proxy administration UI traffic on port 3132).
svn path=/trunk/; revision=2931