the attached patch set correctly the title of the 'Follow SSL stream'
dialog, to fix one issue reported by Nail Devis.
Unfortunaly there isn't an easy way to enable the 'Follow SSL stream'
dialog only for ssl session without knowing the value of proto_ssl (the
ssl protocol id), because the ssl dissector can run on user specified
ports (configured via preferences)
svn path=/trunk/; revision=17187
* add a set_close_cllback function to the textwindow mini-api to set a callback to be called when the window gets closed.
* fix few issues regarding the closing of the window
svn path=/trunk/; revision=17165
- remove the field_menu altoghether (It was not what I thought)
- move a declaration to the start of a function to allow VC6 to compile
svn path=/trunk/; revision=17161
I have developed an external plugin to enable ssl decryption in
ethereal.
Me
- Remove unnecessary $Id$ from acinclude.m4
- Added packet-ssl-utils.h to Makefile.common
- Fixed a few warnings
TODO
- Lots of warning fixes (see separate mail)
- Reformat function headers to read like the others do
(return value<newline>function-name...)
- Test on Windows platform
- Review the patch to packet-ssl.c and new files packet-ssl-utils.[hc]
svn path=/trunk/; revision=17156
epan/dissectors/ncp2222.py - Fixes the NCP group values for all NCP's. Also fixes some additional return values and cleanup.
gtk/ncp_stat.c - Fixes the NCP group values for SRT.
gtk/service_response_time_table.c:
The SRT is broken if you hit the reload button or apply a filter. The table isn't cleared so each item in the list is duplicated and the second entries remain with initial values. This patch clears the GTK_CLIST so that the redundant entries no longer appear.
svn path=/trunk/; revision=17139
simply ignore the length returned in that cases
this way, we may "print" buggy data, but that's what the driver returned ...
svn path=/trunk/; revision=17066
I very often forget to stop a running capture, so Ethereal keeps capturing packets on and on, leaving me with a lot of unrequired packets.
On the other hand (because of the above) I often maximize Ethereal just to see that it's really not capturing any longer.
Looking at the window title isn't of much help, as this title changes with every capture file name loaded, so there's no title which can be easily remembered.
We probably might use this icon mechanism as well, when Ethereal loads a (huge) file, so the user get's a more visual feedback when the capture loading is finished (and probably for other potential "lengthy" tasks as well).
svn path=/trunk/; revision=17042
Find attached a couple of changes for t38:
- Use the dissector to reassemble t30 frames
- Dissect t30 protocol
- Move the "Fax t38 analysis" to the "VoIP Calls". Now when selecting
"Statistics"->"Fax t38 analysis" option, there is a message that
redirect the user to use the "Voip calls" instead. We may keep this
option for one release, and then remove it ?
- Added in the "Voip calls" the ability to detect a t38 call if there
are not signaling associated with it. For example, when using "Decode
as.." to dissect t38 packets, it is possible to use the "Voip calls" to analyze that call.
- Display "SDP (t38)" in the "Voip calls graph" for SDP t38 sessions.
Regards
Alejandro Vaquero
svn path=/trunk/; revision=17033
Win32: convert filenames coming in from command line parameters from locale (current code page) into utf8 encoding
This must also be done for the other command line tools like tethereal, editcap and alike ...
svn path=/trunk/; revision=17025
Here is a patch that:
- Replaces the arrow labels by the beginning of the COLINFO column if available (usually containing message names/types).
- Change the comment area to be "protocol: colinfo_content"
From Anders
Added ID tag
Camel
Use col_set_str to remove TCAP info in col_info
svn path=/trunk/; revision=16975
Browsing through the wishlist I came across this old one by Steve Brown:
------8<------
The GTK1 UI wordwraps assembled TCP streams, the GTK2 UI doesn't, but
should also. Not wrapping makes reading any protocol that lacks linebreaks
virtually impossible (XML, etc.) as it all ends up on one line. I'm tired
of having to install the GTK1 UI :P
------8<------
It seems like a simple request. The oneliner patch implements this wish.
Maybe someone feels the need to make it a preference or selectable.
svn path=/trunk/; revision=16939
set the read filter dialog modal and transient to the parent window if requested. This way, it will receive input signals (solving problems with GTK2's gtk_file_chooser).
To do this, add another construct_args flag, so it will be modal only if really needed ...
svn path=/trunk/; revision=16926
"error_t" is defined elsewhere on at least some versions of Fedora Core,
so it collides with our usage; use "expert_comp_dlg_t" instead.
svn path=/trunk/; revision=16889
After investigating the time-sequence graphs (Stevens and tcptrace) produced
using an FTP capture file supplied by Eduardo Segura
(see http://www.ethereal.com/lists/ethereal-users/200512/msg00153.html )
I've identified several problems in tcp_trace.c.
The problems mostly involve incorrect determination of the lower/upper
sequence number bounds (for the Y axis) in certain cases (e.g. having to do
with 'partial' conversations).
I've reworked the '...get_bounds' code to handle cases such as:
1. out of order data segments (e.g.: the first segment in a captured
conversation has a higher sequence number than a later segment);
2. 'ack' sequence numbers for initial ack segments in a conversation lower
than the sequence numbers of the initial data segments;
3. maximum 'ack + win' sequence number in a conversation greater than the
max data sequence number;
4. Stevens graph: only use data segment sequence numbers when
determining bounds;
5. TCP RST packet without 'ack' flag: do not try to use the 'ack' seq num from
the packet in this case. (This was the specific cause of the originally reported
problem).
I've also reworked the tcptrace display code slightly to properly handle
the initial ack packet of a sequence;
As an example of the some of the fixes the Ethereal tcptrace style graph
of the following conversation fragment will now be similar to the graph
produced by Tcptrace.
data: seq 10000 len 100
data: seq 10100 len 200
ack: ack 5000 win 6000
ack: ack 5400 win 5600
svn path=/trunk/; revision=16874
> here is a small patch for the flow graph feature. It allows
> to have SS7 nodes (network indicator/point codes) to be
> recognized as nodes in the graphs.
> The patch consists in using "pinfo->net_src" or
> "pinfo->net_dst" instead of "pinfo->src" or "pinfo->dst".
> I did some tests with other IP protocols and behavior was
> still the same as before. But I do not guaranty that it
> doesn't have some bad side effects for some protocols.
svn path=/trunk/; revision=16817
warnings.
Include "wiretap/libpcap.h" in "capture_loop.h", to get its declarations
of data structures for headers in libpcap files. This lets us remove
the includes of "wiretap/libpcap.h from files including
"capture_loop.h".
Make "log_func_ignore()" in "tethereal.c" static, and declare some of
its arguments unused. Also get rid of an unused variable.
Include <pcap.h> before including "wiretap/wtap-capture.h", to declare
"struct pcap_pkthdr".
svn path=/trunk/; revision=16791
remove a lot of redundant code from tethereal and use (move) stuff from capture_loop.c instead.
concentrate common capture related code in capture_opts.c, e.g. trying to find the right interface to capture from (command line option, preference, first usable) instead of duplicating this code over several files.
remove redundant code from dumpcap.c
this also implements command line option -D (and indexed interfaces at -i) for Ethereal and Dumpcap (as we have it in Tethereal already for a while)
svn path=/trunk/; revision=16787
Update the window title, right after the fixed capture finished. This might be required if the loading of the capture file afterwards just fails, leaving the title unchanged.
svn path=/trunk/; revision=16772