pcap. Add a "-P" capture option which tries to use pcap instead of
pcap-ng ("-P" seemed to be the best option but we may want to use a
different letter).
Update the documentation and release notes.
svn path=/trunk/; revision=37696
1.) The resolution of the time values displayed by tshark's "-z io,stat, ..."
should be increased from milliseconds to microseconds (from 3 to 6 decimal
places) in order to be consistent with -z relative time-related options such as
"-z smb,rtt" and "-z rpc,rtt" which display values to 5 decimal places.
[Please note that separate enhancement requests for 6 decimal of precision in
Wireshark will be submitted shortly.)
2.) The "frames bytes" column displayed in '-z io,stat' is too narrow, frames
and bytes should each have 15 spaces like all the other column types.
3.) The types "FRAMES" and "BYTES" should be added to allow users to display
these values separately and allow for filters to be specified.
4.) The 'SUM' option should allow for relative time values such as SRTs to be
summed. This would be useful for the calculation of such things as
request concurrency (total_SRT_time / duration).
5.) The tshark man page needs some corrections and readability improvements
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4915
svn path=/trunk/; revision=37555
* Remove proto_tree_add_eui64 function from 802.15.4 Dissector
* Replace print_eui64/print_eui64 by eui64_to_str/get_eui64_name
* Update Documentation (README.dev)
* Add new function in libwireshark.def
* Support of encoding for tvb_eui64_to_str
* Use FT_EUI64 for ICMPv6, CAPWAP, Zbee ... dissector
svn path=/trunk/; revision=37015
The supplied patch adds a new option -O, which specifies a list of protocols
(names can be found with the "-G protocols" option) to be fully decoded while
the others only show the layer header.
svn path=/trunk/; revision=36947
TODO: Add a Wireshark tap or look into possibly using the stats tree instead.
Also, like ICMP, the ICMPv6 payload appears to carry the sender's timestamp, so
it might be possible to make use of this information to estimate the total SRT.
(See bug 5770 for more details.)
svn path=/trunk/; revision=36561
if an error occurred while processing.
E.G.,: For the default (no -C option):
'capinfos invalid.xxx' or 'capinfos a.pcap invalid.xxx c.pcap'
should exit with an error status
(after processing all the input args) if there is an error for invalid.xxx.
With this fix, I expect fuzz-test.sh (and list_protos_in_cap.sh
and presumably other scripts) will work a bit more as as expected.
svn path=/trunk/; revision=36487
* Number of ICMP echo requests, replies, lost replies and percent loss.
* Min, Max, Average SRT (Service Response Time), and standard deviation.
(This is my first tap, so hopefully I didn't miss something, but we'll see ...)
TODO: Add a Wireshark tap.
svn path=/trunk/; revision=36480
support; TShark has read+write support. Additionally TShark can read a
"hosts" file and write those records to a capture file.
This uses "struct addrinfo" in many places and probably won't compile on
some platforms.
svn path=/trunk/; revision=36318
pointer to a NULL-terminated string in the TVB. It is no safer than dissectors
which call tvb_get_strsize() and then tvb_get_ptr() but it makes it clear that
this usage of tvb_get_ptr() is safe.
This function is slightly more efficient than tvb_get_ephemeral_stringz()--but
only as long as we're not using composite TVBs.
svn path=/trunk/; revision=35493
tvb_get_ephemeral_fake_unicode() functions have been superceded by
tvb_get_unicode_string() and tvb_get_ephemeral_unicode_string() respectivey.
svn path=/trunk/; revision=35349
is a unicode (UTF-16) version of tvb_get_ephemeral_stringz(). It scans
a tvbuff for a UTF-16 string and converts it to UTF-8 upon return.
svn path=/trunk/; revision=35253
keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
rawshark but broke the ability to feed it live packets with a
pcap_pkthdr prefix on some 64-bit architectures.
Add a "-p" flag which lets us explicitly handle file-based or
memory-based packet record headers.
svn path=/trunk/; revision=34522
- Allow direct access when a range of values begins with a value other than 0;
- Provide value_string_ext_new() for creating extended value strings at runtime;
- Do access to value_string_ext members via a macro (all but value_string.c);
- Update documentation.
svn path=/trunk/; revision=34514
WIRESHARK_SE_VERIFY_POINTERS that control whether or not we verify if a given
pointer is ep_ or se_ allocated, respectively.
Turn the behavior off by default for speed reasons (the speed difference isn't
huge, but...).
Turn the behavior on when fuzz testing.
Document these two new variables in the man pages.
svn path=/trunk/; revision=34046
LoadLibrary and g_module_open only for the program directory and system
directory on Windows. Use them to replace a bunch of LoadLibrary and
g_module_open calls. Use the extension ".dll" for all the DLLs that we
load. Add comments about DLL loading in Python.
svn path=/trunk/; revision=33924
Gerald Combs