formats we can read; include vendor names.
We should be able to read TokenPeek captures, as well as captures from
the Windows versions of EtherPeek.
Don't list the version numbers for EtherPeek and TokenPeek - those are
file format version numbers, not program version numbers.
svn path=/trunk/; revision=4599
libpcap format, and say that it's also used by "other tools" (tcpdump
and Ethereal/Tethereal aren't the only tools that write captures in that
format).
Weaken the claim that we read Etherpeek files to say only that we read
Etherpeek versions 5, 6, and 7 for Macintosh, so people don't conclude
that we read Etherpeek-for-Windows captures (we don't).
svn path=/trunk/; revision=4337
formats we can read (and to put them in the order in which they're
mentioned in the man pages, to make it easier to make sure the lists are
the same).
svn path=/trunk/; revision=4330
pseudo_header.
Use generic "p2p_phdr" instead of "lapd_phdr". Modify toshiba.c and
packet-lapd.c to take that into account.
Add frame.p2p_dir, a filterable field, 0=sent, 1=recvd
Make p2p_dir available in packe_info, as I think it will be needed
in VJ COMP and UNCOMP dissection.
Rename WTAP_ENCAP_TR to WTAP_ENCAP_TOKEN_RING.
Mention pppd-log support in man page.
Mention atmsnoop in README.
svn path=/trunk/; revision=2455
examples of errors that generate core dumps, and suggest that a stack
trace from the debugger could be useful for *all* failures that produce
core dumps.
Note that the core dump file may be named "ethereal.core", and note that
"tethereal" rather than "ethereal" should be used in file names if it's
Tethereal that blew up.
svn path=/trunk/; revision=2368
a framework for the dissector; of the more than 400 NCP packet types, only
a handful are defined. But this dissector framework is much better than
the previous one.
svn path=/trunk/; revision=2173
editcap.
Expand the list of OSes on which Ethereal has (at least at one time)
been built and used.
Note that systems other than Solaris that use DLPI (e.g., HP-UX) may
also have "/dev" entries that can be made more widely readable and
writable to allow non-root users to capture packets.
Note that we can read "i4btrace" capture files.
Note that we now always do SNMP dissection, and that an external library
just allows us to do more sophisticated dissection.
svn path=/trunk/; revision=1470
"gzgets()" is the one most recently added; it was added in 1.0.9.
Check for it, rather than for a list of functions, when checking for
"zlib" support - if you check for N functions, and they're all there,
you get N "-lz"s added to the list of libraries with which to link.
Indicate in the README that "zlib" versions prior to 1.0.9 definitely
won't work.
svn path=/trunk/; revision=1144
line of ISDN routers. Much like the ascend reader, this module reads an
ASCII hex dump of trace data.
Rearranged the order in which wiretap tries trace files, to keep the
ASCII-readers (ascend and toshiba) at the end, and put the binary-readers
(everything else) at the front of the list. If a telnet session of
and ascend trace or toshiba trace were captured near the beginning of
another trace, wiretap might think the trace was ascend or toshiba if it
tried that module first.
Fixed the way wtap_seek_read() selects functions to call. It was using
the encap type instead of the file type. We got lucky because
WTAP_ENCAP_ASCEND == WTAP_FILE_ASCEND
svn path=/trunk/; revision=952
improving size of grammar and creating the possibility of dfilter_compile
reporting errors back to user. In this case, if an ETHER variable is
compared against a byte string that is not 6 bytes, an error condition is
flagged appropriately. I have not put in the code to conver that error flag
to a message to the user, but that's what I'm working on next.
Also, fixed sample debug session in README to show correct gdb prompt.
svn path=/trunk/; revision=522
expecting it as normal. Added paragraph about iptrace oddities to README.
I also added a section to the README about how to report bugs.
svn path=/trunk/; revision=519
doesn't link with libpcap, so no packet captures can be made. The
"--disable-pcap" option has been added to the configure script. Docs
have been updated. And the string buffer size in the simple_dialog()
has been doubled so that Johan's e-mail address in the "About" dialogue
window doesn't get chopped off.
svn path=/trunk/; revision=351
mechanism that is built into ethereal. Wiretap is now used to read all
file formats. Libpcap is used only for capturing.
svn path=/trunk/; revision=342
that you need "flex" and either "bison" or Berkeley "yacc". (XXX -
should notes such as this go in some other file, e.g. INSTALL? I
discovered the "flex" and "bison"/byacc requirement on a Solaris 7
system, but it's probably a problem on other commercial UNIXes, as well,
so it probably doesn't belong in, say, "README.solaris".)
svn path=/trunk/; revision=337
either the UCD or CMU SNMP library. Also documented the fact that SNMP
support in ethereal can be disabled with the "--disable-snmp" option to
'configure'.
svn path=/trunk/; revision=322