on a desktop as "Ethereal".
Add a "BinaryPattern" entry; I think this is KDE-specific, and causes
KFM (and Konqueror, I suspect) to tag any executable file that matches
the pattern as being an Ethereal binary (or, at least, to tag some
executable files in that fashion), so make it match both "ethereal" and
"ethereal-static".
svn path=/trunk/; revision=4404
some fields not in the current version of the Free Desktop Group's
Desktop Entry Standard.
Update "Makefile.am" so that the ".desktop" file and the new image files
are in the release tarball.
svn path=/trunk/; revision=4403
Add a routine to ui_util.c that sets a window's icon pixmap to a 16x16
version of the 3D logo. Call the routine for each window that is created.
This has been tested with kwm and Sawfish (which expect a 16x16 icon), but
we may have to come up with a better solution for other window managers
(e.g. olwm and mwm).
Add a 3D exclamation point image. Replace the exclamation point and
Ethereal logo images used in simple_dialog() with their 3D counterparts.
Remove the old icons from the source distribution.
svn path=/trunk/; revision=4390
files to get that big.
From Thomas Wittwer and Matthias Nyffenegger:
Support for "ring buffer mode", wherein there's a ring buffer of N
capture files; as each capture file reaches its maximum size (the ring
buffer works only with a maximum capture file size specified), Ethereal
rolls over to the next capture file in the ring buffer, replacing
whatever packets might be in it with new packets.
svn path=/trunk/; revision=4323
o Modifies the dcerpc handoff to subdissectors slightly. It
also needs to pass the data representation to the
subdissector. Also, if no subdissector is found, it puts a
"Stub data" entry in the tree.
o Adds optional TCP desegmentation to the dcerpc layer. Note
that dcerpc has it's own ability to fragment PDUs. This isn't
for dealing with that, but with the case of a single PDU being
broken over more than one TCP segment.
o Adds a little bit of dissection to packet-dcerpc-epm.c.
Mainly just proof of concept for the dcerpc handoff stuff.
(Writing this is how I realized the need for the drep.)
o Adds packet-dcerpc-ndr.c, which will contain NDR dissection
routines for use by subdissectors.
Also, support added for multiple PDUs per segment for DCERPC-over-TCP
(and, potentially, other byte-stream transports).
svn path=/trunk/; revision=4285
than a pointer to a dissector function, as an argument.
This means that the conversation dissector is called through
"call_dissector()", so the dissector itself doesn't have to worry about
checking whether the protocol is enabled or setting
"pinfo->current_proto", so get rid of the code that does that in
conversation dissectors. Also, make the conversation dissectors static.
Get rid of some direct calls to dissectors; replace them with calls
through handles, and, again, get rid of code to check whether a protocol
is enabled and set "pinfo->current_proto" where that code isn't needed.
Make those dissectors static if they aren't already static.
Add a routine "create_dissector_handle()" to create a dissector handle
without registering it by name, if the dissector isn't used outside the
module in which it's defined.
svn path=/trunk/; revision=4281
work on dissecting the Information frame of QLLC packets.
Thanks to mario.ferreira@hsbc.com.br for lots of information on SNA
over X.25.
svn path=/trunk/; revision=4207
for AIX 5.x's non-standard libpcap, where "pcap_datalink()" doesn't
return DLT_ values, it returns RFC 1573 ifType values.
Put that wrapper, and the routine to get the interface list, in a
separate file, for packet-capture utility routines, so not everybody who
includes "util.h" needs to include <pcap.h>.
Fix up the Wiretap hack for dealing with said incompatibility to use the
correct ifType value for Token Ring.
svn path=/trunk/; revision=4184
without requiring compiler support for them, and updates to the
Diameter, L2TP, NFS, and NLM dissectors to use it and to the ONC RPC
dissector to allow ONC RPC subdissectors to use it.
svn path=/trunk/; revision=4099
tvbuffified heuristic-dissector interface, but have it immediately turn
its arguments into an old-style buffer pointer and offset.
Register the SMB dissector as a heuristic NetBIOS dissector, and have
"dissect_netbios_payload()" just try the heuristics, as it no longer has
to call the SMB dissector explicitly.
svn path=/trunk/; revision=3973
shell. (This also arranges that the source to "idl2eth" - which is now
"idl2eth.sh" - not be deleted by "make clean").
Add "doc/idl2eth.pod" to the list of files in a source tarball.
svn path=/trunk/; revision=3940
the lists of source and generated files for plugins.
While we're at it, make all those lists show the files in the same
order.
svn path=/trunk/; revision=3888
Update Makefile.am and Makefile.nmake files to build it (although it's
not currently built by default; you have to do "make idl2eth.1" on UNIX,
and something similar on Windows.
Put a full copyright notice into "doc/Makefile.nmake", along with a
comment explaining why stuff depends on "../config.h". Also, add
"clean" rules to it to get rid of generated files for mergecap and
text2pcap documentation.
svn path=/trunk/; revision=3801
replace "--with-plugindir" with "--with-plugins", and have the
plugin directory optional - this allows plugins to be disabled;
add "--traditional-cpp" on MacOS X/Darwin (Apple's "cc" compiler
requires it, for some annoying reason, even though it is, as far
as I know, GCC-based, and other GCC's don't require it);
on MacOS X, don't use "pcap_version[]", as, for some annoying
reason, libpcap on MacOS X doesn't define it.
Clean up some whitespace in the help messages for the configure script.
Move the AM_CONDITIONAL for SETUID_INSTALL after the point at which
"enable_setuid_install" is set, as it tests "enable_setuid_install".
svn path=/trunk/; revision=3788
Throw a very small caltrop in the way of spam-harvesters, by replacing
"@" in e-mail addresses in the AUTHORS file and Ethereal man page with
"[AT]" (although I wouldn't be surprised to find that some of those
harvesters already know about that trick and "fix" those addresses so
you, too, can receive Valuable Information about Viagra, can-fail
Internet investment opportunities and stuff-envelopes-at-home jobs, and
cable descramblers).
Add a couple of items from the AUTHORS file to the Ethereal man page.
svn path=/trunk/; revision=3781
have two independent "value_string" tables mapping RFC 1700 address
family numbers to names, nor is there any need to have the BGP dissector
and the PIM dissector have two independent sets of #defines for RFC 1700
address family numbers; put a single "value_string" table in "afn.c" and
put a declaration of it, and #defines for the address family numbers,
into "afn.h", and have the dissectors use that.
Move the #define for PGM into "ipproto.h", and add an entry for it in
the "value_string" table in "ipproto.c".
Have the PGM dissector use the standard Ethereal mechanisms for
resolving addresses, and have it use "value_string" tables for mapping
option types, the OPX bits, and packet types to strings. Use
"bytes_to_str()" to turn byte arrays into strings of hex digits. Pass
the packet type string to "dissect_pgmopts()" as an argument, rather
than making it a global. Don't use "proto_tree_add_XXX_format" routines
if you can possibly just use "proto_tree_add_XXX"; give various fields
the correct radix and type, and VALS() strings if necessary, to make
that happen (and to make filtering on them more pleasant). Put the
type, length, and total length of the options into the protocol tree as
separate fields. Don't have separate type, length, and OPX fields for
every type of option; one field will suffice. Don't format a string
with "sprintf()" and then pass that string to "col_add_fstr()" with a
format of "%s" and the string as an argument - "col_add_fstr()" can
format strings itself (that's what the "f" stands for). Don't byte-swap
and then un-byte-swap IPv4 address fields in the header, just leave them
network byte order to start with. Use the correct fields for
"proto_tree_add_XXX", rather than using the same field multiple times.
Quit early if an address family identifier isn't AFNUM_INET, as that
means the structure we use to dissect the header doesn't match the
actual header.
svn path=/trunk/; revision=3761
in the list of files in the distribution.
Make "doc" one of the subdirectories; this lets us remove
"doc/Makefile.in" from EXTRA_DIST, and might also ensure that stuff gets
rebuilt in that directory when it changes (for example, I don't know
whether "make dist" would have automatically rebuilt "doc/Makefile.in"
without "doc" being in the SUBDIRS list; if not, that might explain why
"doc/Makefile.in" didn't include rules for the mergecap man page in the
0.8.19 tarball).
svn path=/trunk/; revision=3735
files that might be left over from a UNIX build, so that they'll be
reconstructed from the "config.h.win32" files on a Windows build.
(If you have "config.h" files left over from a UNIX build, the Windows
build will fail.)
Update "README.win32" to mention "cleanbld.bat", and to correctly list
the files generated using tools that don't come with Windows or MSVC++.
Also note that some of them can't be built on UNIX systems.
svn path=/trunk/; revision=3713
themselves with the DCE RPC dissector, and support for some of the
protocols atop DCE RPC that are part of DCE RPC, from Todd Sabin.
svn path=/trunk/; revision=3681
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
the glibc "strptime()" (modified so it doesn't require the rest of
glibc), set up the configure script to check for it, and set up
Makefile.am and Makefile.nmake to use it.
Get rid of NEED_MKSTEMP - nothing uses it.
svn path=/trunk/; revision=3500
files. See text2pcap.1 (built from doc/text2pcap.pod) for details.
Changed 'tethereal -x' output to match hex dump format of text2pcap,
Ethereal and others.
svn path=/trunk/; revision=3421
version of automake (which will probably eventually become the next
release of automake) - it assumes variables that end with _SOURCES are
of the form "target_SOURCES", where "target" must be a target that the
Makefile builds.
Rename "DISSECTOR_SOURCES" to "DISSECTOR_SRC" in "Makefile.nmake", as
well, so that part of "Makefile.nmake" exactly matches that part of
"Makefile.am".
svn path=/trunk/; revision=3408
Perl script that generates them, so that if we have to change those
fields we can do so more conveniently.
Remove the generated header files from CVS, and arrange that we generate
them when we do a build.
svn path=/trunk/; revision=3341
binaries, so users only need to make sure they have that version
installed in order to have Ethereal (and tcpdump, and snort, and so on)
accept "lanN"-style names (i.e., names of the sort reported by lanscan
and handled by ifconfig), rather than "dlpiN".
Get rid of the patches to update libpcap, get rid of the discussion in
"README.hpux" of patching libpcap and just say "get 0.6.2", and make the
notes on HP-UX kernel patches to fix problems with capturing outgoing
packets a separate item in the list of items in "README.hpux".
Also update the error messages Ethereal and Tethereal display if they
can't open a device and the error is "can't find PPA for XXX" to say
"get 0.6.2" rather than "patch libpcap and recompile.
svn path=/trunk/; revision=3288
That means that I no longer need to distribute capture and non-capture
versions of Ethereal for Win32; one version (compiled with WinPcap headers)
can run on systems with or without WinPcap.
For systems that don't have WinPcap, instead of disabling the Capture
menu, Capture|Start brings up a dialogue informing the user that wpcap.dll
was not loadable, and gives a URL to the WinPcap home page.
svn path=/trunk/; revision=3249
Guy Harris