Make sure to pass the sent/received direction from pppdump.c in

pseudo_header.
Use generic "p2p_phdr" instead of "lapd_phdr". Modify toshiba.c and
packet-lapd.c to take that into account.
Add frame.p2p_dir, a filterable field, 0=sent, 1=recvd
Make p2p_dir available in packe_info, as I think it will be needed
in VJ COMP and UNCOMP dissection.

Rename WTAP_ENCAP_TR to WTAP_ENCAP_TOKEN_RING.

Mention pppd-log support in man page.
Mention atmsnoop in README.

svn path=/trunk/; revision=2455

README

@@ -1,4 +1,4 @@
-$Id: README,v 1.43 2000/09/20 12:09:37 gram Exp $
+$Id: README,v 1.44 2000/09/21 04:41:05 gram Exp $
 
 General Information
 ------- -----------
@@ -91,6 +91,7 @@ Sniffer (compressed and uncompressed)
 NetXray
 Sniffer Pro
 snoop
+atmsnoop
 Shomiti
 LANalyzer
 Microsoft Network Monitor

capture.c

@@ -1,7 +1,7 @@
 /* capture.c
  * Routines for packet capture windows
  *
- * $Id: capture.c,v 1.126 2000/09/17 03:20:03 guy Exp $
+ * $Id: capture.c,v 1.127 2000/09/21 04:41:06 gram Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@zing.org>
@@ -988,7 +988,7 @@ pipe_dispatch(int fd, loop_data *ld, struct pcap_hdr *hdr)
     case WTAP_ENCAP_FDDI_BITSWAPPED:
       capture_fddi(pd, &ld->counts);
       break;
-    case WTAP_ENCAP_TR:
+    case WTAP_ENCAP_TOKEN_RING:
       capture_tr(pd, 0, &ld->counts);
       break;
     case WTAP_ENCAP_NULL:
@@ -1578,7 +1578,7 @@ capture_pcap_cb(u_char *user, const struct pcap_pkthdr *phdr,
     case WTAP_ENCAP_FDDI_BITSWAPPED:
       capture_fddi(pd, &ld->counts);
       break;
-    case WTAP_ENCAP_TR:
+    case WTAP_ENCAP_TOKEN_RING:
       capture_tr(pd, 0, &ld->counts);
       break;
     case WTAP_ENCAP_NULL:

doc/ethereal.pod.template

@@ -38,8 +38,9 @@ B<atmsnoop>, B<LanAlyzer>, B<Sniffer> (compressed or uncompressed),
 Microsoft B<Network Monitor>, AIX's B<iptrace>, B<NetXray>, B<Sniffer
 Pro>, B<RADCOM>'s WAN/LAN analyzer, B<Lucent/Ascend> router debug
 output, HP-UX's B<nettl>, the dump output from B<Toshiba's> ISDN
-routers, the output from B<i4btrace> from the ISDN4BSD project, and
+routers, the output from B<i4btrace> from the ISDN4BSD project, the
-output in IPLog format from the Cisco Secure Intrusion Detection System.
+output in B<IPLog> format from the Cisco Secure Intrusion Detection System,
+and B<pppd logs> (pppdump format).
 There is no need to tell B<Ethereal> what type of file you are reading;
 it will determine the file type by itself.  B<Ethereal> is also capable
 of reading any of these file formats if they are compressed using gzip. 

packet-lapd.c

@@ -2,7 +2,7 @@
  * Routines for LAPD frame disassembly
  * Gilbert Ramirez <gram@xiexie.org>
  *
- * $Id: packet-lapd.c,v 1.13 2000/08/13 14:08:24 deniel Exp $
+ * $Id: packet-lapd.c,v 1.14 2000/09/21 04:41:07 gram Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@zing.org>
@@ -106,20 +106,20 @@ dissect_lapd(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
 	sapi = (address & LAPD_SAPI) >> LAPD_SAPI_SHIFT;
 	lapd_header_len = 2;	/* address */
 
-	if (pinfo->pseudo_header->lapd.from_network_to_user) {
+	if (pinfo->pseudo_header->p2p.sent) {
-		is_response = cr ? FALSE : TRUE;
-		if(check_col(pinfo->fd, COL_RES_DL_DST))
-		    col_add_str(pinfo->fd, COL_RES_DL_DST, "User");
-		if(check_col(pinfo->fd, COL_RES_DL_SRC))
-		    col_add_str(pinfo->fd, COL_RES_DL_SRC, "Network");
-	}
-	else {
 		is_response = cr ? TRUE : FALSE;
 		if(check_col(pinfo->fd, COL_RES_DL_DST))
 			col_add_str(pinfo->fd, COL_RES_DL_DST, "Network");
 		if(check_col(pinfo->fd, COL_RES_DL_SRC))
 			col_add_str(pinfo->fd, COL_RES_DL_SRC, "User");
 	}
+	else {
+		is_response = cr ? FALSE : TRUE;
+		if(check_col(pinfo->fd, COL_RES_DL_DST))
+		    col_add_str(pinfo->fd, COL_RES_DL_DST, "User");
+		if(check_col(pinfo->fd, COL_RES_DL_SRC))
+		    col_add_str(pinfo->fd, COL_RES_DL_SRC, "Network");
+	}
 
 
 	if (tree) {

packet.c

@@ -1,7 +1,7 @@
 /* packet.c
  * Routines for packet disassembly
  *
- * $Id: packet.c,v 1.108 2000/09/13 20:17:21 gram Exp $
+ * $Id: packet.c,v 1.109 2000/09/21 04:41:07 gram Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@zing.org>
@@ -102,6 +102,7 @@ static int hf_frame_time_delta = -1;
 static int hf_frame_number = -1;
 static int hf_frame_packet_len = -1;
 static int hf_frame_capture_len = -1;
+static int hf_frame_p2p_dir = -1;
 static int proto_short = -1;
 static int proto_malformed = -1;
 
@@ -109,6 +110,14 @@ static gint ett_frame = -1;
 
 static void display_signed_time(gchar *, int, gint32, gint32);
 
+
+static const value_string p2p_dirs[] = {
+	{ P2P_DIR_SENT,	"Sent" },
+	{ P2P_DIR_RECV, "Received" },
+	{ 0, NULL }
+};
+	
+
 /* Protocol-specific data attched to a frame_data structure - protocol
    index and opaque pointer. */
 typedef struct _frame_proto_data {
@@ -939,6 +948,7 @@ void blank_packetinfo(void)
   pi.srcport  = 0;
   pi.destport = 0;
   pi.current_proto = "<Missing Protocol Name>";
+  pi.p2p_dir = P2P_DIR_UNKNOWN;
 }
 
 /* Do all one-time initialization. */
@@ -1000,6 +1010,14 @@ dissect_packet(union wtap_pseudo_header *pseudo_header, const u_char *pd,
 	struct timeval tv;
 	static tvbuff_t *tvb;
 
+	blank_packetinfo();
+
+	if (fd->lnk_t == WTAP_ENCAP_LAPD ||
+			fd->lnk_t == WTAP_ENCAP_PPP_WITH_PHDR) {
+
+		pi.p2p_dir = pseudo_header->p2p.sent ? P2P_DIR_SENT : P2P_DIR_RECV;
+	}
+
 	/* Put in frame header information. */
 	if (tree) {
 	  ti = proto_tree_add_protocol_format(tree, proto_frame, NullTVB, 0, fd->cap_len,
@@ -1030,9 +1048,14 @@ dissect_packet(union wtap_pseudo_header *pseudo_header, const u_char *pd,
 	  proto_tree_add_uint_format(fh_tree, hf_frame_capture_len, NullTVB,
 		0, 0, fd->cap_len, "Capture Length: %d byte%s", fd->cap_len,
 		plurality(fd->cap_len, "", "s"));
+
+	  /* Check for existences of P2P pseudo header */
+	  if (fd->lnk_t == WTAP_ENCAP_LAPD || fd->lnk_t == WTAP_ENCAP_PPP_WITH_PHDR) {
+		  proto_tree_add_uint(fh_tree, hf_frame_p2p_dir, NullTVB,
+				  0, 0, pi.p2p_dir);
+	  }
 	}
 
-	blank_packetinfo();
 
 	/* Set the initial payload to the packet length, and the initial
 	   captured payload to the capture length (other protocols may
@@ -1060,13 +1083,14 @@ dissect_packet(union wtap_pseudo_header *pseudo_header, const u_char *pd,
 			case WTAP_ENCAP_FDDI_BITSWAPPED :
 				dissect_fddi(tvb, &pi, tree, TRUE);
 				break;
-			case WTAP_ENCAP_TR :
+			case WTAP_ENCAP_TOKEN_RING :
 				dissect_tr(tvb, &pi, tree);
 				break;
 			case WTAP_ENCAP_NULL :
 				dissect_null(tvb, &pi, tree);
 				break;
 			case WTAP_ENCAP_PPP :
+			case WTAP_ENCAP_PPP_WITH_PHDR :
 				dissect_ppp(tvb, &pi, tree);
 				break;
 			case WTAP_ENCAP_LAPB :
@@ -1203,6 +1227,10 @@ proto_register_frame(void)
 		{ &hf_frame_capture_len,
 		{ "Capture Frame Length",	"frame.cap_len", FT_UINT32, BASE_DEC, NULL, 0x0,
 			"" }},
+
+		{ &hf_frame_p2p_dir,
+		{ "Point-to-Point Direction",	"frame.p2p_dir", FT_UINT8, BASE_DEC, VALS(p2p_dirs), 0x0,
+			"" }},
 	};
 	static gint *ett[] = {
 		&ett_frame,

packet.h

@@ -1,7 +1,7 @@
 /* packet.h
  * Definitions for packet disassembly structures and routines
  *
- * $Id: packet.h,v 1.201 2000/09/11 16:16:12 gram Exp $
+ * $Id: packet.h,v 1.202 2000/09/21 04:41:08 gram Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@zing.org>
@@ -148,6 +148,10 @@ typedef enum {
   PT_NCP		/* NCP connection */
 } port_type;
 
+#define P2P_DIR_UNKNOWN	-1
+#define P2P_DIR_SENT	0
+#define P2P_DIR_RECV	1
+
 typedef struct _packet_info {
   const char *current_proto;	/* name of protocol currently being dissected */
   frame_data *fd;
@@ -168,6 +172,7 @@ typedef struct _packet_info {
   guint32 match_port;
   int     iplen;
   int     iphdrlen;
+  int	  p2p_dir;
 } packet_info;
 
 extern packet_info pi;

randpkt.c

@@ -4,7 +4,7 @@
  * Creates random packet traces. Useful for debugging sniffers by testing
  * assumptions about the veracity of the data found in the packet.
  *
- * $Id: randpkt.c,v 1.8 2000/06/11 15:54:03 gerald Exp $
+ * $Id: randpkt.c,v 1.9 2000/09/21 04:41:09 gram Exp $
  *
  * Copyright (C) 1999 by Gilbert Ramirez <gram@xiexie.org>
  * 
@@ -215,7 +215,7 @@ pkt_example examples[] = {
 		PKT_IP,		pkt_ip,		WTAP_ENCAP_ETHERNET,	array_length(pkt_ip) },
 
 	{ "llc", "Logical Link Control",
-		PKT_LLC,	pkt_llc,	WTAP_ENCAP_TR,		array_length(pkt_llc) },
+		PKT_LLC,	pkt_llc,	WTAP_ENCAP_TOKEN_RING,	array_length(pkt_llc) },
 
 	{ "nbns", "NetBIOS-over-TCP Name Service",
 		PKT_NBNS,	pkt_nbns,	WTAP_ENCAP_ETHERNET,	array_length(pkt_nbns) },
@@ -224,10 +224,10 @@ pkt_example examples[] = {
 		PKT_SYSLOG,	pkt_syslog,	WTAP_ENCAP_ETHERNET,	array_length(pkt_syslog) },
 
 	{ "tcp", "Transmission Control Protocol",
-		PKT_TCP,	pkt_tcp,	WTAP_ENCAP_TR,		array_length(pkt_tcp) },
+		PKT_TCP,	pkt_tcp,	WTAP_ENCAP_TOKEN_RING,	array_length(pkt_tcp) },
 
 	{ "tr",	 "Token-Ring",
-		PKT_TR,		NULL,		WTAP_ENCAP_TR,		0 },
+		PKT_TR,		NULL,		WTAP_ENCAP_TOKEN_RING,	0 },
 
 	{ "udp", "User Datagram Protocol",
 		PKT_UDP,	pkt_udp,	WTAP_ENCAP_ETHERNET,	array_length(pkt_udp) }

wiretap/iptrace.c

@@ -1,6 +1,6 @@
 /* iptrace.c
  *
- * $Id: iptrace.c,v 1.31 2000/09/07 05:34:09 gram Exp $
+ * $Id: iptrace.c,v 1.32 2000/09/21 04:41:30 gram Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
@@ -408,7 +408,7 @@ wtap_encap_ift(unsigned int  ift)
 /* 0x6 */	WTAP_ENCAP_ETHERNET,	/* IFT_ETHER */
 /* 0x7 */	WTAP_ENCAP_UNKNOWN,	/* IFT_ISO88023 */
 /* 0x8 */	WTAP_ENCAP_UNKNOWN,	/* IFT_ISO88024 */
-/* 0x9 */	WTAP_ENCAP_TR,		/* IFT_ISO88025 */
+/* 0x9 */	WTAP_ENCAP_TOKEN_RING,	/* IFT_ISO88025 */
 /* 0xa */	WTAP_ENCAP_UNKNOWN,	/* IFT_ISO88026 */
 /* 0xb */	WTAP_ENCAP_UNKNOWN,	/* IFT_STARLAN */
 /* 0xc */	WTAP_ENCAP_RAW_IP,	/* IFT_P10, IBM SP switch */

wiretap/lanalyzer.c

@@ -1,6 +1,6 @@
 /* lanalyzer.c
  *
- * $Id: lanalyzer.c,v 1.25 2000/09/07 05:34:10 gram Exp $
+ * $Id: lanalyzer.c,v 1.26 2000/09/21 04:41:30 gram Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
@@ -167,7 +167,7 @@ int lanalyzer_open(wtap *wth, int *err)
 						wth->file_encap = WTAP_ENCAP_ETHERNET;
 						break;
 					case BOARD_325TR:
-						wth->file_encap = WTAP_ENCAP_TR;
+						wth->file_encap = WTAP_ENCAP_TOKEN_RING;
 						break;
 					default:
 						g_message("lanalyzer: board type %u unknown",

wiretap/libpcap.c

@@ -1,6 +1,6 @@
 /* libpcap.c
  *
- * $Id: libpcap.c,v 1.42 2000/09/17 07:50:35 guy Exp $
+ * $Id: libpcap.c,v 1.43 2000/09/21 04:41:31 gram Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
@@ -95,7 +95,7 @@ static const struct {
 	 */
 	{ 0,		WTAP_ENCAP_NULL },	/* null encapsulation */
 	{ 1,		WTAP_ENCAP_ETHERNET },
-	{ 6,		WTAP_ENCAP_TR },	/* IEEE 802 Networks - assume token ring */
+	{ 6,		WTAP_ENCAP_TOKEN_RING },	/* IEEE 802 Networks - assume token ring */
 	{ 7,		WTAP_ENCAP_ARCNET },
 	{ 8,		WTAP_ENCAP_SLIP },
 	{ 9,		WTAP_ENCAP_PPP },

wiretap/netmon.c

@@ -1,6 +1,6 @@
 /* netmon.c
  *
- * $Id: netmon.c,v 1.33 2000/09/07 05:34:12 gram Exp $
+ * $Id: netmon.c,v 1.34 2000/09/21 04:41:32 gram Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
@@ -108,7 +108,7 @@ int netmon_open(wtap *wth, int *err)
 	static const int netmon_encap[] = {
 		WTAP_ENCAP_UNKNOWN,
 		WTAP_ENCAP_ETHERNET,
-		WTAP_ENCAP_TR,
+		WTAP_ENCAP_TOKEN_RING,
 		WTAP_ENCAP_FDDI_BITSWAPPED,
 		WTAP_ENCAP_UNKNOWN,	/* WAN */
 		WTAP_ENCAP_UNKNOWN,	/* LocalTalk */
@@ -412,7 +412,7 @@ netmon_close(wtap *wth)
 static const int wtap_encap[] = {
 	-1,		/* WTAP_ENCAP_UNKNOWN -> unsupported */
 	1,		/* WTAP_ENCAP_ETHERNET -> NDIS Ethernet */
-	2,		/* WTAP_ENCAP_TR -> NDIS Token Ring */
+	2,		/* WTAP_ENCAP_TOKEN_RING -> NDIS Token Ring */
 	-1,		/* WTAP_ENCAP_SLIP -> unsupported */
 	-1,		/* WTAP_ENCAP_PPP -> unsupported */
 	3,		/* WTAP_ENCAP_FDDI -> NDIS FDDI */

wiretap/netxray.c

@@ -1,6 +1,6 @@
 /* netxray.c
  *
- * $Id: netxray.c,v 1.31 2000/09/07 05:34:14 gram Exp $
+ * $Id: netxray.c,v 1.32 2000/09/21 04:41:32 gram Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
@@ -110,7 +110,7 @@ int netxray_open(wtap *wth, int *err)
 	double t;
 	static const int netxray_encap[] = {
 		WTAP_ENCAP_ETHERNET,
-		WTAP_ENCAP_TR,
+		WTAP_ENCAP_TOKEN_RING,
 		WTAP_ENCAP_FDDI_BITSWAPPED,
 		WTAP_ENCAP_ETHERNET,	/* WAN(PPP), but shaped like ethernet */
 		WTAP_ENCAP_UNKNOWN,	/* LocalTalk */
@@ -310,7 +310,7 @@ netxray_close(wtap *wth)
 static const int wtap_encap[] = {
     -1,		/* WTAP_ENCAP_UNKNOWN -> unsupported */
     0,		/* WTAP_ENCAP_ETHERNET -> NDIS Ethernet */
-    1,		/* WTAP_ENCAP_TR -> NDIS Token Ring */
+    1,		/* WTAP_ENCAP_TOKEN_RING -> NDIS Token Ring */
     -1,		/* WTAP_ENCAP_SLIP -> unsupported */
     -1,		/* WTAP_ENCAP_PPP -> unsupported */
     2,		/* WTAP_ENCAP_FDDI -> NDIS FDDI */

wiretap/ngsniffer.c

@@ -1,6 +1,6 @@
 /* ngsniffer.c
  *
- * $Id: ngsniffer.c,v 1.51 2000/09/07 05:34:16 gram Exp $
+ * $Id: ngsniffer.c,v 1.52 2000/09/21 04:41:33 gram Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
@@ -291,7 +291,7 @@ int ngsniffer_open(wtap *wth, int *err)
 	guint16	start_date;
 	guint16	start_time;
 	static const int sniffer_encap[] = {
-		WTAP_ENCAP_TR,
+		WTAP_ENCAP_TOKEN_RING,
 		WTAP_ENCAP_ETHERNET,
 		WTAP_ENCAP_ARCNET,
 		WTAP_ENCAP_UNKNOWN,	/* StarLAN */
@@ -893,7 +893,7 @@ static void ngsniffer_close(wtap *wth)
 static const int wtap_encap[] = {
     -1,		/* WTAP_ENCAP_UNKNOWN -> unsupported */
     1,		/* WTAP_ENCAP_ETHERNET */
-    0,		/* WTAP_ENCAP_TR */
+    0,		/* WTAP_ENCAP_TOKEN_RING */
     -1,		/* WTAP_ENCAP_SLIP -> unsupported */
     7,		/* WTAP_ENCAP_PPP -> Internetwork analyzer (synchronous) FIXME ! */
     -1,		/* WTAP_ENCAP_FDDI -> unsupported */

wiretap/pppdump.c

@@ -1,6 +1,6 @@
 /* pppdump.c
  *
- * $Id: pppdump.c,v 1.2 2000/09/19 17:35:08 gram Exp $
+ * $Id: pppdump.c,v 1.3 2000/09/21 04:41:35 gram Exp $
  *
  * Copyright (c) 2000 by Gilbert Ramirez <gram@xiexie.org>
  * 
@@ -197,7 +197,7 @@ pppdump_open(wtap *wth, int *err)
 
 	state->offset = 5; 
 	file_seek(wth->fh, 5, SEEK_SET); 
-	wth->file_encap = WTAP_ENCAP_PPP; 
+	wth->file_encap = WTAP_ENCAP_PPP_WITH_PHDR; 
 	wth->file_type = WTAP_FILE_PPPDUMP; 
 
 	wth->snapshot_length = 8192; /* just guessing */ 
@@ -254,7 +254,9 @@ pppdump_read(wtap *wth, int *err, int *data_offset)
 	wth->phdr.caplen	= num_bytes;
 	wth->phdr.ts.tv_sec	= state->timestamp;
 	wth->phdr.ts.tv_usec	= state->tenths * 100000;
-	wth->phdr.pkt_encap	= WTAP_ENCAP_PPP;
+	wth->phdr.pkt_encap	= WTAP_ENCAP_PPP_WITH_PHDR;
+
+	wth->pseudo_header.p2p.sent = (direction == DIRECTION_SENT ? TRUE : FALSE);
 
 	return TRUE;
 }
@@ -541,6 +543,8 @@ pppdump_seek_read (wtap *wth,
 		return -1;
 	}
 
+	pseudo_header->p2p.sent = (pid->dir == DIRECTION_SENT ? TRUE : FALSE);
+
 	return 0;
 }
 

wiretap/snoop.c

@@ -1,6 +1,6 @@
 /* snoop.c
  *
- * $Id: snoop.c,v 1.31 2000/09/19 05:12:11 guy Exp $
+ * $Id: snoop.c,v 1.32 2000/09/21 04:41:36 gram Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
@@ -125,7 +125,7 @@ int snoop_open(wtap *wth, int *err)
 	static const int snoop_encap[] = {
 		WTAP_ENCAP_ETHERNET,	/* IEEE 802.3 */
 		WTAP_ENCAP_UNKNOWN,	/* IEEE 802.4 Token Bus */
-		WTAP_ENCAP_TR,
+		WTAP_ENCAP_TOKEN_RING,
 		WTAP_ENCAP_UNKNOWN,	/* IEEE 802.6 Metro Net */
 		WTAP_ENCAP_ETHERNET,
 		WTAP_ENCAP_UNKNOWN,	/* HDLC */
@@ -405,7 +405,7 @@ snoop_read_rec_data(FILE_T fh, u_char *pd, int length, int *err)
 static const int wtap_encap[] = {
 	-1,		/* WTAP_ENCAP_UNKNOWN -> unsupported */
 	0x04,		/* WTAP_ENCAP_ETHERNET -> DL_ETHER */
-	0x02,		/* WTAP_ENCAP_TR -> DL_TPR */
+	0x02,		/* WTAP_ENCAP_TOKEN_RING -> DL_TPR */
 	-1,		/* WTAP_ENCAP_SLIP -> unsupported */
 	-1,		/* WTAP_ENCAP_PPP -> unsupported */
 	0x08,		/* WTAP_ENCAP_FDDI -> DL_FDDI */

wiretap/toshiba.c

@@ -1,6 +1,6 @@
 /* toshiba.c
  *
- * $Id: toshiba.c,v 1.12 2000/09/07 05:34:20 gram Exp $
+ * $Id: toshiba.c,v 1.13 2000/09/21 04:41:37 gram Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
@@ -327,8 +327,8 @@ parse_toshiba_rec_hdr(wtap *wth, FILE_T fh,
 		case 'D':
 			if (wth)
 				wth->phdr.pkt_encap = WTAP_ENCAP_LAPD;
-			pseudo_header->lapd.from_network_to_user = 
+			pseudo_header->p2p.sent = 
-				(direction[0] == 'R' ? TRUE : FALSE );
+				(direction[0] == 'T' ? TRUE : FALSE );
 			break;
 			
 		default:

wiretap/wtap.h

@@ -1,6 +1,6 @@
 /* wtap.h
  *
- * $Id: wtap.h,v 1.80 2000/09/19 17:22:11 gram Exp $
+ * $Id: wtap.h,v 1.81 2000/09/21 04:41:37 gram Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
@@ -78,7 +78,7 @@
 #define WTAP_ENCAP_PER_PACKET			-1
 #define WTAP_ENCAP_UNKNOWN			0
 #define WTAP_ENCAP_ETHERNET			1
-#define WTAP_ENCAP_TR				2
+#define WTAP_ENCAP_TOKEN_RING			2
 #define WTAP_ENCAP_SLIP				3
 #define WTAP_ENCAP_PPP				4
 #define WTAP_ENCAP_FDDI				5
@@ -93,9 +93,10 @@
 #define WTAP_ENCAP_ASCEND			14
 #define WTAP_ENCAP_LAPD				15
 #define WTAP_ENCAP_V120				16
+#define WTAP_ENCAP_PPP_WITH_PHDR		17
 
 /* last WTAP_ENCAP_ value + 1 */
-#define WTAP_NUM_ENCAP_TYPES			17
+#define WTAP_NUM_ENCAP_TYPES			18
 
 /* File types that can be read by wiretap.
    We support writing some many of these file types, too, so we
@@ -185,11 +186,12 @@ struct ascend_phdr {
 	guint32	task;			/* Task number */
 };
 
-/* Packet "pseudo-header" information for LAPD capture files. */
+
-struct lapd_phdr {
+struct p2p_phdr {
-	gboolean	from_network_to_user;
+	gboolean	sent; /* TRUE=sent, FALSE=received */
 };
 
+
 /*
  * Bits in AppTrafType.
  *
@@ -246,7 +248,7 @@ union wtap_pseudo_header {
 	struct x25_phdr			x25;
 	struct ngsniffer_atm_phdr	ngsniffer_atm;
 	struct ascend_phdr		ascend;
-	struct lapd_phdr		lapd;
+	struct p2p_phdr			p2p;
 };
 
 struct wtap_pkthdr {