any case, the detailed error string is supposed to be g_malloced....)
Fix some "snoop" to be "btsnoop", and note that this is Symbian btsnoop,
not regular snoop.
svn path=/trunk/; revision=25580
are expected to return a g_mallocated error string; that's why they fill
in a gchar **, not a const gchar **. g_strdup() the argument to
KERROR(), so it's g_mallocated.
svn path=/trunk/; revision=25398
the types of read and seek_read routines in Wiretap are supposed to be,
and get rid of the casts of pointers to those functions (type problems
should be fixed, not papered over with casts, whenver possible).
svn path=/trunk/; revision=25393
argument, as
1) it doesn't modify the string that argument points to
and
2) it's a buffer of "char".
Use g_ascii_xdigit_value() and put the values of the two bytes together
ourselves; strtoul() is a bit of overkill for two-hex-digit pairs.
While we're at it, check for invalid hex digits, and for bytes where
only one hex digit is present.
svn path=/trunk/; revision=25392
since rev 17756, meant that attempts to read iSeries files would fail in the
"Make sure it [pkt_encap] is not WTAP_ENCAP_PER_PACKET" assertion in
wtap_read().
Also set file_encap to WTAP_ENCAP_ETHERNET (instead of WTAP_ENCAP_PER_PACKET)
since it seems that all the packets in iSeries files are Ethernet (or at least
this module currently only supports Ethernet).
svn path=/trunk/; revision=25388
I was counting the length without the terminating NULL, and didn't want one to be written to the string and copied into the file.
svn path=/trunk/; revision=25383
libwireshark (and the plugins using those functions) do not depend on
wiretap on Windows.
While doing that, rename the eth_* functions to ws_*.
svn path=/trunk/; revision=25354
To prevent Windows compiler errors when using flex 2.5.35.
Fixes "missing unistd.h" and yywrap "mismatched parameter" warnings
[Upcoming Part 3: ignore 'signed /unsigned mismatch' errors]
svn path=/trunk/; revision=25173
This extends the EyeSDN wiretap module to be able to support:
- DSS1/Q.931
- PPP
- LAPB/X.25
- ATM raw cells
- SS7 MTP2
svn path=/trunk/; revision=25123
- Change ugly GLIB version checking statements to GLIB_CHECK_VERSION
- Remove ws_strsplit files because we no longer need to borrow GLIB2's
g_strsplit code for the no longer supported GLIB1 builds
svn path=/trunk/; revision=24829
This plugin implements a dissector for Infiniband. It is released
under the GPL v2.
Rather than using say libpcap to capture raw (unframed) IP packets
from near the top of an IPoIB stack, this plugin dissects link level
Infiniband frames.
Infiniband trace files can be read from Endace ERF format trace
files, or from libpcap DLT_ERF files containing ERF TYPE_INFINIBAND
records. There is currently no native DLT_INFINIBAND in libpcap.
Each record contains a hardware timestamp, capture metadata such as
port Id, and a complete link level Infiniband frame starting from
the Local Route Header.
svn path=/trunk/; revision=24628
This patch adds some new ENCAP and FILE types for wiretap. It also adds new
entries to pcap_to_wtap_map[] to provide a mapping of the new types to some
pcap DLTs.
svn path=/trunk/; revision=24622
point, so we don't have issues with numbers not being exactly
representable; that makes it less likely that the change described below
will change a time stamp if it's not fixing the time stamp (i.e., if
time_day is 0).
The Sniffer manual "Expert Sniffer(R) Network Analyzer Operations,
Release 5.50" says that a frame2_rec has a time stamp with an 8-bit
time_high field and an 8-bit time_day field. Interpreting the time
stamp that way fixes the time stamps in at least some captures; see, for
example, bug 2251.
Fix/update some comments (for example, the Sniffer documentation is no
longer at that URL).
svn path=/trunk/; revision=24296
Added support for Symbian OS btsnoop.
The bluetooth HCI layer in Symbian OS can be configured to log all packets to a
file. The log format, "btsnoop" is based on the RFC1761 "snoop" format - but
differences in the header make it incompatible.
The btsnoop format supports logging of these formats:
"H1" (raw HCI packets without framing)
"H4" (HCI UART packets including packet type header)
"H5" (HCI 3 wire UART packets including framing)
"BCSP" (HCI bluecore serial protocol including framing)
"H1" and "H4" are section numbers in the original v1 bluetooth specifications,
but still used colloquially - wireshark's existing support for Linux bluez HCI
logs uses the "H4" name.
In practice, the "H1" format is used for H5,BCSP and USB HCI logs, as the HCI
packet logs are mainly useful for debugging higher layers, bluetooth profiles
and bluetooth applications.
From me:
Deleted some unused prototypes.
Mark an unused parameter.
svn path=/trunk/; revision=24263
otherwise use as the per-packet encapsulation.
The close routine does nothing; get rid of it - you don't *need* a close
routine (by default, the subtype_close pointer is null, which means that
nothing per-file-type is done when the file is closed).
Make the code to handle the length fields in the ERF header common,
rather than copying it to each group of record types.
svn path=/trunk/; revision=24053
fix http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1727 (pppd format file
incorrectly detected as being an ERF file) by:
The file_seek() call has been replaced by a call to file_read(), so, when the
end of the file is reached and the current record is truncated, we have got an
error.
This solves the problem of bad file format detection.
Additionaly, the ERF heuristic has been improved.
svn path=/trunk/; revision=24051
1/ patches to support the libpcap/SITA format 'WTAP_ENCAP_SITA'.
2/ patches to the LAPB dissector to accept MLP (Multi-link protocol)
(although MLP dissection has _not_ been added (yet)).
3/ New protocol dissectors for:
a) SITA's WAN layer 0 status header,
b) An airline protocol ALC,
c) An airline (and other industry) protocol UTS.
These patches are submitted as a set since the new protocol dissectors are not
useful without the libpcap/SITA related changes, and there is no point in
having those changes without the additional dissectors.
This fixes bug/enhancement 2016.
svn path=/trunk/; revision=23885
Error message when capturing too short WTAP_ENCAP_USB_LINUX type packets
contains a copy-paste typo.
From me:
Fix some addresses in AUTHORS.
svn path=/trunk/; revision=23882
no-longer-needed wiretap/wtap-capture.h.
Clean up wiretap/libwiretap.vcproj (note: this isn't going to scale, if
it has to contain a list of all the files, as most committers will be
editing only Makefile.common files).
svn path=/trunk/; revision=23803
Copy the MSVC++-version-checking stuff from it into the top-level
config.h.win32, and try to set up config.nmake so that MSC_VER_REQUIRED
is defined in all Makefiles that include config.nmake.
svn path=/trunk/; revision=23802
the top-level directory.
Don't build config.h in the wiretap directory - it now uses config.h
from the top-level directory. Get rid of the template config.h.win32 in
that directory.
Get rid of files that are no longer in the wiretap directory or are no
longer constructed in that directory.
svn path=/trunk/; revision=23797
in Wireshark when reading CommView files. Also write out these values when
coming from a file format with encapsulation type 802.11 with radio.
svn path=/trunk/; revision=23617
used by the mpeg-audio dissector: instead keep the data inside the wiretap
module and add accessor functions. I think this should fix
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1677 and anyway it's
cleaner.
svn path=/trunk/; revision=23612
Jeff Morriss