Attached is a patch to export packets data as "C Arrays". I often have
the need to [re]send data captured with wireshark using a raw/pf_packet socket.
Output format is one char[] per packet, it looks like almost the same as
the one produced by "Follow TCP stream".
svn path=/trunk/; revision=24604
- Change apply / prepare / ... as filter to use the field's value, which
is now stored in fdata as well as cinfo. Now we don't have to reprocess
the entire packet list when using these features. This also prevents
the use of these features from overwriting custom column information.
(custom columns can now be used in apply / prepare ... as filter)
- Break col_expr and col_expr_val out into a struct that is included not only
in cinfo, but now also fdata.
- Have col_custom_set_fstr() quote FT_STRING & FT_STRINGZ when storing the
col_expr_val value (for filter creation).
svn path=/trunk/; revision=24511
type: Custom) that were backed out in SVN revision 24309.
Changes since that revision include a reworking of the handling of the
cfile/cinfo variables in epan/column-utils.c, addition of three new
functions to libwireshark.def and a bug fix to prevent a crash when no
custom columns were not in use.
Compilation verified locally on MacOS X, Linux and Windows.
svn path=/trunk/; revision=24317
filter name in the description field and it will display that field in the
packet list if it occurs in that packet. Note that the more common fields
are implemented, but a number of them remain to be implemented in
epan/proto.c. I will work on these other fields as I have time.
svn path=/trunk/; revision=24308
correctly reflect the auto scroll state. Re-enable the ability to use
the auto scroll toolbar button and menu item during a live capture.
svn path=/trunk/; revision=23777
"Automatic scrolling in live capture" are both enabled, make the scroll
bar behavior more natural. If the packet list is scrolled to the
bottom, scroll automatically. If the user scrolls back, keep the packet
list scrolled at that point instead of jumping back to the end.
svn path=/trunk/; revision=22277
These changes allow the packet list clist to be destroyed and recreated
with the new column titles/values/order that the user changed in the
preferences without restarting Wireshark.
svn path=/trunk/; revision=22038
routines and routines using those routines. GLib might use different
modifiers for 64-bit quantities than the platform's C library does.
svn path=/trunk/; revision=21990
Fix for bug #491: Unexpected frame.time_delta behavior
This patch ... fixes bug 491. It does this by changing the
behaviour of the frame.time_delta field so it reflects the delta
time between captured packets (tshark already did this). To keep
the delta time between displayed packets, the field
frame.time_delta_displayed is created.
svn path=/trunk/; revision=21154
directory and most of the plugins to match the same command
put in the Makefile.nmake files for Windows compliations. Fix
a few warnings when compiling under gcc 3.4.4 on FreeBSD. Create
new automake file variable called USING_GCC in configure.in and
wiretap/configure.in to acomplish the above -Werror addition.
svn path=/trunk/; revision=21127
and there are no formats in which the file can be saved by some means
other than copying the raw data; "Save As" isn't a very useful function
in that case, and that prevents us from having an empty list of formats
in which the file can be saved.
svn path=/trunk/; revision=21032
32-bit numbers. Separate signed and unsigned accessors have been
added and used where appropriate.
Definitely not for 0.99.5.
svn path=/trunk/; revision=20472
A BER-encoded file can be dissected as one of a number of registered syntaxes (registered using register_ber_syntax_dissector()).
Syntaxes may also be associated with OIDs (or other strings) using register_ber_oid_syntax().
A default syntax with which to dissect a BER-encoded file is determined from its filename (extension). For example, ".cer" and ".crt" files will be dissected as "Certificate".
svn path=/trunk/; revision=20414
allocate and release the dfcode program as needed instead of having it hang around in the capture file structure.
this will ensure that dfcode will not have longer than se scope lifetime in case we need that property of it later
svn path=/trunk/; revision=20251
As this was a huge internal change, new bugs are very probable - please report.
The implementation isn't still perfect, a new dialog internal list could possibly be removed again.
However, I want to check in at this condition, just in case I make things worse - again.
svn path=/trunk/; revision=19413
file.c
time reference menu callback doesn't set cf->filter, it dumps a core if
you have a file big enough in find next/ find prev.
addr_resolv.c
leak memory, break list chain when snooping address.
svn path=/trunk/; revision=17419
no longer needs util.c, so it no longer includes routines that use
host_ip_af(), so it no longer needs to define its own host_ip_af().
That also means dumpcap.c no longer needs to include <sys/socket.h>.
svn path=/trunk/; revision=17278
button"; "Stop" should be used for operations that can only be stopped
(meaning that what it's already done isn't undone), not cancelled
(meaning that whatever it's already done *is* undone), for which
"Cancel" is used.
Allow the merging process to be cancelled.
Clean up indentation.
Update some comments.
svn path=/trunk/; revision=16489
Anyone having objections to idea of stopping the load of a capture file
i.s.o. cancelling it? I'm refering to WishList Data I/O item #6.
It seems a very reasonable idea and easy to implement.
I've done some extensions:
-Improve the corresponding comment on the implications why this is useful
-added a new simple_dialog text to explain what's really going on (simply using the WTAP truncated packet message was a bit misleading)
svn path=/trunk/; revision=16441
to do this, I've added file_util.h to wiretap (would file_compat.h be a better name?), and provide compat_macros like eth_open() instead of open(). While at it, move other file related things there, like #include <io.h>, definition of O_BINARY and alike, so it's all in one place.
deleted related things from config.h.win32
As of these massive changes, I'm almost certain that this will break the Unix build. I'll keep an eye on the buildbot so hopefully everything is working again soon.
svn path=/trunk/; revision=16403
Stig Bjørlykke