is disabled by default, and can be enabled by setting AIRPCAP_CONFIG
in config.nmake. The code is currently limited to Windows, but should
be adaptable to other platforms.
The official announcement won't come until next week, so you'll have to
read the source for details. :)
svn path=/trunk/; revision=18928
when files are opened using NTCreateAndX and if we recognize the type set the type field to either FILE, DIR or PIPE
This is useful to know when dissecting things like security descriptors since it tells us how to dissect the specific bits of the access mask.
Only do this for NTCreateAndX for now. It is trivial to add similar tracking to some of the older obsolete calls used to open fids but no clients ever use those old calls any more.
svn path=/trunk/; revision=18922
I made a small change in packet-bacapp.c to fix the following:
1. Corrected Signed value decoding for a one octet value.
2. Corrected Priority values to decode as Unsigned values.
svn path=/trunk/; revision=18918
A very tiny patch that corrects decoding of the Next Payload field in
the IKEv2 header. RFC 4306, Sec 3.2 says that a payload type of 0
means "No Next Payload" and not RESERVED. The patch just uses the
same string the dissector uses for IKEv1, namely, "NONE".
svn path=/trunk/; revision=18914
The enclosed patch updates the set of mime types for line oriented text
data per RFC 2046.
Me:
Remove application/postscript, as it may be binary.
svn path=/trunk/; revision=18913
I have developed a plugin for Pro-MPEG FEC packets over RTP (see
previous posts on ethereal-dev). I have added a page and example capture
file to the Wiki (http://wiki.wireshark.org/2dParityFEC). The source and
Windows makefile for the plugin are attached. Unfortunately I do not
have access to other systems so this plugin has been tested on Windows
only.
The attached version of my plug-in has only had the copyright header
added.
I will translate this into a proper dissector rather than a plug-in as
requested, but this may take a little time as I have a lot of other
things
to do at the moment.
Me:
Convert into a normal dissector
Reorder / reformat code a bit
Added Marks name to the top of the file.
svn path=/trunk/; revision=18908
- add a generic guid register to dissect UUID's (move this to a seperate file?)
- this enables us to set some known names for special UUID's
- use standard DCOM fields for IID and alike in remunk.c
- cleanup dcom_protseq_vals handling
- some FT_STRING to FT_GUID changes
svn path=/trunk/; revision=18904
protocol has a lot of preference items. Change the number of
configurable ESP SAs to 16 (in case someone needs do decrypt many
sessions in a single trace file). Fix up whitespace.
svn path=/trunk/; revision=18903
Attached is a patch to packet-http.c that calls a subdissector for
traffic flowing through a proxy via the HTTP CONNECT method. Most
protocols, especially SSL, can be tunneled through an HTTP proxy.
Wireshark currently says this traffic is "Continuation or non-HTTP
traffic" but this patch turns the payload over to the dissector for the
protocol being tunneled. This is similar to how the Socks dissector
works.
svn path=/trunk/; revision=18901
Please find attached a patch with updates to l2tpv3's l2_sublayer_vals
and pw_types_vals numbers (and pw type decoding).
The previous values belong to a different number space, "MPLS Pseudowire
Types Registry" in http://www.iana.org/assignments/pwe3-parameters, used
by LDP. The new values belong to the correct number space, "L2TPv3
Pseudowire Types" in http://www.iana.org/assignments/l2tp-parameters,
used by L2TPv3. Note that one is a 15-bit number while the other is a
16-bit number. So it's not really removing half of the values; even
though there are some numerical "matches" in the two registries, there
are differences (see for example 12 and 13, and some name changes). From
my knowledge the values not registered are also not used (and part of
the intention of the patch is that they are not misused); a fair
assumption is that it was a clerical error mis-assuming the two
protocols, LDP and L2TPv3, used the same space for "PW Types".
svn path=/trunk/; revision=18900
============================ Samba log start ============
svn: When specifying working copy paths, only one target may be given
============================ Samba log end ==============
svn path=/trunk/; revision=18898
change all accessor functions to be defines to the emem_tree_ functions.
now to create a tree with a different scope we only need to create a new
..._tree_create() function and set up the appropriate defines
(it was a mistake to call the functions se_tree_create and se_tree_create_non_persistent, they should be the other way around i.e. se_tree_create_persistent and se_tree_create )
svn path=/trunk/; revision=18895
teh tree management and to use trees with different storage scope without too much code duplication.
it would be useful with a tree that had indefinite storage instead of the emem functions which commonly have ep or se storage scope.
indefinite storage scope would be useful for example for managing a global and static set of well known guid to name mappings(not yet implemented) and also for
oid to name mappings.
svn path=/trunk/; revision=18886
Simply ignore the incoming values of -32000 by not calling gtk_window_move() / gtk_widget_set_uposition() in that case.
I don't know what the Unix GLib version will do in that case.
svn path=/trunk/; revision=18884
The real cause of this: There's a bug in GLib's snprintf implementation which crashes with the I64x format string and certain (negative?) values.
svn path=/trunk/; revision=18883
add a lot more PROFINET CBA dissection output based on these DCOM context information
still need some improvements, e.g. dissection uses a simple (slow) linear list search
changes are fuzz-tested
svn path=/trunk/; revision=18882
modernize the section on BPF (modern BSDs have BPF built in and clone
BPF devices, so no configuration should be necessary; we can add back
the old instructions if people using older BSDs run into problems), and
add information on making BPF devices available to non-root users.
svn path=/trunk/; revision=18880