KPasswd is partially dissected for UDP.
It would be very useful if someone added dissection of the asn.1 encoded
AP_REQ and the KRB-PRIV blobs. I dont think I will add those.
svn path=/trunk/; revision=8905
- Dissector for FICON
- Dissector for FC-SP (Security Protocol for Fibre Channel)
- Patches to correct the reassembly of FC fragments.
- Support for new MDS Port Analyzer Adapters that carry the
frame length for truncated frames.
svn path=/trunk/; revision=8823
recurse into subdirectories doing "nmake -f Makefile.nmake distclean".
Have "nmake -f Makefile.nmake clean" not remove stuff that "make clean"
doesn't remove (such as Flex/Bison output and config.h files) - and have
"nmake -f Makefile.nmake distclean" remove stuff that "make distclean"
removes, including "tethereal-tap-register.c" and
"ethereal-tap-register.c".
svn path=/trunk/; revision=8672
set in the config.nmake file.
Configure whether we have pcap_findalldevs() based on whether
WINPCAP_VERSION is 2.3 (if so, we don't) or 3.0 or 3.1 (if so, we do).
WinPcap 3.0 has the new libpcap declarations of "pcap_lookupnet()" and
"pcap_open_live()" in which the first argument is a "const char *"
rather than a "char *"; declare the functions and pointers to them
appropriately based on the version of WinPcap.
If we don't have pcap_findalldevs(), don't declare a pointer to it, as
we don't have a declaration of pcap_if_t.
We also need to refer to "pcap_freealldevs()", so make a pointer for it.
"symbols[]" is a const array; make the pointer to elements in it a const
pointer.
Fix some typoes.
svn path=/trunk/; revision=8660
1) string tables for t35CountryCode, t35Extension and
h221ManufacturerCode were moved into the new file t35.c
because they are common for more dissectors
2) the dissect_h245_NonStandardParameter_with_extension_marker()
was moved from h245 to h225 and renamed to
dissect_h225_NonStandardParameter() because the
NonStandardData type is different for H.225.0 and H.245
3) type of the "h245.nsp.object" dissector table was changed from
FT_UINT32 to FT_STRING, so it can select a dissector based on
an OID rather than the Adler-32 hash of an OID
4) the "h225.nsp.object" and "h225.nsp.h221" dissector tables
were created
svn path=/trunk/; revision=8550
Service-over-Frame-Relay support, including preference for Frame Relay
to select FRF 3.2/Cisco HDLC encapsulation or encapsulation of GPRS NS
PDUs.
svn path=/trunk/; revision=8362
a list of disabled protocols, and to save that list from the Edit >
Protocols dialog box.
Add checks for read errors in "read_prefs()".
Clean up white space.
svn path=/trunk/; revision=8144
Still something wrong with NonStandardParameter, I cant find why ethereal is
wrong but it misses misses one bit in the decoding causing malformed frames.
I cant see what is wrong when looking at the packets. need furhter investigations.
Make h225 compile in as default
svn path=/trunk/; revision=8119
constrained integers with an extension marker.
Update all calls to the constrained integer dissector
Add dissection to the rfc_number type which is a constrasined integer with an extension marker
Add H245 so that it builds by default in ethereal.
It has been tested extensively by a semi-large number of people with a lot of real and synthetic captures and seems to work very well.
New protocol added to ethereal
svn path=/trunk/; revision=8032
and put them in their own file.
I had to put them im packet-per.c instead of asn1-per.c since othervise
i couldnt get it to invoke the register routine from register.c
the per dissector is compiled into ethereal by default, but there are no callers in ethereal until the h245 dissector is added.
someone that knows the registry stuff better might consider renaming it to asn1-per.c instead of packet-per.c
svn path=/trunk/; revision=8017
variables the user configures - the user isn't expected to change
GLIB_LIBS or GTK_LIBS, and there's a comment nothing that users
shouldn't have to do so), which contain the appropriate libraries for
building stuff that requires only GLib, and stuff that required GTK+ and
GLib, respectively, and use those macros in the Makefile.nmake files.
svn path=/trunk/; revision=7885
variables the user configures - the user isn't expected to change
GLIB_CFLAGS or GTK_CFLAGS, and there's a comment nothing that users
shouldn't have to do so), which contain the appropriate "/I" flags for
building stuff that requires only GLib, and stuff that required GTK+ and
GLib, respectively, and use those macros in the Makefile.nmake files.
svn path=/trunk/; revision=7884
GNU ADNS or not - set it based on whether ADNS_DIR is defined by
"config.nmake", and make "config.h.win32" files that specify whether we
have GNU ADNS dependent on "config.nmake".
Note in "config.nmake" that:
if you have GNU ADNS, ADNS_DIR should be defined as the
directory in which the ADNS .lib file resides;
if you don't have GNU ADNS, ADNS_DIR shouldn't be defined.
svn path=/trunk/; revision=7860
"EtherNet/IP" name in his original version ("IP" there is "Industrial
Protocol", not "Internet Protocol"), and to the original file name, and
getting rid of some unused variables.
svn path=/trunk/; revision=7851
you build Ethereal without ADNS. (It'd be nice if ADNS_DIR not being
defined caused the config.h file to have the appropriate #ifdefs turned
off; we can probably do that with another @xxx@ variable in
config.h.win32, and !IFDEFs in the rules to make the config.h files,
although we should then make config.h also depend on config.nmake.)
svn path=/trunk/; revision=7827
to just be an extension to AODV - and the dissectors use the same port,
which doesn't work unless there's only one dissector).
svn path=/trunk/; revision=7616
Add Response-Time statistics for each known mgcp message-type.
Fix a few bugs and remove trailing whitespace.
Use "gdouble" for printing time-values and calculating the
average. It is easier to use and shouldn't overflow on big
trace files like "guint32".
Move some functions for time statistics into the new file
timestats.c in the main directory. This code may be useful in
the rpc and smb rtt-taps as well.
svn path=/trunk/; revision=7469
Socket 0x9001 is for NLSP - it supports LANs as well as WANs, at least
as I read the specification.
Socket 0x9004 is for "IPX WAN 2".
svn path=/trunk/; revision=7387
This feature, when enabled through Edit/preferences/protocols/smb,
will look at certain SMB and CIFS related protocols to discover the
mapping between SIDs and their Names.
For those SIDs whose name has been snooped/discovered ethereal will
also add "(<name>)" to the end of the SID when printed in the tree pane
through the function dissect_nt_sid().
Currently the feature is not too exciting since the only thing that packet-smb-sidsnooping.c will look at to build this mapping table is
replies to the LSA/QueryInfoPolicy infolevel 3 packets and thus
discover mappings between a Domain SID and a Domain Name.
In the near future this future will be enhanced to also look at more interesting calls such as LSA/LookupSIDs2 and similar.
svn path=/trunk/; revision=7362
- A new decoder called MDSHDR which decodes the internal header of the
Cisco MDS switch (this is different from the Boardwalk header).
- Support for some more new columns as part of FC support.
- Fixed the decoding of the Special Frame in FCIP.
- Fixed the decoding of credit management type field in FLOGI/PLOGI frame
in FC-ELS.
svn path=/trunk/; revision=6974
IO-Users is a feature for tethereal that will print statistics on io usage
similar to top talkers in other tools.
It needs to be ported to ethereal with a nice graph sometime later.
try:
-z io,users,ip
see man-page
svn path=/trunk/; revision=6972
SMB RTT statistics are similar to the RTT statistics already supported by ONC-RPC and DCE-RPC.
It will present a table with all seen SMB commands and present the Min/Max and Avg response time in ms.
Transaction2 and NT-Transaction commands are broken out and presented in its own subtables.
tethereal feature is activated with -z smb,rtt switch
and in ethereal it is activated either through -0z smb,rtt switch or through the Menu.
svn path=/trunk/; revision=6966
- Decoders for the few remaining FC protocols not included in my first
patch. Included in this list are decoders for FC-CT (common transport),
Name Server (dNS), Fabric Configuration Server (FCS) and Zone Server
(FZS).
- Decoder for MDS Debug Port Adapter. MDS Debug Port Adapter (internal
name was Boardwalk and this is the file name) is a piece of hardware
that can be purchased with Cisco's MDS Fibre Channel switches that
converts FC frames into Ethernet frames. One end is connected to a
port on a FC switch and the other end is connected to a FE/GE Ethernet
port. The decoder included here decodes the encapsulation header that
carries information such as SOF/EOF of FC frames.
svn path=/trunk/; revision=6919
The Q bit in X.25 doesn't mean "this is QLLC traffic", it's just a "this
packet is special" indication. Have the X.25 dissector pass as the
"private_data" pointer a pointer to a gboolean indicating whether the Q
bit was set or not. Replace the "decode non-Q-bit traffic as SNA"
option with a "decode traffic as QLLC/SNA if we didn't see the Call
Request packet and thus don't know what it is" option, which hands
traffic to the QLLC dissector for that traffic. Have the QLLC dissector
hand traffic to the SNA dissector if the Q bit isn't set.
Arrange that we determine whether the Q bit is set regardless of whether
we're building the protocol tree or not.
If we don't just dissect traffic as QLLC/SNA if we didn't see the Call
Request packet, check not only for 0x45 (as an indication that it's
probably IP), check also for NLPID_ISO8473_CLNP and treat that as an
indication that it's probably OSI CLNP.
svn path=/trunk/; revision=6854
make ANSI point codes filterable in MTP3;
fix a bug in the ANSI SLS dissection;
have MTP3 store the SI for use by subdissectors;
add a new MTP3-Management dissector.
Fix Makefile.nmake to include the Wellfleet HDLC dissector.
svn path=/trunk/; revision=6837
using NTLMSSP version 1.
Show stub data as such for all requests and replies where we can't
dissect the stub data as a request or reply for some DCERPC-based
protocol.
svn path=/trunk/; revision=6825