belongs, as that's redundant.
Fix a bunch of cases where that was done, and map the old name to the
new name.
Instead of marking "mtp3.mtp3_standard" as obsolete, map it to
"mtp3.standard".
svn path=/trunk/; revision=7030
qualifiers as necessary to ensure that we don't have to.
"strcmp()", "strcasecmp()", and "memcmp()" don't return booleans; don't
test their results as if they did.
Use "guint8", not "guchar", for a pointer to (one or more) 8-bit bytes.
Update Michael Tuexen's e-mail address.
svn path=/trunk/; revision=6726
ZeroWindow: ZeroWindow segments are detected and flagged
ZeroWindowProbe: detected and flagged
ZeroWindowViolation: attempts to write >1 byte of data to a zerowindow is detected and flagged.
svn path=/trunk/; revision=6543
its starting sequence number, as the "fragment ID" when reassembling,
and include the source and destination port numbers in a
"tcp_segment_key" structure and use that as part of the key in the hash
table for segments, so that we don't get spoofed by segments in two
directions in the same conversation, or by segments in two separate
conversations between the same hosts, having the same starting sequence
number (which is not unlikely to happen if relative sequence numbers are
being used).
svn path=/trunk/; revision=6443
If the addresses are equal, compare the ports with '>' instead of '-'
since '>' will work regardless of whether the values are unsigned or not.
svn path=/trunk/; revision=6268
guaranteed to return 0, a positive number, or a negative number, based
on the result of the comparison. Furthermore, if it returns 0, meaning
the source and destination addresses are the same, we have to look at
the port numbers to decide which side of the conversation the frame is
from.
svn path=/trunk/; revision=6064
tcp sequence number analysis flags, such as retransmission , lost-segment, etc
to make it easier to search for all these conditions.
svn path=/trunk/; revision=6056
into it, as soon as we've extracted the source and destination ports
from the packet, so that if we throw an exception fetching something
else from the packet, we still have the protocol tree and ports.
svn path=/trunk/; revision=5943
equivalents for the toplevel directory. The removal of winsock2.h will
hopefully not cause any problems under MSVC++, as those files using
struct timeval still include wtap.h, which still includes winsock2.h.
svn path=/trunk/; revision=5932
1, Analyze TCP sequence numbers.
This option will keep track of sequence numbers for all tcp sessions
and flag the following:
a, If a new segment is seen which is beyong the right edge this is
an indication that the previous segment was lost and this will be
flagged as previous segment lost.
b, If a segment is seen which lies left of the right edge this is flagged
as retransmission.
c, if a keep-alive is seen (empty segment, seq==expected seq-1)
this is flagged as a retransmission.
d, if an ACK is seen which is beyond the right edge this is an indication
that a segment has been lost and it will be flagged as segment lost.
All ACKs which advance the left edge get the RTT displayed between the ACKed
segment and the ACK itself. The ACK also gets an indication of WHICH segment
it is an ACK for.
2, Relative sequence numbers. This option needs the first option to be selected
as well. This option will as best as it can try to get ethereal to use
relative sequence numbers instead of absolute ones.
The patch does not handle sequence number wrapping and unexpected results
can probably happen for such.
svn path=/trunk/; revision=5931
dftest.c:
Remove #if-0-ed includes
packet-ieee80211.c, packet-wtls.c, packet-afp.c, packet-wsp.c,
packet-wtp.c, ethereal_gen.py:
Remove redundant include varargs (already in snprintf.h,
and required only for snprintf.h)
Remove unused include of snprintf.h from files not using
"snprintf()".
svn path=/trunk/; revision=5889
fetched the source and destination port numbers, so that they're
available to the "Follow TCP Stream" code even if we throw an exception
dissecting the rest of the TCP header.
svn path=/trunk/; revision=5811
in TCP, UDP, and SCTP, try the lower port number first, and then the
higher port number; this means that, for packets where a dissector is
registered for *both* port numbers:
1) we pick the same dissector for traffic going in both directions;
2) we prefer the port number that's more likely to be the right
one (as that prefers well-known ports to reserved ports);
although there is, of course, no guarantee that any such strategy will
always pick the right port number.
Ignore port numbers of 0, as some dissectors use a port number of 0 to
disable the port, and as RFC 768 says that the source port in UDP
datagrams is optional and is 0 if not used.
svn path=/trunk/; revision=5656
in the "packet_info" structure instead, as we don't need a pointer for
every single frame in the capture file, just for each frame for which we
currently have an open "epan_dissect_t".
svn path=/trunk/; revision=5614
a negative value.
Use "tvb_ensure_length_remaining()" in "tcp_dissect_pdus()", rather than
checking the return value of "tvb_length_remaining()" ourselves, and
make various variables and parameters in it "guint" as appropriate.
svn path=/trunk/; revision=5396
extracting PDUs from it and possibly doing reassembly. Make the COPS,
DNS, DSI, Gryphon, and SCCP dissectors use it.
Add "set_actual_length()", "tcp_dissect_pdus()",
"decode_boolean_bitfield()", "decode_numeric_bitfield()", and
"decode_enumerated_bitfield()" to the list of routines available to
dissectors on platforms where routines in the main program aren't
available to dynamically-loaded code.
Declare routines in "to_str.h" as "extern"; as I remember, that's
necessary to allow the "decode_XXX_bitfield()" routines declared therein
to be made available to plugins as per the above.
Note that new exported routines should be added to the end of the table
if that's the only change being made to the table.
Create a new "plugin_api_decls.h" header file, used to declare both the
"p_" variables and the "p_" structure members in the routine-exporting
mechanism; this reduces the number of places you have to change to
change the list of exported routines.
svn path=/trunk/; revision=5394
that it gets done even if the subdissector throws an exception (and so
that, if the subdissector modifies the addresses or ports, we still hand
the right values to "reassemble_tcp()").
svn path=/trunk/; revision=5140
top-level item correspond to the reassembled data, and make the item for
each fragment/segment correspond to the part of that reassembled data
that came from that fragment/segment.
svn path=/trunk/; revision=5025
hash table before freeing the memory chunks for those elements.
Destroy that hash table when we're done, and set the pointer to it to
null so that we'll reallocate it.
svn path=/trunk/; revision=4794
Richard Sharpe