bunch of source files.
Replace the "payload" field of a "packet_info" structure with "len" and
"captured_len" fields, which contain the total packet length and total
captured packet length (including all headers) at the current protocol
layer (i.e., if a given layer has a length field, and that length field
says its shorter than the length we got from the capture, reduce the
"pi.len" and "pi.captured_len" values appropriately). Those fields can
be used in the future if we add checks to make sure a field we're
extracting from a packet doesn't go past the end of the packet, or past
the captured part of the packet.
Get rid of the additional payload argument to some dissection functions;
use "pi.captured_len - offset" instead.
Have the END_OF_FRAME macro use "pi.captured_len" rather than
"fd->cap_len", so that "dissect the rest of the frame" becomes "dissect
the rest of the packet", and doesn't dissect end-of-frame padding such
as padding added to make an Ethernet frame 60 or more octets long. (We
might want to rename it END_OF_PACKET; if we ever want to label the
end-of-frame padding for the benefit of people curious what that extra
gunk is, we could have a separate END_OF_FRAME macro that uses
"fd->cap_len".)
svn path=/trunk/; revision=506
new proto_tree routines. I also removed the check for lex and yacc from
wiretap's configure script. The IP dissector now uses
proto_register_field_array().
svn path=/trunk/; revision=348
mechanism that is built into ethereal. Wiretap is now used to read all
file formats. Libpcap is used only for capturing.
svn path=/trunk/; revision=342
source and destination port numbers, check both port numbers against the
specified port, rather than checking the lower of the two port numbers
against the specified port, just in case you happen to either have
1) the port number for that type being high enough that you can
get client sockets using it
or
2) client sockets using it for some other reason.
svn path=/trunk/; revision=333
if you have the UCD or CMU SNMP library available. If you have the SNMP
library but do not with to have SNMP support, use the
./configure --disable-snmp
option. Otherwise 'configure' finds the SNMP library and uses it.
svn path=/trunk/; revision=281
reference the protocol tree with struct proto_tree and struct proto_item
objects. That way, the packet decoding source code file can be used with
non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged
some of the information in packet.h to more appropriate places (like other
packet-*.[ch] files).
svn path=/trunk/; revision=223
that these are two very different implementations of NetBIOS name services and
at the protocol level are not similar. I have put the UDP protocol in
packet-nbns.c, since it will be a very big module. I have all of rfc 1002 to
read and implement. I am planning on putting many different NetBIOS over IPX
functions in packet-nbipx.c, however, since there is no RFC or published
standard. I have to hack the protocol, and as such, I do not expect it to be
as full-featured as the IP-world equivalents.
svn path=/trunk/; revision=50
generalizes the column printing code, adds a "frame" tree item to
the tree view, and fixes a bunch of miscellaneous coding bugs.
svn path=/trunk/; revision=31