cf_cb_file_closing (called before closing a capture file) cf_cb_file_closed will be called afterwards, but both only if a file is really closed as cf_close is called more often ...
If we are closing large capture files (~20MB), the screen looks ugly while the file is closed. Change this so the screen will immediately go back to initial state and a dialog (without buttons) is shown that the file is currently closed. As the operation which takes most of the time to close the file is a single eth_clist_clear call, we can't use a progress bar here.
cf_cb_live_capture_stopping: called when the user wants to stop the capture (toolbar or menu clicked). At least on Win32, the time between this and the actual stop completed can be noticeable (1-2 seconds), so the user doesn't know if the button press did anything at all. Do something similar as above, show a dialog box without buttons to inform that the close is in progress.
svn path=/trunk/; revision=15891
directory to the epan directory. Some of them should perhaps ultimately
be moved to epan/dissectors, if they pertain only to stuff exported by a
particular dissector.
Fix Gerald's e-mail address in files we're moving.
svn path=/trunk/; revision=15844
It looks like we can't put "COPYCMD=/Y" in config.nmake and expect nmake
to do the right thing. Add a comment, and set COPYCMD explicitly in the
root Makefile.nmake. The rest of the occurrences of xcopy will have to
be taken care of at some point.
svn path=/trunk/; revision=15840
currently limited to Ethereal and all the variants of libpcap filetypes only.
We might want to add output compression support to the other tools as well (tethereal, mergecap, ...).
We might also want to add support for the other filetypes, but this is only possible if the filetype functions doesn't use special output operations like fseek.
One bug is still left: if the input and output filetypes while saving are the same, Ethereal currently optimizes this by simply copy the binary file instead of using wiretap (so it will be faster but it will ignore the compress setting).
Don't know a good workaround for this, as I don't know a way to find out if the input file is currently compressed or not. One idea might be to use a heuristic on the filesize (compared to the packet size summmary). Another workaround I see is to remove this optimization, which is of course not the way I like to do it ...
svn path=/trunk/; revision=15804
generate columns; use cf_retap_packets instead of cf_redissect_packets()
when running taps (the general flow graph stat uses the Info column).
svn path=/trunk/; revision=15793
*significantly* improve performance (100000 infos from ~5min to 25sec!)
Add a simple severity based filter mechanism.
replace // style comments by /**/
svn path=/trunk/; revision=15791
This is inconvenient, as most of the time (at least) I'm interested not only in the packets behind the newly selected one, but also to have some history *before* it.
So this change will scroll the packet list to have the selected packet after the first third of the packet list.
This change won't take effect if the new packet is already visible (only the selection is changed) or it's near the beginning or end of the packet list (so the whole beginning/end of the list is shown).
svn path=/trunk/; revision=15772
"unknown" for frame numbers. Note that in epan/frame_data.h, and make
the frame number in experts unsigned, and use 0 for "unknown", and
display it as an unsigned number - and, if it's 0, don't display it at
all.
Fix the signature of "expert_dlg_draw()" to match what a tap's draw
routine's signature is expected to be.
svn path=/trunk/; revision=15760
Please see: http://wiki.ethereal.com/Development/ExpertInfo for a complete overview of the intended feature and it's current state of implementation.
While I'm working on this, I've also added some more status result codes to the DCE/RPC and DCOM dissectors.
svn path=/trunk/; revision=15754
this dialog is live capturing from all "known" interfaces while it's open, so huge system load is generated, which is not preferred while doing a real capture.
svn path=/trunk/; revision=15719
at the same time, make proto_construct_dfilter_string() return an emem allocated string.
This fixes a tiny memleak in print.c that never freed the string returned by this function.
svn path=/trunk/; revision=15651
Patch which will enable saving payload in raw (binary) format in addition to the existing au format.
We have found it very useful to be able to extract the RTP data for use with other tools (especially when dealing with proprietary/uncommon coders).
Changes:
rtp_packet_save_payload: no longer transforms packet to linear coding, payload is saved in raw format
copy_file: will perform the needed transcoding and save to needed format (au or raw)
svn path=/trunk/; revision=15648
- automatic adjustment depending on file format
- manual adjustment through menu items
save the setting in the recent file
svn path=/trunk/; revision=15534
an int or it could be a long; print stuff computed from it with %lu, and
cast the arguments to "long" so that it works on platforms where time_t
*isn't* a long and where "long int" and "int" have different sizes.
svn path=/trunk/; revision=15523
I've done more than a day to change the timestamp resolution from microseconds to nanoseconds. As I really don't want to loose those changes, I'm going to check in the changes I've done so far. Hopefully someone else will give me a helping hand with the things left ...
What's done: I've changed the timestamp resolution from usec to nsec in almost any place in the sources. I've changed parts of the implementation in nstime.s/.h and a lot of places elsewhere.
As I don't understand the editcap source (well, I'm maybe just too tired right now), hopefully someone else might be able to fix this soon.
Doing all those changes, we get native nanosecond timestamp resolution in Ethereal. After fixing all the remaining issues, I'll take a look how to display this in a convenient way...
As I've also changed the wiretap timestamp resolution from usec to nsec we might want to change the wiretap version number...
svn path=/trunk/; revision=15520
"timestat_t".
Move "nstime_to_msec()" to "epan/nstime.c", as it has nothing to do with
a "timestat_t".
Use structure assignment when possible.
Fix the "addtime()" macro and use it in "time_stat_update()".
Use "timestat_t"s, and the routines to manipulate them, in the service
response time table code.
svn path=/trunk/; revision=15509
buffer and "g_strdup()"ing it.
Use the nstime.c routines to compute time deltas and to add up times.
Don't add rows to the CList until a procedure gets a non-zero call
count, so only the ones with non-zero call counts are displayed (and
especially so that procedure numbers not corresponding to real
procedures aren't displayed!).
Ethereal requires 64-bit integer support, so don't bother checking
whether we have it.
Use the right format for 64-bit integers.
svn path=/trunk/; revision=15506
Add some more optional flags to the protocol items, so more "special cases" can be marked in the protocol tree.
New flags:
/** The protocol field has a bad checksum */
FI_CHECKSUM_ERROR
/** The protocol field has an unusual sequence (e.g. TCP window is zero) */
FI_SEQUENCE_WARNING
/** The protocol field has a bad sequence (e.g. TCP segment is lost) */
FI_SEQUENCE_ERROR
svn path=/trunk/; revision=15499
gtk/tap_dfilter_dlg.c; don't export it.
That means that gtk/tap_dfilter_dlg.h is no longer useful; get rid of
it.
Rename "gtk_tap_dfilter_dlg_cb()" to "tap_dfilter_dlg_cb()", as it's
inside GTK+-specific code, so there's no need to distinguish it from
non-GTK+ callbacks.
Update some comments to reflect the name change and the new API for
registering tap_dfilter_dlg stats.
Make the AFP and SMB stats use the gtk/tap_dfilter_dlg.c stuff.
svn path=/trunk/; revision=15496
items registered with it pop up a dialog box before displaying the stat.
Don't pass a name with "..." to it.
Put "..." into other menu items that pop up a dialog box before
displaying the stat; remove "..." from other menu items that don't.
svn path=/trunk/; revision=15495
filter as an argument on the command line and have a dialog box to enter
the display filter through the GUI. Use it for all stats using
"gtk_tap_dfilter_dlg_cb()".
Add a top-level "stat_menu.h" file to declare "REGISTER_STAT_GROUP_E"
for the benefit of the declaration of "register_dfilter_stat()" in the
top-level "tap_dfilter_dlg.h". Rename the "stat_menu.h" in the gtk
directory to "gtk_stat_menu.h", so as not to have two headers with the
same name.
Get rid of headers not declaring any functions not being used in the
module.
svn path=/trunk/; revision=15493
you use the "-z" command-line options for them; make them pop up the
appropriate windows.
Move the calls to "register_stat_cmd_arg()" after the code to register
the tap, just as the calls to "register_stat_menu_item()" are done after
registering the tap.
Use "g_strdup_printf()" rather than formatting into a fixed-length
buffer and "g_strdup()"ing that buffer.
svn path=/trunk/; revision=15489
name "rtp"; we don't need another one, especially given that
"rtp_stream.c" doesn't directly implement a stat (note that it doesn't
register a menu item).
svn path=/trunk/; revision=15488
- Add plugins_dlg.h
- Include .h files in their respective .c files
- Include .h and remove extern declarations in .c files
- set eol-style and keywords on gui_utils.[hc]
svn path=/trunk/; revision=15471
possible, and, for AFP replies, add in the frame with the request and
the time between those two frames.
Have AFP per-request-type RTT statistics, similar to SMB's statistics.
svn path=/trunk/; revision=15456
(so if the file's gzipped, it's *NOT* the size of the file after
uncompressing), and an approximation of the amount of that data read
sequentially so far.
Use those for various progress bars and the like.
Make the fstat() in the Ascend trace reader directly use wth->fd, as
it's inside Wiretap; that gets rid of the last caller of wtap_fd() (as
we're no longer directly using fstat() or lseek() in Ethereal), so get
rid of wtap_fd().
svn path=/trunk/; revision=15437
and "Statistics" menu items into "stat.h" and "stat.c", to separate them
from the core tapping APIs. A tap could conceivably not register as a
"-z" command-line argument or "Statistics" menu item, and a stat could
conceivably not be implemented as a tap, and dissectors that implement
tapping points don't need the UI-related stuff from "stat.h", they just
want the tap-related stuff in <epan/tap.h>.
svn path=/trunk/; revision=15427
data, so that "f_len" still keeps the size of the underlying file (which
is necessary in order to make the progress bar when files are being read
work correctly).
svn path=/trunk/; revision=15415
to recompile tethereal.o etc each time the svn version has changed,
relinking is sufficient.
I'm not sure what to do about mergecap, as it currently doesn't link
against version_info, so it's "overhead" either way.
svn path=/trunk/; revision=15371
This might at some places interfere with the changes for gcc4, we might have to negotiate in that case :-)
Please note that a lot of these warnings were GTK1.x related only!
svn path=/trunk/; revision=15286
_U_-ify some unused arguments, rather than assigning them to themselves.
Un-constify one variable that gets assigned a mallocated pointer.
Clean up indentation.
svn path=/trunk/; revision=15236
- don't use GtkSelectionData after returned to GTK, as it might free this data immediately (copy the data instead and free it after usage)
- fix return value handling for DnD merge, so it will work again
svn path=/trunk/; revision=15056
(presumably-)harmless-but-otherwise-unremovable const-to-nonconst
warnings.
In the TACACS dissector, clean up the variables used in option parsing
to avoid some const-to-nonconst warnings.
Clean up some white space.
svn path=/trunk/; revision=15043
This offesr memory allocation with a packet scope making memory leaks less likely and memory management faster.
Add initialization calls for both tethereal and ethereal.
Convert the ip_to_str() function to use this and avoid doing the silly rotating buffers thing it previously did.
We also need an equivalent set of functions for allocation with capture file scope (free when next capture is loaded) but i dont know where to put the free_all call.
svn path=/trunk/; revision=14984
For the time being, just add a dummy define for this symbol making it always TRUE for gtk-1.x users so that it compiles.
this should be fixed properly at a later stage, but i guess there are very few users of gtk-1.2 anyway so no urgency.
svn path=/trunk/; revision=14949
Example: SUM(tcp.analysis.rto)
so one can plot the total amount of time that TCP sessions were idle due to waiting for a retransmission to occur.
svn path=/trunk/; revision=14920
cfile.current_frame to it separately.
Note that we shouldn't ever get a "Selected packet isn't a TCP segment"
error any more; we can now handle all link layers.
Give a little more detail in the message shown if there's *more than
one* TCP header in the packet.
svn path=/trunk/; revision=14895
Don't regenerate the packet list when generating the TCP stream graph -
it won't be changing; just redissect and run the tap.
svn path=/trunk/; revision=14894
returned quite a list of files. Add them to MAINTAINERCLEANFILES.
Whitespace changes (replace multiple spaces by TABs, in a few cases this
needed to be done at the beginning of Makefile lines.
svn path=/trunk/; revision=14891
tcp-graph has been modified to extract tcp data from a TAP instead of reading and parsing directly from the capture file.
This makes tcp graph work for any type of capture and for any transport.
In the future someone with access to captures with TCP over something over TCP
to add a dialog where the user can specify WHICH of the multiple TCP sessions to graph.
svn path=/trunk/; revision=14889
strange enough, MSVC cannot convert from guint64 to float, so cast guint64 -> gint64 -> float
However, even gint64 might be big enough to prevent us from an overflow :-)
svn path=/trunk/; revision=14888
- avoid the clist of the calls dlg to be refreshed multiple times when
first appear.
- destroy the Graph window when the data is not valid anymore.
- fixes an H245 packet count error
- resizing the Graph windows when is displayed (up to 5 columns).
With a change to leave static voip_calls_tapinfo_t the_tapinfo_struct =
{0, NULL, 0, NULL, 0, 0, 0, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0};
alone.
svn path=/trunk/; revision=14852
If you have an RTP stream in which the first packet is duplicated, and has the marker bit set, then the RTP stream analysis will try to pad silence into a temporary file from 0 upto whatever the RTP timestamp is (which is enough to fill up my disk...). The patch fixes this misbehaviour.
svn path=/trunk/; revision=14850
This is extremely useful, to keep track of the corresponding request/response packets of a DCE/RPC call (which can be quite a lot packets if fragmentation is used).
svn path=/trunk/; revision=14826
code before the call would have blown up if "table" were null. Remove
the check for a null pointer; this squelches some unset-variable
warnings you get from GCC4 because its dataflow analysis runs across
function boundaries.
svn path=/trunk/; revision=14810
new dissector for the AudioCodes trunk trace protocol.
This protocol is used to debug the trunk protocol in AudioCodes
gateways. It currently supports ISDN PRI and CAS (MFCR2, WinkStart,
etc...) trunk protocols. It also add these protocols in the "Voip Calls
Graph..."
svn path=/trunk/; revision=14789
This is done "long before" calling gtk_init() as this function requires a running X server, causing an error if running from the console only.
svn path=/trunk/; revision=14736
In order to get filtering of conversations and
> endpoints to work from the endpoints and conversations windows I found
> it necessary to add a new AT_URI address type and a SAT_JXTA. This also
> necessitated a change to to_str.c to avoid a buffer overflow problem.
> Please review these changes carefully.
>
> Also includes some changes to the jxta dissector to fix filtering on
> generated fields and some changes to the types used for ints/unsigned ints.
>
> Fixes a bug with the processing of messages containing namespaces.
svn path=/trunk/; revision=14714
Ulf Lamping