I've done more than a day to change the timestamp resolution from microseconds to nanoseconds. As I really don't want to loose those changes, I'm going to check in the changes I've done so far. Hopefully someone else will give me a helping hand with the things left ...
What's done: I've changed the timestamp resolution from usec to nsec in almost any place in the sources. I've changed parts of the implementation in nstime.s/.h and a lot of places elsewhere.
As I don't understand the editcap source (well, I'm maybe just too tired right now), hopefully someone else might be able to fix this soon.
Doing all those changes, we get native nanosecond timestamp resolution in Ethereal. After fixing all the remaining issues, I'll take a look how to display this in a convenient way...
As I've also changed the wiretap timestamp resolution from usec to nsec we might want to change the wiretap version number...
svn path=/trunk/; revision=15520
"timestat_t".
Move "nstime_to_msec()" to "epan/nstime.c", as it has nothing to do with
a "timestat_t".
Use structure assignment when possible.
Fix the "addtime()" macro and use it in "time_stat_update()".
Use "timestat_t"s, and the routines to manipulate them, in the service
response time table code.
svn path=/trunk/; revision=15509
buffer and "g_strdup()"ing it.
Use the nstime.c routines to compute time deltas and to add up times.
Don't add rows to the CList until a procedure gets a non-zero call
count, so only the ones with non-zero call counts are displayed (and
especially so that procedure numbers not corresponding to real
procedures aren't displayed!).
Ethereal requires 64-bit integer support, so don't bother checking
whether we have it.
Use the right format for 64-bit integers.
svn path=/trunk/; revision=15506
Add some more optional flags to the protocol items, so more "special cases" can be marked in the protocol tree.
New flags:
/** The protocol field has a bad checksum */
FI_CHECKSUM_ERROR
/** The protocol field has an unusual sequence (e.g. TCP window is zero) */
FI_SEQUENCE_WARNING
/** The protocol field has a bad sequence (e.g. TCP segment is lost) */
FI_SEQUENCE_ERROR
svn path=/trunk/; revision=15499
gtk/tap_dfilter_dlg.c; don't export it.
That means that gtk/tap_dfilter_dlg.h is no longer useful; get rid of
it.
Rename "gtk_tap_dfilter_dlg_cb()" to "tap_dfilter_dlg_cb()", as it's
inside GTK+-specific code, so there's no need to distinguish it from
non-GTK+ callbacks.
Update some comments to reflect the name change and the new API for
registering tap_dfilter_dlg stats.
Make the AFP and SMB stats use the gtk/tap_dfilter_dlg.c stuff.
svn path=/trunk/; revision=15496
items registered with it pop up a dialog box before displaying the stat.
Don't pass a name with "..." to it.
Put "..." into other menu items that pop up a dialog box before
displaying the stat; remove "..." from other menu items that don't.
svn path=/trunk/; revision=15495
filter as an argument on the command line and have a dialog box to enter
the display filter through the GUI. Use it for all stats using
"gtk_tap_dfilter_dlg_cb()".
Add a top-level "stat_menu.h" file to declare "REGISTER_STAT_GROUP_E"
for the benefit of the declaration of "register_dfilter_stat()" in the
top-level "tap_dfilter_dlg.h". Rename the "stat_menu.h" in the gtk
directory to "gtk_stat_menu.h", so as not to have two headers with the
same name.
Get rid of headers not declaring any functions not being used in the
module.
svn path=/trunk/; revision=15493
you use the "-z" command-line options for them; make them pop up the
appropriate windows.
Move the calls to "register_stat_cmd_arg()" after the code to register
the tap, just as the calls to "register_stat_menu_item()" are done after
registering the tap.
Use "g_strdup_printf()" rather than formatting into a fixed-length
buffer and "g_strdup()"ing that buffer.
svn path=/trunk/; revision=15489
name "rtp"; we don't need another one, especially given that
"rtp_stream.c" doesn't directly implement a stat (note that it doesn't
register a menu item).
svn path=/trunk/; revision=15488
- Add plugins_dlg.h
- Include .h files in their respective .c files
- Include .h and remove extern declarations in .c files
- set eol-style and keywords on gui_utils.[hc]
svn path=/trunk/; revision=15471
possible, and, for AFP replies, add in the frame with the request and
the time between those two frames.
Have AFP per-request-type RTT statistics, similar to SMB's statistics.
svn path=/trunk/; revision=15456
(so if the file's gzipped, it's *NOT* the size of the file after
uncompressing), and an approximation of the amount of that data read
sequentially so far.
Use those for various progress bars and the like.
Make the fstat() in the Ascend trace reader directly use wth->fd, as
it's inside Wiretap; that gets rid of the last caller of wtap_fd() (as
we're no longer directly using fstat() or lseek() in Ethereal), so get
rid of wtap_fd().
svn path=/trunk/; revision=15437
and "Statistics" menu items into "stat.h" and "stat.c", to separate them
from the core tapping APIs. A tap could conceivably not register as a
"-z" command-line argument or "Statistics" menu item, and a stat could
conceivably not be implemented as a tap, and dissectors that implement
tapping points don't need the UI-related stuff from "stat.h", they just
want the tap-related stuff in <epan/tap.h>.
svn path=/trunk/; revision=15427
data, so that "f_len" still keeps the size of the underlying file (which
is necessary in order to make the progress bar when files are being read
work correctly).
svn path=/trunk/; revision=15415
to recompile tethereal.o etc each time the svn version has changed,
relinking is sufficient.
I'm not sure what to do about mergecap, as it currently doesn't link
against version_info, so it's "overhead" either way.
svn path=/trunk/; revision=15371
This might at some places interfere with the changes for gcc4, we might have to negotiate in that case :-)
Please note that a lot of these warnings were GTK1.x related only!
svn path=/trunk/; revision=15286
_U_-ify some unused arguments, rather than assigning them to themselves.
Un-constify one variable that gets assigned a mallocated pointer.
Clean up indentation.
svn path=/trunk/; revision=15236
- don't use GtkSelectionData after returned to GTK, as it might free this data immediately (copy the data instead and free it after usage)
- fix return value handling for DnD merge, so it will work again
svn path=/trunk/; revision=15056
(presumably-)harmless-but-otherwise-unremovable const-to-nonconst
warnings.
In the TACACS dissector, clean up the variables used in option parsing
to avoid some const-to-nonconst warnings.
Clean up some white space.
svn path=/trunk/; revision=15043
This offesr memory allocation with a packet scope making memory leaks less likely and memory management faster.
Add initialization calls for both tethereal and ethereal.
Convert the ip_to_str() function to use this and avoid doing the silly rotating buffers thing it previously did.
We also need an equivalent set of functions for allocation with capture file scope (free when next capture is loaded) but i dont know where to put the free_all call.
svn path=/trunk/; revision=14984
For the time being, just add a dummy define for this symbol making it always TRUE for gtk-1.x users so that it compiles.
this should be fixed properly at a later stage, but i guess there are very few users of gtk-1.2 anyway so no urgency.
svn path=/trunk/; revision=14949
Example: SUM(tcp.analysis.rto)
so one can plot the total amount of time that TCP sessions were idle due to waiting for a retransmission to occur.
svn path=/trunk/; revision=14920
cfile.current_frame to it separately.
Note that we shouldn't ever get a "Selected packet isn't a TCP segment"
error any more; we can now handle all link layers.
Give a little more detail in the message shown if there's *more than
one* TCP header in the packet.
svn path=/trunk/; revision=14895
Don't regenerate the packet list when generating the TCP stream graph -
it won't be changing; just redissect and run the tap.
svn path=/trunk/; revision=14894
returned quite a list of files. Add them to MAINTAINERCLEANFILES.
Whitespace changes (replace multiple spaces by TABs, in a few cases this
needed to be done at the beginning of Makefile lines.
svn path=/trunk/; revision=14891
tcp-graph has been modified to extract tcp data from a TAP instead of reading and parsing directly from the capture file.
This makes tcp graph work for any type of capture and for any transport.
In the future someone with access to captures with TCP over something over TCP
to add a dialog where the user can specify WHICH of the multiple TCP sessions to graph.
svn path=/trunk/; revision=14889
strange enough, MSVC cannot convert from guint64 to float, so cast guint64 -> gint64 -> float
However, even gint64 might be big enough to prevent us from an overflow :-)
svn path=/trunk/; revision=14888
- avoid the clist of the calls dlg to be refreshed multiple times when
first appear.
- destroy the Graph window when the data is not valid anymore.
- fixes an H245 packet count error
- resizing the Graph windows when is displayed (up to 5 columns).
With a change to leave static voip_calls_tapinfo_t the_tapinfo_struct =
{0, NULL, 0, NULL, 0, 0, 0, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0};
alone.
svn path=/trunk/; revision=14852
If you have an RTP stream in which the first packet is duplicated, and has the marker bit set, then the RTP stream analysis will try to pad silence into a temporary file from 0 upto whatever the RTP timestamp is (which is enough to fill up my disk...). The patch fixes this misbehaviour.
svn path=/trunk/; revision=14850
This is extremely useful, to keep track of the corresponding request/response packets of a DCE/RPC call (which can be quite a lot packets if fragmentation is used).
svn path=/trunk/; revision=14826
code before the call would have blown up if "table" were null. Remove
the check for a null pointer; this squelches some unset-variable
warnings you get from GCC4 because its dataflow analysis runs across
function boundaries.
svn path=/trunk/; revision=14810
new dissector for the AudioCodes trunk trace protocol.
This protocol is used to debug the trunk protocol in AudioCodes
gateways. It currently supports ISDN PRI and CAS (MFCR2, WinkStart,
etc...) trunk protocols. It also add these protocols in the "Voip Calls
Graph..."
svn path=/trunk/; revision=14789
This is done "long before" calling gtk_init() as this function requires a running X server, causing an error if running from the console only.
svn path=/trunk/; revision=14736
In order to get filtering of conversations and
> endpoints to work from the endpoints and conversations windows I found
> it necessary to add a new AT_URI address type and a SAT_JXTA. This also
> necessitated a change to to_str.c to avoid a buffer overflow problem.
> Please review these changes carefully.
>
> Also includes some changes to the jxta dissector to fix filtering on
> generated fields and some changes to the types used for ints/unsigned ints.
>
> Fixes a bug with the processing of messages containing namespaces.
svn path=/trunk/; revision=14714
after asking the devlist if this would break things and got no negative response, try to scan command line parameters twice, trying to "rewind" the getopt settings
this way, fixing #135
svn path=/trunk/; revision=14610
glib-object.h is is glib2 only.
graph_analysis.c:47:25: glib-object.h: No such file or directory
a patch for ths issue and also to correct the "first_item"
issue reported in "RE: [Ethereal-dev] Voip graph analysis "Save as" button"
svn path=/trunk/; revision=14577
a patch which adds support for displaying jxta
conversations and endpoints from the 'Statistics' menu. Also adds :
- a generated field to Welcome messages to indicate whether this
welcome is from the initiator or the receiver. You can filter on this
field with 'jxta.welcome.initiator==[0|1]'
- Marks the source and destination fields of message added in the last
patch as generated fields. (Saw it being done for some other protocol).
- Cleans up dissection of Message which used to assume it would
dissected more than one set of hdr/message per tvbuff. Now it only
attempts to dissect one.
- Uses GMemChunk for tap info and for conversation data rather than
g_malloc() There's still a major leakage of g_malloc()ed the c-strings
which are used in jxta addresses. Any suggestions for how these can be
allocated such that they can be freed re-init is called would be
appreciated. For address objects whose data ptr doesn't point into a
tvbuff it's not clear what the lifecyle of an address object is.
- Fixes a bug with filling in the of the transport layer conversation
data. >= vs. >
svn path=/trunk/; revision=14559
- Add a pane to contain the main graph and the comments to be able to
split them
- Change the main graph area to be a scrolled_window
- Change the look of the selected item to be blue with white text color
- Gray color the title area
- Change the conversations color to more "soft" colors (it was difficult
to read in some cases before)
svn path=/trunk/; revision=14556
as I don't see a way to fix this (and it just don't really hurt, as this scrollbar is usually shown anyway if some more packets have to be display) just show it always
svn path=/trunk/; revision=14546
use the console_log_handler in main.c for win32 AND unix now
Currently use the log for the capturing engine (only), as I desperately needed a log output for debugging.
svn path=/trunk/; revision=14438
to prevent problems, bring the main GUI into "capture mode" right after successfully spawn/exec the capture child, without waiting for any response from it
svn path=/trunk/; revision=14436
It adds "CIC" info display on the comments column for ISUP
It adds a small Help button that open up a window that offers you to vist the Wiki page containing the explanation of the Dialog window.
svn path=/trunk/; revision=14410
If we *don't* have libpcap, don't include "capture.h", and don't test
whether a capture is in progress.
Clean up a message.
svn path=/trunk/; revision=14356
all of it correctly, and as if you don't initialize all of it you get a
compiler warning.
Add an assignment to squelch a compiler warning.
svn path=/trunk/; revision=14317
This patch fixes the slightly broken logic in the loop which searches
for establisted call in isup_calls_packet.
The problem is that (right_pair) is set to false if we see call on the
same CIC as existing conversation, but with different opc/dpc pair:
at this point dpc/opc pair is not checked, so any call with the same
CIC matches:
voip_call.c:851
else{
right_pair = FALSE;
}
and then the correct conversation is never found, because right_pair is
never reset for this packet, which leads to total confusion of the call
tracking logic
Fixed by initializing right_pair = TRUE for every loop iteration
svn path=/trunk/; revision=14269
Other nodes will never be created by the tree (sort of auto pruning of the tree).
While this greatly spped up the processing performance of ethereal, it makes it "dangerous" for apps that try to walk the tree directly.
rtp_analysis did not specify the fields "rtp.version" nor " rtp.ssrc" when dissecting the current packet and as such these fields were no longer part of the tree.
This surprised rtp_analysis and a coredump resulted.
This change will add the field that we walkt the tree to find to the filter string so that they will be there.
svn path=/trunk/; revision=14200
-always show descriptive string in combo box
-correct the initialization, so cancelling the option dialog won't make trouble
svn path=/trunk/; revision=14144
ask for unsaved file when really starting the capture, not already when showing the options dialog,
use the start capture icon in the capture options dialog (instead of simply Ok)
svn path=/trunk/; revision=14142
-show the current capture file size, if capturing in real time mode.
-move the packet "Drops" count (if available) from file to packets statusbar part
svn path=/trunk/; revision=14130
sure we're not referencing a fid when we think we're referencing an
smb_nt_transact_info_t pointer. (A fuzzed capture I have triggers
this behavior).
svn path=/trunk/; revision=14107
add two toolbar toggle buttons
add icons to various menu items
create new Statistics telephony group and put telephony and alike protocols in it
svn path=/trunk/; revision=14098
add "new" capture options feature, which will act like old capture start, and change capture start option (for immediately capture)
rename Capture/Clear to Capture/Restart
svn path=/trunk/; revision=14083
add a new feature to clear the currently captured packets and restart the capture with the previous parameters
various code cleanup and minor bugfixes
Win32: use millisecond resolution in capture_loop, to smooth screen update a bit (500ms instead of 1000ms)
svn path=/trunk/; revision=14059
If this is used together with an option where input files changes too fast (e.g. new file every second), capturing will be (hopefully) stopped.
I've replaced the former capture pipe message format into a somewhat more general format to remove a lot of confusion.
svn path=/trunk/; revision=14054
display filename in statusbar while capturing
print_usage banner fixed
cf_cb_live_capture_prepare no longer needed
rename sync_pipe_do_capture -> sync_pipe_start
bugfix: sync_pipe_input_wait_for_start replaced by former implementation
fix cleanup of old file in capture_input_new_file
fix a tempfile detection bug (named file showed up as tempfile after capture)
svn path=/trunk/; revision=14053
optimization for COLUMNS to make ethereal faster when filtering
optimization to make the slow find_protocol_by_id() fast.
(idea from Didier, implementation modified by me to be less intrusive)
svn path=/trunk/; revision=14026
it's used to register a callback for a tap listener invoked if the
specified command line argument is specified to the "-z" flag.
Move it, along with routines to:
look up a "-z" argument in the table constructed by
"register_tap_listener_cmd_arg()" and either save the full
argument to "-z" and the corresponding listener if it's found or
return a failure indication if it isn't;
list the available tap listeners;
call the "init" routines for the tap listeners saved in the
table above;
and have Ethereal and Tethereal use those routines.
svn path=/trunk/; revision=13993
Ulf Lamping