header.
Add overflow checks to "BYTES_ARE_IN_FRAME()", and cast all arguments to
unsigned values (negative values should never be passed) to squelch
compiler warnings.
svn path=/trunk/; revision=6567
captures.
Use #defines rather than magic numbers for various header sizes, and put
in a comment explaining the header formats.
svn path=/trunk/; revision=6545
WTAP_ENCAP_ISDN encapsulation type, which includes a pseudo-header
giving the direction (user-to-network or network-to-user) and the
channel number.
Add a new circuit type, using the ISDN channel number as the circuit ID.
Add an ISDN dissector to put the direction and channel number into the
protocol tree and to call the appropriate dissector for the payload
based on the channel (LAPD for the D channel; V.120, PPP, or data for B
channels, based on some heuristics).
svn path=/trunk/; revision=6521
unknown bytes might actually be 32-bit fields.
The field after the upper 32 bits of the time stamp of the capture start
appears to be the speed of the network, in bits/second.
Put in a field for the rest of the file header, as a bunch of 32-bit
values (most fields are 32 bits, and all of them might be, in that
header), for use when reverse-engineering.
At least in version 002.x of NetXRay-format captures, WAN captures might
be ISDN captures; treat all WAN version 002.x captures as ISDN captures
for now, until we see some captures where that's wrong (and thus stand a
chance of figuring out where in the file header it indicates what type
of capture it is).
svn path=/trunk/; revision=6519
builds with zlib - "zlib.h", alas, includes <winsock.h>, and you can't
include <winsock.h> before including <winsock2.h> (at least you can
include <winsock2.h> before including <winsock.h>; thank heaven for
small favors).
svn path=/trunk/; revision=6427
gtk2 instead of gtk and glib2 instead of glib.
Right now, --enable-gtk2 will fail during compile unless
acompanied by --disable-ethereal, as ethereal does not yet
support gtk2 (but does support glib2 alone).
svn path=/trunk/; revision=6107
have it get that information from the pseudo-header instead, and set the
VPI and VCI fields in the pseudo-header before calling it.
Don't call it for non-ATM NetMon captures.
svn path=/trunk/; revision=5982
All files:
- Replace types from sys/types.h by those from glib.h
- Replace ntoh family of macros from netinet/in.h and winsock2.h
by g_ntoh family from glib.h
- Remove now unneeded includes of sys/types.h, netinet/in.h and
winsock2.h
wtap.h
Move includes to the top
svn path=/trunk/; revision=5909
Allow "-" as the output file name in Wiretap, referring to the
standard error.
Optimize the capture loop.
Fix some of the error-message printing code in Ethereal and Tethereal.
Have Wiretap check whether it can seek on a file descriptor, and pass
the results of that test to the file-type-specific "open for output"
routine. Have the "open for output" routines for files where we need to
seek when writing the file return an error if seeks don't work.
svn path=/trunk/; revision=5884
offset of the beginning of the first record containing data from that
packet, and the offset from the first byte of data in that record of the
first byte of data from that packet; to read a given packet, seek to the
offset of the first record, and keep processing packets until we find
one with the right direction.
This fixes a problem where it wasn't correctly reading the packet, when
doing random access, in cases where you have a sequence of records that
stop in the middle of a packet.
svn path=/trunk/; revision=5873
DOCSIS support, including support for "Ethernet" captures where
the raw frame is a DOCSIS frame rather than an Ethernet
frame (some Cisco cable-modem head-end gear can send out a
trace of all traffic on an Ethernet, but what it sends are
the raw bytes of DOCSIS frames, not Ethernet frames)
Get rid of second AUTHORS entry for Devin Heitmueller, merging its item
into the older entry.
Clean up the order of some lists of plugin items.
svn path=/trunk/; revision=5861
Don't add "-I/usr/include" to CFLAGS or CPPFLAGS; GCC 3.1 warns
about it, and it's not necessary.
Expand the plugin directory path used for installation at
installation time, rather than configuration time, so the user
can reset "prefix" at installation time.
svn path=/trunk/; revision=5828
<packet32.h> includes <winsock2.h>; we include that rather than
<winsock.h>, to avoid errors due to conflicting declarations in
<winsock.h> and <winsock2.h>.
svn path=/trunk/; revision=5742
types and Wiretap encapsulations after the entries to map between
platform-independent libpcap link-layer types and those Wiretap
encapsulations, so that, when writing a libpcap-format file, we choose
the platform-independent link-layer types.
svn path=/trunk/; revision=5668
In libpcap.c, move wtap_pcap_encap_to_wtap_encap before libpcap_open
so that if HAVE_PCAP_H is not true, the file will still compile.
svn path=/trunk/; revision=5660
Have "wtap_open_offline()", if asked to open a FIFO, return that error
if it was asked to open the file for random access.
svn path=/trunk/; revision=5643
the internal z_err value for the stream if an "fseek()" call it makes
fails, so that if "gzerror()" is subsequently called, it returns Z_OK
rather than an error.
To work around this, we pass "file_seek()" an "int *err", and have the
with-zlib version of "file_seek()" check, if "gzseek()" fails, whether
the return value of "file_error()" is 0 and, if so, have it return
"errno" instead.
svn path=/trunk/; revision=5642
they are, in fact, WTAP_ENCAP_FRELAY. Support 11 as WTAP_ENCAP_FRELAY
if DLT_FR is defined and is equal to 11, and support 107 as
WTAP_ENCAP_FRELAY unconditionally.
Get rid of a comment indicating that 105 isn't used - it's been
supported as DLT_IEEE802_11 for a while.
svn path=/trunk/; revision=5640
Guy Harris