Do not assume that all dissectors are in the source directory.
This is the case for instance for packet-ncp2222.c which is
generated in the production directory (current).
This is particularly important when the generation is not
made in the source directory.
- ncp2222.py
Remove tabs in generated source to make the generated code
nicer and to make work the make-reg-dotc. Without that fix,
all NCP packet dissections dump core ...
svn path=/trunk/; revision=2241
numeric values. (Also, just for laughs and for completeness, turn the
CS class into "csnet", even though it's obsolete and supposedly used
only in some examples in obsolete RFCs.)
svn path=/trunk/; revision=2240
Motif/KDE/GNOME(?) and Windows applications, with "Help" above "About",
and separated from "About" by a separator line.
(This also makes "Help->Help" the default, which is probably what most
users would want, especially if, as, and when we fill out the help.)
svn path=/trunk/; revision=2239
the addition of support for Cisco Secure Intrusion Detection
System IPlog output;
support for selecting only one side of a conversation, for
showing a conversation in hex, and for saving the displayed data
to a file, in the "Filter TCP Stream" window.
svn path=/trunk/; revision=2238
Entire Conversation
Client -> Server packets
Server -> Client packets
Have "Save As" button work as a "Print to File" button; it asks for
a filename and uses the same routine that "Print" uses to save the file.
What you see in the window is what you get in the file. So, you can get
any of the above conversations/soliloquies combined with:
ASCII
EBCDIC
Hex Dump
svn path=/trunk/; revision=2232
- short overview
- list of known protocols
- list of display filters
- short capture filter help
The display filter help can be extended in the future
when we will have a GUI for filter construction. But
this is better than nothing ;-)
And cut & paste from the text help window and the filter
input field works...
svn path=/trunk/; revision=2227
bit set it won't get sign-extended; this squelches a GCC complaint, and
may keep weird things from happening if there're non-ASCII ISO 8859/n
characters in a filter file.
svn path=/trunk/; revision=2222
bit set it won't get sign-extended; this squelches a GCC complaint, and
may keep weird things from happening if there're non-ASCII ISO 8859/n
characters in a preferences file.
svn path=/trunk/; revision=2221
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
- specify the NSAP selector for OSI transport decoding (default is still 0x21
which is valid for DECNet-OSI at least).
- force the OSI C{L,O}TP decoding whatever the NSAP is (option disabled by default).
svn path=/trunk/; revision=2217
packet length.
Use "IS_DATA_IN_FRAME()", rather than checking if "offset+1" is greater
than "pi.captured_len", to check whether there's any data left in the
packet.
Check whether data is in the packet *before* extracting it and stuffing
an item into the tree with it.
svn path=/trunk/; revision=2216
packet length.
Use "IS_DATA_IN_FRAME()" rather than checking the value of
"END_OF_FRAME" when checking whether there's any data left in the
packet.
Before putting the initial login sequence, or any part of it, into the
tree, make sure it's actually in the packet.
When looking for the end of a '\0'-terminated string, don't run past the
end of the captured data in the frame.
Before putting the terminal information into the tree, make sure it's
actually in the packet.
svn path=/trunk/; revision=2215
of the packet, use "pi.captured_len" - "fd->pkt_len" may include data
that isn't in the capture, due to a short snapshot length.
Don't use "fd->cap_len" when checking to see if you've run off the end
of the packe, use "pi.captured_len" - "fd->cap_len" isn't adjusted to
reflect any length fields, but "pi.captured_len" is (removing, for
example, Ethernet padding from the packet).
Use "END_OF_FRAME" rather than "pi.captured_len - offset", to make it a
bit clearer what's being done.
In the V.120 dissector, use "tvb_length()" when adding the top-level
protocol tree entry for V.120, as it's a tvbuffified dissector.
svn path=/trunk/; revision=2214
identifies a frame; it may do so for Ethereal, which has to allocate a
data structure for each frame, but it doesn't do so for Tethereal, which
looks at a frame once and never does so again.
Use, instead, the "num" member of the structure to which "fd" points as
a unique identifier; it's the ordinal number of the frame within a
capture (frame number, not display row number, so it doesn't change as
the display is filtered), and is thus different for all frames.
svn path=/trunk/; revision=2213
"ip_checksum_shouldbe()" compute the correct checksum given the computed
whole-packet checksum and the value of the checksum field; that scheme
can be better extended in the future to handle checksums other than the
IP header checksum, e.g. ICMP, UDP, and TCP checksums (although we'd
want a somewhat more optimized checksumming routine for that, and
perhaps have an option to control whether to do checksum checking on TCP
and UDP packets, as that could be expensive).
That requires that we remember the value of the computed checksum, not
just check it against 0; that renders "ip_checksum_state()"
uninteresting, as we can just compare the value against 0 in line.
svn path=/trunk/; revision=2210
have "ip_checksum()" compute the checksum of the IP header;
have "ip_checksum_state()" call "ip_checksum()" and then return
TRUE if the result is 0 and FALSE otherwise;
have "ip_checksum_shouldbe()" save the current value of the
checksum field in the header, set that field to 0, call
"ip_checksum()" to get the checksum, restore the value of the
checksum field in the header to the saved value, and then return
what "ip_checksum()" returned;
rather than having duplicated code to compute checksums.
svn path=/trunk/; revision=2206
compile it, find their info at the top of the file.
Explain the generated sources for developers, and the Unix-ish tools that
are needed.
svn path=/trunk/; revision=2205
file to a user-specified file.
Move the file-copy routine in save_cap_file() to an indepenent
function in file.c (copy_binary_file()) so that follow_dlg.c can use it.
Remove #include "follow.h" from the C files that don't need it.
svn path=/trunk/; revision=2200
Laurent Deniel