error message and quit if the user tries to use ring buffering with
another capture file format, and put a note about that in the Tethereal
man page.
svn path=/trunk/; revision=4615
formats we can read; include vendor names.
We should be able to read TokenPeek captures, as well as captures from
the Windows versions of EtherPeek.
Don't list the version numbers for EtherPeek and TokenPeek - those are
file format version numbers, not program version numbers.
svn path=/trunk/; revision=4599
"epan/..." pathnames, so as to avoid collisions with header files in any
of the directories in which we look (e.g., "proto.h", as some other
package has its own "proto.h" file which it installs in the top-level
include directory).
Don't add "-I" flags to search "epan", as that's no longer necessary
(and we want includes of "epan" headers to fail if the "epan/" is left
out, so that we don't re-introduce includes lacking "epan/").
svn path=/trunk/; revision=4587
"epan/..." pathnames, so as to avoid collisions with header files in any
of the directories in which we look (e.g., "proto.h", as some other
package has its own "proto.h" file which it installs in the top-level
include directory).
Don't add "-I" flags to search "epan", as that's no longer necessary
(and we want includes of "epan" headers to fail if the "epan/" is left
out, so that we don't re-introduce includes lacking "epan/").
svn path=/trunk/; revision=4586
put a CRC32C checksum into the header of SCTP packets;
add a new "-S" option that is similar to "-s" but that also
includes the DATA chunk header, for input files that contain
only SCTP payloads.
svn path=/trunk/; revision=4580
items to the protocol tree; it's interpreted as "the rest of the data in
the tvbuff". This can be used if
1) the item covers the entire packet or the remaining payload in
the packet
or
2) the item's length won't be known until it's dissected, and
will be then set with "proto_item_set_len()" - if an
exception is thrown in the dissection, it means the item ran
*past* the end of the tvbuff, so saying it runs to the end of
the tvbuff is reasonable.
Convert a number of "proto_tree_add_XXX()" calls using
"tvb_length_remaining()", values derived from the result of
"tvb_length()", or 0 (in the case of items whose length is unknown) to
use -1 instead (using 0 means that if an exception is thrown, selecting
the item highlights nothing; using -1 means it highlights all the data
for that item that's available).
In some places where "tvb_length()" or "tvb_length_remaining()" was used
to determine how large a packet is, use "tvb_reported_length()" or
"tvb_reported_length_remaining()", instead - the first two calls
indicate how much captured data was in the packet, the latter two calls
indicate how large the packet actually was (and the fact that using the
latter could cause BoundsError exceptions to be thrown is a feature - if
such an exception is thrown, the frame really *was* short, and it should
be tagged as such).
Replace some "proto_tree_add_XXX()" calls with equivalent
"proto_tree_add_item()" calls.
Fix some indentation.
svn path=/trunk/; revision=4578
Support for generating filter expressions based on packet list
column values
Support for adding filter expressions generated from column or
protocol tree field values to the current expression rather
than replacing the current expression
svn path=/trunk/; revision=4522
Additional Windows Makefile dependencies, so more stuff gets
built as needed.
Additional stuff cleaned up by "make clean" (well, "nmake -f
makefile.nmake clean", anyway)
Make PDB_FILE be "vc*.pdb", so it referes to the PDB files
either for VC++ 5.0 or VC++ 6.0.
svn path=/trunk/; revision=4481
Add some missing files in the "clean" targets.
Use pod2html rather than man2html to build HTML man pages.
Fix ethereal.nsi.in for recent versions of NSIS, and fix a typo.
svn path=/trunk/; revision=4475
to reflect tvbuff-based access to packet data.
Update calls that deal with columns to pass "pinfo->cinfo" rather than
"pinfo->fd".
Update the example of preference registration to reflect the replacement
of the BXXP dissector with the BEEP dissector.
svn path=/trunk/; revision=4376
libpcap format, and say that it's also used by "other tools" (tcpdump
and Ethereal/Tethereal aren't the only tools that write captures in that
format).
Weaken the claim that we read Etherpeek files to say only that we read
Etherpeek versions 5, 6, and 7 for Macintosh, so people don't conclude
that we read Etherpeek-for-Windows captures (we don't).
svn path=/trunk/; revision=4337
Nisbet.
Make a comment in "wiretap/file.c" clearer, so people know where to put
the entries for their capture file type.
svn path=/trunk/; revision=4328
files to get that big.
From Thomas Wittwer and Matthias Nyffenegger:
Support for "ring buffer mode", wherein there's a ring buffer of N
capture files; as each capture file reaches its maximum size (the ring
buffer works only with a maximum capture file size specified), Ethereal
rolls over to the next capture file in the ring buffer, replacing
whatever packets might be in it with new packets.
svn path=/trunk/; revision=4323
as the pathname of a capture file to be read. If more than one such
option is specified, print a usage message.
Fix the documentation of the "-r" option to Ethereal and Tethereal.
svn path=/trunk/; revision=4253
1) print the payload length in AH headers correctly (the field's
value is length of the payload, minus 2, divided by 2, so we
have to add 2 before multiplying by 2);
2) correctly handle, in an SIOCGIFCONF list, entries whose
address has an "sa_len" field less than the size of a "struct
sockaddr" (the length of the address in an entry is the
maximum of the real length and the size of a "struct
sockaddr").
svn path=/trunk/; revision=4186
On Windows, put the ".ethereal" directory under the user profile
directory rather than the home directory.
Update the documentation to reflect that, and to fix other out-of-date
information, as well as some typos.
svn path=/trunk/; revision=4068
which the Ethereal binary is found; there's no notion of "/etc" or of
"/etc/ethers" or "/etc/ipxnets" files on Windows.
Update the documentation to reflect that, and fix a typo in the Ethereal
and Tethereal man pages.
svn path=/trunk/; revision=4055
I have enhanced the standard Ethereal Icon and added the following
renderings:
* 32x32 - 256 Colour with transparency
* 16x16 - 256 Colour with transparency
* 16x16 - 16 Colour
Add to the list of authors in the man page the names of people who've
contributed to Wiretap but not to the rest of Ethereal - there's
currently no Wiretap man page, so we might as well give them credit in
the Ethereal man page.
svn path=/trunk/; revision=4053
Update the lists of known capture file formats in the Tethereal,
editcap, and mergecap man pages to match the current list (as found in
the Ethereal man page).
svn path=/trunk/; revision=4039
fix the processing of the month and year fields in the SCTC
Timestamp (the month is 1-origin, so subtract 1 from it before
putting it in "tm_mon", which is 0-origin; the year is a 2-digit
field that is, at least, Y2K-safe (but Y2.1K-unsafe), so if it's
less than 90, assume it's in the 21st century);
UCP OT 50-57 messages have a fixed number of fields and a
special handling of the MT is not necessary, so get rid of that.
Also, fix a typo in a comment.
svn path=/trunk/; revision=4030
it's in the "etc" subdirectory of the installation directory on UNIX and
in the installation directory on Windows, and give the typical pathnames
of both of those directories.
svn path=/trunk/; revision=4014
- A bug related to "WSP header pages" is fixed, that
resulted into "malformed WSP frame" alerts
- "Concatenated PDUs" (Multiple PDUs within one UDP
packet) are now supported (used e.g. by Nokia 8310)
- The URL of WSP GET/POST requests is display in the
info column, same like HTTP GET requests
svn path=/trunk/; revision=4004
"conversation_new()" and "find_conversation()" do not have fixed
identities as source and destination addresses, and to reflect the name
changes we made to arguments and flags to dispel any notion that they
had such fixed identities.
svn path=/trunk/; revision=3887
"proto_item_set_text()" except that it appends the result of the
formatting to the item's current text, rather than replacing the item's
current text. Use it in the DNS dissector.
svn path=/trunk/; revision=3880
but, before you set the text, you throw an exception while putting stuff
under the subtree, you end up with an absolutely blank protocol tree
item, which is really gross. Instead of calling
"proto_tree_add_notext()", call "proto_tree_add_text()" with at least a
minimal label - yes, it does mean you do some work that will probably be
unnecessary, but, absent a scheme to arrange to do that work if it *is*
necessary (e.g., catching exceptions), the alternative is an ugly
protocol tree display.
svn path=/trunk/; revision=3879
a request or reply; make its return value "gboolean", and have it just
return TRUE or FALSE. Also make an array index variable unsigned, to
squelch a GCC warning.
Support for additional SIP methods, from Jean-Francois Mule.
svn path=/trunk/; revision=3865
1) Shiva PAP (SPAP) and Extensible Authentication Protocol (EAP)
2) CBCP negotiation in LCP Callback Operation Field
to the PPP dissector.
svn path=/trunk/; revision=3826
Update Makefile.am and Makefile.nmake files to build it (although it's
not currently built by default; you have to do "make idl2eth.1" on UNIX,
and something similar on Windows.
Put a full copyright notice into "doc/Makefile.nmake", along with a
comment explaining why stuff depends on "../config.h". Also, add
"clean" rules to it to get rid of generated files for mergecap and
text2pcap documentation.
svn path=/trunk/; revision=3801
Throw a very small caltrop in the way of spam-harvesters, by replacing
"@" in e-mail addresses in the AUTHORS file and Ethereal man page with
"[AT]" (although I wouldn't be surprised to find that some of those
harvesters already know about that trick and "fix" those addresses so
you, too, can receive Valuable Information about Viagra, can-fail
Internet investment opportunities and stuff-envelopes-at-home jobs, and
cable descramblers).
Add a couple of items from the AUTHORS file to the Ethereal man page.
svn path=/trunk/; revision=3781
Update NSIS syntax for newest NSIS. That fix from David O'Shea.
Set config.nmake to get non-cygwin version of Python.exe; cygwin version
is fouling up on me and I'm not sure why.
svn path=/trunk/; revision=3705
- at least some versions of makewhatis (e.g., the Solaris version)
uses that name in a case-sensitive fashion, so you can't do "man
ethereal", say, you have to do "man Ethereal", and that doesn't work as
the man page file is "ethereal.1", not "Ethereal.1".
svn path=/trunk/; revision=3656
Joerg Meyer.
Support for saving to the preferences file the settings for all types of
name resolution.
Do a case-insensitive check for "true" and "false" in Boolean preference
settings.
svn path=/trunk/; revision=3489
files. See text2pcap.1 (built from doc/text2pcap.pod) for details.
Changed 'tethereal -x' output to match hex dump format of text2pcap,
Ethereal and others.
svn path=/trunk/; revision=3421
traffic engineering TLV dissection, IS neighbor and IP reachability TLVs
given their own subtree types), from Jean-Christian Pennetier.
svn path=/trunk/; revision=3413
people don't blindly insert the old address into new dissectors, which
is probably how it got into the dissectors being fixed here.
svn path=/trunk/; revision=3348
"proto_tree_add_text()" any more, so the scripts that take that output
and massage it into various forms don't have to check for it any more.
Get rid of the FT_-name-to-description filtering in eproto2sgml, as it's
not used, and fix it in the other two scripts to correspond to the
current list of FT_ values.
svn path=/trunk/; revision=3336
make the dissector function in the sample dissector code a static
function, and to leave out the "CHECK_DISPLAY_AS_DATA()" call and the
line to set "pinfo->current_proto" in the sample dissector, as the
sample dissector is called through a dissector table, and the code to
call through a dissector table does both of those for you.
svn path=/trunk/; revision=3278
Guy Harris