by Network General (subsequently merged with McAfee Associates into
Network Associates), called "Sniffer Basic".
A similar format appears to be used by the Windows Sniffer Pro.
svn path=/trunk/; revision=194
filename as the parameter. So far all the filetypes that wiretap can read
can be inferred from the first few bytes of the file, so we never
have to give wiretap a hint as to the file type.
svn path=/trunk/; revision=173
to add ssh to their firewall rules, so he's out of CVS for a few days.
This adds support for MS Network Monitor files to wiretap.
svn path=/trunk/; revision=172
This necessitated a change in ethereal because iptrace supports multi-NIC
packet capturing, including multi-datalink-type capturing.
svn path=/trunk/; revision=145
Tests for GTK versions are done during compilation, not during "./configure".
The big problems have been taken care of in this patch (functional change
in the packet clist and conversion of menu_factory to item_factory), but
plenty of smaller problems with dialogue boxes abound. I have fixed
a small problem with file_open*(), but have left 2 comments in just in case
I'm not going about this the right way. Can someone verify?
svn path=/trunk/; revision=127
"wiretap" subdirectory, and thus leave a "config.status" file around so
that one of the "auto{make,configure,header}" guys doesn't complain when
rebuilding stuff that it can't open "config.status". (The
"automake"-generated Makefile will recurse into "wiretap", and, at least
if you're doing builds from a tree freshly checked out from CVS, "XXX"
files will probably have been checked out before "XXX.in", so "make"
will try to reconstruct the "XXX" files from the "XXX.in" files.)
That also obviates the need to make "wiretap/Makefile" here.
We can also re-delete "wiretap/Makefile" from CVS - the problem that
caused me to bring it back wasn't caused by its absence, it was caused
by the above. As "Makefile"s generated by "configure" scripts depend on
the particular system on which you ran "configure", there's no One True
Makefile so "Makefile" should'n't be under CVS.
svn path=/trunk/; revision=95
the many complaints you get if you do a "configure" followed by a "make"
in a freshly-checked-out Ethereal source tree (it bitches when, or maybe
after, "automake"ing it, complaining about not being able to open
"config.status" - the right fix might be to make the "configure" script
recurse).
svn path=/trunk/; revision=94
CVS; it's generated by the "configure" script, and the resulting
Makefile is platform-dependent, so there's no One True Makefile to put
under CVS.
svn path=/trunk/; revision=93
That requires that, in the packet-reading loop, we pass to the callback
routine the offset in the file of a packet's data, because we can no
longer compute that offset by subtracting the size of the captured
packet data from the offset in the file after the data was read -
"snoop" may stick padding in after the packet data to align packet
headers on 4-byte boundaries.
Doing that required that we arrange that we do that for "libpcap"
capture files as well; the cleanest way to do that was to write our own
code for reading "libpcap" capture files, rather than using the
"libpcap" code to do it.
Make "wtap_dispatch_cb()" and "pcap_dispatch_cb()" static to "file.c",
as they're not used elsewhere.
If we're using wiretap, don't define in "file.h" stuff used only when
we're not using wiretap.
Update the wiretap README to reflect Gilbert's and my recent changes.
Clean up some memory leaks in "wiretap/lanalyzer.c" and
"wiretap/ngsniffer.c", where the capture-file-format-specific data
wasn't freed if the open failed.
svn path=/trunk/; revision=91
packet. The date is still not taken into account, so all the traces appear to
start on Jan 1, 1970. But the time of day is correct, so at least you get good
delta times.
svn path=/trunk/; revision=89
wiretap functions to be more generic and therefore allow an easier integration
of more packet-capture file types. I also put in all the GPL copyrights in the
wiretap code.
svn path=/trunk/; revision=83
because it is still in its infancy, but it can be compiled in optionally.
The library exists in its own subdirectory ethereal/wiretap. This patch also
edits all the packet-*.c files to remove the #include <pcap.h> line which is
unnecessary in these files. In the ethereal code, file.c is the most heavily
modified with #ifdef WITH_WIRETAP lines for the optional library.
svn path=/trunk/; revision=82
Guy Harris