aren't 1/1193000.0 second; the code used to use 1/1193180.0 second, but
at least one capture appears to have units of somewhere around
1/3579540.0 second.
svn path=/trunk/; revision=7388
Socket 0x9001 is for NLSP - it supports LANs as well as WANs, at least
as I read the specification.
Socket 0x9004 is for "IPX WAN 2".
svn path=/trunk/; revision=7387
- TLV 135 cleanup and support for subTLVs
- a common IP Reach subTLV dissector which dissects
subTLV 1 & 2 [32 & 64 Bit Admin Tags as per
draft-ietf-isis-admin-tags-01.txt]
- rework IPv6-related TLVs.
svn path=/trunk/; revision=7381
2 the time stamps are in units of 1/31250000 seconds rather than
nanoseconds - and, by generating Windows Sniffer captures with various
hdr.timeunit values, that for all the non-zero values he tested, the
time stamps for non-gigabit pod captures are in units of 1/1193000
second.
Instead of having a TpS array, just test for the exception value (0 for
non-gigabit pod captures, 2 for gigabit pod captures).
svn path=/trunk/; revision=7380
* Fix the Extended Method PDU mapping (move code some lines down)
* Decode more WSP Parameter entries (now WAP Provisioning Push OK)
* First check whether the PDU content for Post, Reply and Push PDUs
can be dissected (dissector_try_X function calls), if not then
display the PDU data as "Data" in the WSP protocol tree.
* Replaced "Unsupported header" by "Undecoded header" for clarity
svn path=/trunk/; revision=7376
Duplicate ACKs that are detected/suspected are now also flagged
with which frame the original ACK was seen in and the dup ack number.
This is displayed both in the summary pane as well as in the tree pane.
svn path=/trunk/; revision=7375
Allocate the per-conversation and per-frame data items from a GMemChunk
(which saves memory and CPU time, *and* lets us free all those items
quickly - as opposed to not freeing them at all, as had been the case).
Don't assume that, just because a conversation for the TCP connection
exists, it necessarily has an AJP13 data chunk attached to it; the
conversation might have, for example, been created by the TCP sequence
number analysis code.
svn path=/trunk/; revision=7374
comma-separated, so that the resources will be built correctly and the
version number correctly displayed in the GUI, and make the resources
dependent on "config.nmake" so that they're rebuilt if it's changed.
svn path=/trunk/; revision=7373
and let the Protocol Options header code page and extended methods calls
refer to hexadecimal representation as used everywhere else in the WSP
dissection code.
svn path=/trunk/; revision=7372
FIN flag would previously only add one to the sequence number if the
FIN packet was empty, i.e. did not carry any payload data.
This caused ethereal to incorrectly flag the ACK to such packets
(FIN+payload data) to be incorrectly flagged as
ACK to previously lost segment.
Change the algorithm to always add 1 to the segment length, and thus the sequence number for all packets with teh FIN bit set.
svn path=/trunk/; revision=7371
in the configure script for the all-variables-expanded version of the
data file directory.
Don't AC_SUBST "DATAFILE_DIR", as it's not used.
Define DATAFILE_DIR in config.h as the all-variables-expanded version of
$datadir/ethereal, as that's where the global configuration files such
as manuf and the Diameter files are actually installed.
svn path=/trunk/; revision=7368
it. (Nothing other than "get_datafile_dir()" should use it - anything
that needs to know whether the configuration files are located should
use "get_datafile_dir()".)
svn path=/trunk/; revision=7367
This feature, when enabled through Edit/preferences/protocols/smb,
will look at certain SMB and CIFS related protocols to discover the
mapping between SIDs and their Names.
For those SIDs whose name has been snooped/discovered ethereal will
also add "(<name>)" to the end of the SID when printed in the tree pane
through the function dissect_nt_sid().
Currently the feature is not too exciting since the only thing that packet-smb-sidsnooping.c will look at to build this mapping table is
replies to the LSA/QueryInfoPolicy infolevel 3 packets and thus
discover mappings between a Domain SID and a Domain Name.
In the near future this future will be enhanced to also look at more interesting calls such as LSA/LookupSIDs2 and similar.
svn path=/trunk/; revision=7362
type for loopback devices; map it to DLT_NULL when reading libpcap files
with a major version of 2 and a minor version of 2, and when capturing
from an "loN" device on AIX.
svn path=/trunk/; revision=7361
- endianism issues in most multi-octet parameters
- the size of pointers to variable and optional parameters in the LUDT
and LUDTS messages (ITU only)
svn path=/trunk/; revision=7358
that's the name of the module, as long as the prefix doesn't end with
"." or "_" (so you can register "tc.tcp.port" or "tc.tcp_port", but not
"tc.tc.port" or "tc.tc_port").
svn path=/trunk/; revision=7351
preference by comparing "module->name" against the module, not by
checking the first part of the preference name - the preference name
might not contain the correct module name, as we've mapped some modules.
svn path=/trunk/; revision=7350
- checksum checks for all packets (like UDP, IP, TCP, etc.)
- this includes adding an option to turn off checking
it in the preferences menu (like TCP does).
- POLL packets
- POLR packets
- added PGM options:
- OPT_FRAGMENT
- OPT_REDIRECT
- OPT_NAK_BO_IVL
- OPT_NAK_BO_RNG
- fixed a minor offset error in SPMs
svn path=/trunk/; revision=7349
rebuilt on Windows - the UNIX version might include <unistd.h>, which
doesn't work on Windows, so you need to get rid of any UNIX-built
versions.
svn path=/trunk/; revision=7345
NULL, convert it to a copy of a null string, otherwise replace it with a
copy of the string, so that we know that the variable for the preference
always points to a string that can be freed.
That also obviates the need to worry about a null-pointer value for a
preference variable when checking to see whether a preference has changed.
When checking for a string preference not being set, check for an empty
string, not a null pointer - the above code turns null pointers into
pointers to empty strings, *and* the GUI code does (and always did!) the
same.
svn path=/trunk/; revision=7343
NULL, convert it to a copy of a null string, otherwise replace it with a
copy of the string, so that we know that the variable for the preference
always points to a string that can be freed.
That also obviates the need to worry about a null-pointer value for a
preference variable when checking to see whether a preference has changed.
When checking for a string preference not being set, check for an empty
string, not a null pointer - the above code turns null pointers into
pointers to empty strings, *and* the GUI code does (and always did!) the
same.
svn path=/trunk/; revision=7342
1, specify a tap filter that ignores all ICMP packets
2, specify a tap filter that only matches the same conversation ip/udp
as the selected packet.
svn path=/trunk/; revision=7341