| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
svn path=/trunk/; revision=462
|
| |
|
|
| |
svn path=/trunk/; revision=461
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the "Open File" dialog box (the "Open File" dialog box equivalent of the
"-R" flag). Have "load_cap_file()" take the filter expression as an
argument, and make the global "rfilter" into a member of a
"capture_file" structure.
When reading a temporary capture file after a live capture, don't apply
any filter.
Move the code that pops up error boxes on file opens when reading a
capture file back to "load_cap_file()"; it also pops up error boxes if
the filter expression can't be parsed.
Don't enable "File/Save" or "File/Save As..." if an attempt to read a
capture file fails - if there was already an open capture file, it was
closed by "load_cap_file()", so we no longer have an open file to save.
svn path=/trunk/; revision=460
|
| |
|
|
|
|
| |
putting it on the list of frames.
svn path=/trunk/; revision=459
|
| |
|
|
| |
svn path=/trunk/; revision=458
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
N^2 in the ultimate size of the list (as "g_list_append()" is linear in
the size of the list, at least when used in the way the GLib
documentation says to use it); instead, maintain our own linked list of
"frame_data" structures for all packets read, including a pointer to the
last element.
"gtk_clist_set_row_data()" is linear in the row number, so if it's used
to attach a pointer to the "frame_data" structure for a packet to the
packet list GtkClist row for each packet, that's also N^2 in the number
of packets in that packet list; instead, store the row number in the
"frame_data" structure, and find the packet for a given row by scanning
the list for it (we were already scanning the list linearly to find that
packet's index in the list of all packets; that's only done when a
packet's selected, so it's not *too* bad, but it might be nice to avoid
having to do that scan).
svn path=/trunk/; revision=457
|
| |
|
|
| |
svn path=/trunk/; revision=456
|
| |
|
|
|
|
| |
Required packets.
svn path=/trunk/; revision=455
|
| |
|
|
|
|
|
|
| |
display-filter syntax expression as an argument, and causes that filter
to be applied to all packets when a capture file is read in; packets
that don't match the filter are discarded.
svn path=/trunk/; revision=454
|
| |
|
|
|
|
|
| |
the source directory. The doc makefile is still broken however.
Thanks to Jan Bernard van Doorn for raising this problem.
svn path=/trunk/; revision=453
|
| |
|
|
| |
svn path=/trunk/; revision=452
|
| |
|
|
|
|
|
| |
"clear_tree_and_hex_views()" clears the hext dump window and which code
clears the protocol tree window.
svn path=/trunk/; revision=451
|
| |
|
|
|
|
| |
before the last component; thanks to Laurent Deniel for catching that one.
svn path=/trunk/; revision=450
|
| |
|
|
| |
svn path=/trunk/; revision=448
|
| |
|
|
|
|
|
|
|
|
|
|
| |
try as I might, I couldn't get gtk_timeout_add to work. I read all the docs,
but no luck. So for now I call dfilter_progress_cb for every 20 packets
that are filtered. I'd rather have *something* for the next Ethereal
release than nothing.
I also modified file_progress_cb to use it's local copy of cf rather
than the global copy.
svn path=/trunk/; revision=447
|
| |
|
|
|
|
| |
token to the yacc parser.
svn path=/trunk/; revision=446
|
| |
|
|
|
|
|
| |
ethereal executable (but this is only performed if
ethereal_path (i.e. arg[0]) does not contain any '/').
svn path=/trunk/; revision=445
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
glossary of display filter symbols, just as it does with "-G", except
that, as it can discover that it was so invoked before even looking at
the command-line arguments, it needn't even bother calling "gtk_init()"
to process those command-line arguments GTK+ cares about, and thus
needn't do any X stuff at all when so invoked.
That allows Ethereal to be built in an environment where you don't have
an X server, and, if your connection to your X server is slow, allows
you to built it faster.
Get rid of the "-G" flag, as it had only a somewhat specialized use.
svn path=/trunk/; revision=444
|
| |
|
|
|
|
| |
informatino frames.
svn path=/trunk/; revision=443
|
| |
|
|
| |
svn path=/trunk/; revision=442
|
| |
|
|
|
|
|
|
|
|
| |
double-click on a packet, it'll select that packet without necessarily
first un-selecting it (this may be a GTK+ 1.0[.x] vs. GTK+ 1.2[.x]
difference; Jeff Jahr said he first saw it when going from Ethereal
0.6.3 to 0.7.0 and going from GTK+ 1.0[.x] to GTK+ 1.2.3, but I saw it
on 0.6.3 with GTK+ 1.2.3 as well).
svn path=/trunk/; revision=441
|
| |
|
|
|
|
|
| |
"hash_table", but each of them is used only in the file in question;
make them static, so that they don't collide.
svn path=/trunk/; revision=440
|
| |
|
|
|
|
|
| |
"proto_tree_add_item()" call (and fix the length passed to it, which, it
appears, has been wrong for ages).
svn path=/trunk/; revision=439
|
| |
|
|
| |
svn path=/trunk/; revision=438
|
| |
|
|
| |
svn path=/trunk/; revision=437
|
| |
|
|
|
|
|
|
|
|
|
| |
SDLC-derived protocols such as HDLC and derivatives of it such as LAPB,
IEEE 802.2 LLC, and so on. Have the LLC and LAPB dissectors use it.
Make "dissect_numeric_bitfield()" put the low-order bit of the bitfield
in the low-order bit of an integer when printing it, so that the right
value is printed.
svn path=/trunk/; revision=436
|
| |
|
|
|
|
| |
improve X.25 decoding in other ways as well.
svn path=/trunk/; revision=435
|
| |
|
|
|
|
|
|
|
|
|
| |
SDLC-derived protocols such as HDLC and derivatives of it such as LAPB,
IEEE 802.2 LLC, and so on. Have the LLC and LAPB dissectors use it.
Make "dissect_numeric_bitfield()" put the low-order bit of the bitfield
in the low-order bit of an integer when printing it, so that the right
value is printed.
svn path=/trunk/; revision=434
|
| |
|
|
| |
svn path=/trunk/; revision=432
|
| |
|
|
|
|
|
| |
"frame[x:y]" in the display filte that it creates so that it works with
any datalink type.
svn path=/trunk/; revision=431
|
| |
|
|
| |
svn path=/trunk/; revision=430
|
| |
|
|
| |
svn path=/trunk/; revision=429
|
| |
|
|
|
|
| |
initial #ifdef changes to capture.c to support the win32 version of libpcap.
svn path=/trunk/; revision=428
|
| |
|
|
| |
svn path=/trunk/; revision=427
|
| |
|
|
|
|
|
|
|
|
|
| |
field by itself assumes you are checking for the existence of that protocol
or field.
Changed the format of the list of filterable fields in the man page.
Developers: run "./configure" so that your configure script will re-create
dfilter2pod from the new dfilter2pod.in
svn path=/trunk/; revision=426
|
| |
|
|
|
|
| |
implementation.
svn path=/trunk/; revision=425
|
| |
|
|
| |
svn path=/trunk/; revision=424
|
| |
|
|
|
|
| |
FreeBSD.
svn path=/trunk/; revision=423
|
| |
|
|
|
|
|
|
|
|
| |
the rules allowing values to precede variables in a relation, like this:
192.168.1.1 eq ip.src
More profound changes should still be made to the grammar, though.
svn path=/trunk/; revision=422
|
| |
|
|
|
|
|
|
|
|
|
| |
call to pcap_dump_open. This allows us to control the readability of the
temporary trace file, and avoid a race condition in which a user could
open the trace file after the pcap_dump_open() call and the subsequent
chmod() call.
Thanks to Jeorg for pointing for pointing out the race condition.
svn path=/trunk/; revision=421
|
| |
|
|
| |
svn path=/trunk/; revision=420
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=419
|
| |
|
|
|
|
| |
reading RADCOM WAN/LAN analyzer files and NetXRay/Windows Sniffer files.
svn path=/trunk/; revision=418
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: a
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=417
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
|
| |
|
|
|
|
|
|
| |
listed in the AUTHORS file. (Arguably, that section - *and* the list of
developers in the "Help/About" box - should be generated from the
AUTHORS file by a script....)
svn path=/trunk/; revision=415
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
as it standed depends on your lex being flex, but that only matters if you're
a developer. The distribution will include the dfilter-scanner.c file, so
that if the user doesn't modify dfilter-scanner.l, he won't need flex to
re-create the *.c file.
The new lex scanner gives me better syntax checking for ether addresses. I
thought I could get by using GScanner, but it simply wasn't powerful enough.
All operands have English-like abbreviations and C-like syntax:
and, && ; or, || ; eq, == ; ne, != ; , etc.
I removed the ETHER_VENDOR type in favor of letting the user use the [x:y]
notation: ether.src[0:3] == 0:6:29 instead of ether.srcvendor == 00:06:29
I implemented the IPXNET field type; it had been there before, but was
not implemented. I chose to make it use integer values rather than byte
ranges, since an IPX Network is 4 bytes. So a display filter looks like this:
ipx.srcnet == 0xc0a82c00
rather than this:
ipx.srcnet == c0:a8:2c:00
I can supposrt the byte-range type IPXNET in the future, very trivially.
I still have more work to do on the parser though. It needs to check ranges
when extracting byte ranges ([x:y]) from packets. And I need to get rid
of those reduce/reduce errors from yacc!
svn path=/trunk/; revision=414
|
| |
|
|
|
|
|
|
| |
read the trace. We chmod() after pcap creates the file, but before it actually
writes data there. Thanks to Frederic Peters <fpeters@multimania.com>,
the Debian maintainer of Ethereal, for pointing this out.
svn path=/trunk/; revision=413
|
| |
|
|
|
|
|
| |
Selected", use "filter_packets()" to filter the packets we currently
have, rather than re-reading the capture file.
svn path=/trunk/; revision=412
|
| |
|
|
|
|
|
| |
addresses, IP protocols, and TCP/UDP port numbers (as those are
unsigned).
svn path=/trunk/; revision=411
|
