| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a particular type, rather than taking a varargs list, along the lines of
the "proto_tree_add_XXX_format()" routines.
Replace most calls to "proto_tree_add_item()" and
"proto_tree_add_item_hidden()" with calls to those routines.
Rename "proto_tree_add_item()" and "proto_tree_add_item_hidden()" to
"proto_tree_add_item_old()" and "proto_tree_add_item_hidden_old()", and
add new "proto_tree_add_item()" and "proto_tree_add_item_hidden()"
routines that don't take the item to be added as an argument - instead,
they fetch the argument from the packet whose tvbuff was handed to them,
from the offset handed to them.
svn path=/trunk/; revision=2031
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add exceptions routines.
Convert proto_tree_add_*() routines to require tvbuff_t* argument.
Convert all dissectors to pass NULL argument ("NullTVB" macro == NULL) as
the tvbuff_t* argument to proto_tree_add_*() routines.
dissect_packet() creates a tvbuff_t, wraps the next dissect call in
a TRY block, will print "Short Frame" on the proto_tree if a BoundsError
exception is caught.
The FDDI dissector is converted to use tvbuff's.
svn path=/trunk/; revision=1939
|
| |
|
|
|
|
| |
files that no longer contain any information as a result of that change.
svn path=/trunk/; revision=1871
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
proto_tree_add_protocol_format()
proto_tree_add_uint_format()
proto_tree_add_ipxnet_format()
proto_tree_add_ipv4_format()
proto_tree_add_ipv6_format()
proto_tree_add_bytes_format()
proto_tree_add_string_format()
proto_tree_add_ether_format()
proto_tree_add_time_format()
proto_tree_add_double_format()
proto_tree_add_boolean_format()
If using GCC 2.x, we can check the print-format against the variable args
passed in. Regardless of compiler, we can now check at run-time that the
field type passed into the function corresponds to what that function
expects (FT_UINT, FT_BOOLEAN, etc.)
Note that proto_tree_add_protocol_format() does not require a value field,
since the value of a protocol is always NULL. It's more intuitive w/o the
vestigial argument.
Fixed a proto_tree_add_item_format-related bug in packet-isis-hello.c
Fixed a variable usage bug in packet-v120.c. (ett_* was used instead of hf_*)
Checked in Guy's fix for the function declearation for proto_tree_add_text()
and proto_tree_add_notext().
svn path=/trunk/; revision=1713
|
| |
|
|
| |
svn path=/trunk/; revision=1237
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
put it into a subroutine in "packet-arp.c", and call it from
"packet-q2931.c".
Add a "packet-arp.h" header to hold declarations of routines exported by
"packet-atm.c" (other than the ATM dissector itself), moving them out of
"packet.h".
Use the aforementioned NSAP dissector to display ATM addresses in NSAP
format, and display E.164 addresses as ASCII text (under the assumption
that they're presented as a string of IA5, i.e. ASCII, characters, just
as they are in Q.931).
svn path=/trunk/; revision=1124
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
requests, as described in RFC 2225; they do *not* have the same format
as regular ARP requests, so dissect them differently.
Inverse ARP is also used on ATM, so add the Inverse ARP request and
reply message types. (It's also used with other protocols, e.g. Frame
Relay.)
Handle zero-length addresses (meaning the address is absent).
They can have up to 6 different address fields, so make "bytes_to_str()"
have six static buffers in which it can return strings.
svn path=/trunk/; revision=1123
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dynamically-assigned "ett_" integer values, assigned by
"proto_register_subtree_array()"; this:
obviates the need to update "packet.h" whenever you add a new
subtree type - you only have to add a call to
"proto_register_subtree_array()" to a "register" routine and an
array of pointers to "ett_", if they're not already there, and
add a pointer to the new "ett_" variable to the array, if they
are there;
would allow run-time-loaded dissectors to allocate subtree types
when they're loaded.
svn path=/trunk/; revision=1043
|
| |
|
|
|
|
| |
enums.
svn path=/trunk/; revision=971
|
| |
|
|
|
|
| |
- fix bug (hf_arp_proto_type was used in place of hr_arp_proto_size).
svn path=/trunk/; revision=851
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the base for numbers to be displayed in, bitmasks for bitfields, and blurbs
(which are one or two sentences describing the field).
proto_tree_add*() routines now automatically handle bitfields. You tell
it which header field you are adding, and just pass it the value of the
entire field, and the proto_tree routines will do the masking and shifting
for you.
This means that bitfields are more naturally filtered via dfilter now.
Added Phil Techau's support for signed integers in dfilters/proto_tree.
Added the beginning of the SNA dissector. It's not complete, but I'm
committing it now because it has example after example of how to use
bitfields with the new header_field_info struct and proto_tree routines.
It was the impetus to change how header_field_info works.
svn path=/trunk/; revision=815
|
| |
|
|
|
|
| |
- check for truncated header
svn path=/trunk/; revision=764
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
prints the protocol tree, and summary prints the fields in the summary
clist, with a header line at the beginning of the printout.
Print only packets selected by the current packet filter.
Just have "ARP" and "RARP" in the "Protocol" field for ARP packets;
whether it's a request or a reply can be seen in the "Info" field.
Add to the "Frame" section of the protocol tree the time between the
current packet and the previous displayed packet, and the packet number.
Have FT_RELATIVE_TIME fields be a "struct timeval", and display them as
seconds and fractional seconds (we didn't have any fields of that type,
and that type of time fits the delta time above).
Add an FT_DOUBLE field type (although we don't yet have anything using
it).
svn path=/trunk/; revision=666
|
| |
|
|
|
|
|
|
|
| |
FT_NONE, so the first argument in the variable-length portion of the
argument list to the "proto_tree_add_item()" or
"proto_tree_add_item_format()" call to add the top-level protocol tree
item for a protocol has to be a null pointer.
svn path=/trunk/; revision=405
|
| |
|
|
|
|
|
| |
allowing users to filter on the existence of these protocols. I also
added packet-clip.c to the Nmake makefile.
svn path=/trunk/; revision=402
|
| |
|
|
|
|
|
| |
mechanism that is built into ethereal. Wiretap is now used to read all
file formats. Libpcap is used only for capturing.
svn path=/trunk/; revision=342
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
can be used by dissectors other than ARP to display byte arrays as
strings of hex digits.
Add a routine to extract a null-terminated Unicode string and turn it
into an ISO 8859-1 string for display. (Ultimately, we should determine
what character sets the X server or printer or whatever can handle, and
turn it into the appropriate character set.)
Display the challenge in "core-to-LANMAN-2.1" Negotiate Protocol
responses as a string of hex digits - but only if the length is
non-zero. (It's a counted array, not a null-terminated string.)
Display some additional security mode bits in an NT LM 0.12 Negotiate
Protocol response.
Display some additional bits in the "capabilities" field of the
Negotiate Protocol response.
Display the challenge in an NT LM 0.12 Negotiate Protocol response as a
string of hex digits (it's a counted array, not a null-terminated
string).
Display the domain name as Unicode in an NT LM 0.12 Negotiate Protocol
response if the capabilities field has the "supports Unicode" bit set
(no, not the "Unicode" bit in the "flags2" field - NT doesn't set that
in the response, even though it sends the domain name over in Unicode!).
Display some additional bits in the "flags2" field of an SMB.
svn path=/trunk/; revision=275
|
| |
|
|
|
|
|
|
|
|
| |
reference the protocol tree with struct proto_tree and struct proto_item
objects. That way, the packet decoding source code file can be used with
non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged
some of the information in packet.h to more appropriate places (like other
packet-*.[ch] files).
svn path=/trunk/; revision=223
|
| |
|
|
| |
svn path=/trunk/; revision=177
|
| |
|
|
|
|
|
|
| |
* Added check_col(), add_col_str() and add_col_fmt() to replace references
to ft->win_info.
* Added column prefs handling code.
svn path=/trunk/; revision=97
|
| |
|
|
|
|
|
|
|
|
| |
because it is still in its infancy, but it can be compiled in optionally.
The library exists in its own subdirectory ethereal/wiretap. This patch also
edits all the packet-*.c files to remove the #include <pcap.h> line which is
unnecessary in these files. In the ethereal code, file.c is the most heavily
modified with #ifdef WITH_WIRETAP lines for the optional library.
svn path=/trunk/; revision=82
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use that routine in "ethertype()".
Have "dissect_arp()" handle hardware addresses that aren't
6-byte Ethernet addresses and protocol addresses that aren't
4-byte IPv4 addresses - currently, it just prints the first 16
hex digits, but it could be made to handle other types specially
just as it handles 6-byte Ethernet and 4-byte IPv4 addresses.
Have it decode a more complete set of hardware address types.
svn path=/trunk/; revision=78
|
| |
|
|
|
|
|
|
|
| |
* Hacks to the filter interface (Gerald)
* About box (Laurent)
* AppleTalk support (Simon)
* Mods to the match_strval routine (Gerald)
svn path=/trunk/; revision=61
|
| |
|
|
|
|
|
|
|
|
| |
initialized at compile time.
Compute the number of elements in that array at compile time.
Fix a typo ("Unkown" for "Unknown").
svn path=/trunk/; revision=44
|
| |
|
|
|
|
|
| |
- Separated display and capture filters; rearranged some of the look and feel
- Lots of other miscellaneous fixes and updates
svn path=/trunk/; revision=38
|
| |
|
|
|
|
| |
* FDDI support (Laurent, Guy)
svn path=/trunk/; revision=36
|
| |
|
|
|
|
|
| |
generalizes the column printing code, adds a "frame" tree item to
the tree view, and fixes a bunch of miscellaneous coding bugs.
svn path=/trunk/; revision=31
|
| |
|
|
| |
svn path=/trunk/; revision=7
|
|
|
svn path=/trunk/; revision=2
|
