aboutsummaryrefslogtreecommitdiffstats
path: root/summary.c
Commit message (Collapse)AuthorAgeFilesLines
* Move summary.[ch] to libui.Guy Harris2018-02-071-230/+0
| | | | | | Change-Id: I49f1eeb4fc3a90e436da116577a7d0c5ba982eee Reviewed-on: https://code.wireshark.org/review/25657 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Move the frame_set stuff back into the capture_file structure.Guy Harris2017-12-081-3/+3
| | | | | | | | | | | | | | | | | | | libwireshark now expects an epan_t to be created with a pointer to a "packet provider" structure; that structure is opaque within libwireshark, and a pointer to it is passed to the callbacks that provide interface names, interface, descriptions, user comments, and packet time stamps, and that set user comments. The code that calls epan_new() is expected to provide those callbacks, and to define the structure, which can be used by the providers. If none of the callbacks need that extra information, the "packet provider" structure can be null. Have a "file" packet provider for all the programs that provide packets from a file. Change-Id: I4b5709a3dd7b098ebd7d2a7d95bcdd7b5903c1a0 Reviewed-on: https://code.wireshark.org/review/24731 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Put the structure of a capture_file back in cfile.h.Guy Harris2017-12-041-1/+0
| | | | | | | | | The split isn't necessary now that epan no longer uses the capture_file structure. Change-Id: Ia232712a2fb5db511865805518e8d03509b2167f Reviewed-on: https://code.wireshark.org/review/24693 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Move the parts of a capture_file used by libwireshark to a new structure.Guy Harris2017-12-041-3/+3
| | | | | | | | | | | | | | Embed one of those structures in a capture_file, and have a struct epan_session point to that structure rather than to a capture_file. Pass that structure to the routines that fetch data that libwireshark uses when dissecting. That separates the stuff that libwireshark expects from the stuff that it doesn't look at. Change-Id: Ia3cd28efb9622476437a2ce32204597fae720877 Reviewed-on: https://code.wireshark.org/review/24692 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Use cfile.h to define the capture_file type.Guy Harris2017-12-031-0/+1
| | | | | | | | | | | | | | | | | | Have cfile-int.h declare the structure, and use it in files that directly access the structure. Have cfile.h just incompletely declare the structure and include it rather than explicitly declaring it in source files or other header files. Never directly refer to struct _capture_file except when typedeffing capture_file. Add #includes as necessary, now that cfile.h doesn't drag in a ton of Change-Id: I7931c8039d75ff7c980b0f2a6e221f20e602a556 Reviewed-on: https://code.wireshark.org/review/24686 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Start using SPDX license identifiers.Gerald Combs2017-11-091-13/+1
| | | | | | | | | | | | | | | | | | | | | | | A while back Graham pointed out the SPDX project (spdx.org), which is working on standardizing license specifications: https://www.wireshark.org/lists/wireshark-dev/201509/msg00119.html Appendix V of the specification describes a short identifier (SPDX-License-Identifier) that you can use in place of boilerplate in your source files: https://spdx.org/spdx-specification-21-web-version#h.twlc0ztnng3b Start the conversion process with our top-level C and C++ files. Change-Id: Iba1d835776714deb6285e2181e8ca17f95221878 Reviewed-on: https://code.wireshark.org/review/24302 Reviewed-by: Gerald Combs <gerald@wireshark.org> Petri-Dish: Gerald Combs <gerald@wireshark.org> Reviewed-by: Balint Reczey <balint@balintreczey.hu> Tested-by: Petri Dish Buildbot Reviewed-by: Michael Mann <mmann78@netscape.net>
* iface_lists: Access all_ifaces member by referenceMikael Kanstrup2017-08-281-8/+8
| | | | | | | | | | | | | | | | | | | | | Change access of all_ifaces elements from by val to by reference. With this change unnecessary copying of the whole struct is avoided but even more important is that elements no longer have to be removed and inserted whenever data is updated. This change aims to make it more clear that all_ifaces elements shall never be removed from the array without freeing resources via the capture_opts_free_interface_t function. NOTE: Code for GTK UI not updated Ping-Bug: 13864 Change-Id: I36742cb1d5c8daa136c9d3732a044a7c8e5c7fe7 Reviewed-on: https://code.wireshark.org/review/23201 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Peter Wu <peter@lekensteyn.nl> Reviewed-by: Anders Broman <a.broman58@gmail.com>
* Allow bigger snapshot lengths for D-Bus captures.Guy Harris2017-06-051-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for them, because that's the largest possible D-Bus message size. See https://bugs.freedesktop.org/show_bug.cgi?id=100220 for an example of the problems caused by limiting the snapshot length to 256KB for D-Bus. Have a snapshot length of 0 in a capture_file structure mean "there is no snapshot length for the file"; we don't need the has_snap field in that case, a value of 0 mean "no, we don't have a snapshot length". In dumpcap, start out with a pipe buffer size of 2KB, and grow it as necessary. When checking for a too-big packet from a pipe, check against the appropriate maximum - 128MB for DLT_DBUS, 256KB for everything else. Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20 Reviewed-on: https://code.wireshark.org/review/21952 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Get rid of #if 0'd out include.Guy Harris2017-06-031-4/+0
| | | | | | Change-Id: I0d996b03303572538d250ed8f27b04a0e93cf261 Reviewed-on: https://code.wireshark.org/review/21921 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Redo the block options APIs.Guy Harris2016-07-141-14/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A block can have zero or more instances of a given option. We distinguish between "one instance only" options, where a block can have zero or one instance, and "multiple instances allowed" options, where a block can have zero or more instances. For "one instance only" options: "add" routines add an instance if there isn't one already and fail if there is; "set" routines add an instance if there isn't one already and change the value of the existing instance if there is one; "set nth" routines fail; "get" routines return the value of the instance if there is one and fail if there isn't; "get nth" routines fail. For "multiple instances allowed" options: "add" routines add an instance; "set" routines fail; "set nth" routines set the value of the nth instance if there is one and fail otherwise; "get" routines fail; "get nth" routines get the value if the nth instance if there is one and fail otherwise. Rename "optionblock" to just "block"; it describes the contents of a block, including both mandatory items and options. Add some support for NRB options, including IPv4 and IPv6 option types. Change-Id: Iad184f668626c3d1498b2ed00c7f1672e4abf52e Reviewed-on: https://code.wireshark.org/review/16444 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Directly use wtap_opttypes calls to fetch SHB options.Guy Harris2016-06-061-15/+0
| | | | | | | | | | | | | | | | | Don't put them in the summary structure; the summary routines should calculate summary statistics, not dig up every bit of information that *could* appear in a summary. Instead, have the GUI code call wtap_file_get_shb() to get the SHB information and call wtap_optionblock_get_option_string() to fetch the option values. Move the option code definitions into wtap_opttypes.h, as they're used by the API. Change-Id: Icef11f5fb30fdc3df1bb0208aae9ed0aebaf0182 Reviewed-on: https://code.wireshark.org/review/15748 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Making wiretap option blocks more generic.Michael Mann2016-02-231-18/+29
| | | | | | | | | | | | | This was inspired by https://code.wireshark.org/review/9729/, but takes it in a different direction where all options are put into an array, regardless of whether they are "standard" or "custom". It should be easier to add "custom" options in this design. Some, but not all blocks have been converted. Descriptions of some of the block options have been moved from wtap.h to pcapng.h as it seems to be the one that implements the description of the blocks. Also what could be added/refactored is registering block behavior. Change-Id: I3dffa38f0bb088f98749a4f97a3b7655baa4aa6a Reviewed-on: https://code.wireshark.org/review/13667 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
* pcapng: drop count is unknown for ISB without isb_if_drop optionHadriel Kaplan2015-08-291-2/+6
| | | | | | | | | Bug: 11489 Change-Id: I38bcc2570c2efc461e4eb0edbff8ac2a7371c725 Reviewed-on: https://code.wireshark.org/review/10311 Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
* Pcapng: clean up Section Header Block handlingHadriel Kaplan2015-08-181-3/+2
| | | | | | | | | Change-Id: I8516d0c561ed0b63e49a3594027c9c15bb789258 Reviewed-on: https://code.wireshark.org/review/9726 Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com> Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
* Add editor modelines; Adjust whitespace as needed.Bill Meier2014-10-121-0/+13
| | | | | | Change-Id: I4da7b335d905dbca10bbce03aa88e1cdeeb1f8ad Reviewed-on: https://code.wireshark.org/review/4626 Reviewed-by: Bill Meier <wmeier@newsguy.com>
* Modify includes of config.h so that out-of-tree builds, i.e. CMakeGraham Bloice2014-08-241-1/+1
| | | | | | | | | | | don't pick up the in-tree copy. Change-Id: I7ec473876cdba1a025c52362d7f6adc62d24ce71 Reviewed-on: https://code.wireshark.org/review/3798 Petri-Dish: Graham Bloice <graham.bloice@trihedral.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Roland Knall <rknall@gmail.com> Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
* Move capture_ui_utils.[ch] to libui.Guy Harris2014-06-301-2/+2
| | | | | | Change-Id: Id0f3d4d60a1acc7aa64fd3737b8f16df5bca4e5a Reviewed-on: https://code.wireshark.org/review/2708 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* wiretap: remove unused code, drop number_of_interfacesPeter Wu2014-05-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While investigating an ASAN issue (fixed in commit dcdd076ab0965c346efe90051678ba790eaf7a02), I got greatly confused by three different types having the same "interface_data" field name: * pcapng_t *pn stores an array of interface_data_t objects. * wtap *wth stores an array of wtapng_if_descr_t objects. * pcapng_dump_t should store an array of interface_data_t objects. pcapng_dump_t and friends are unused since commit c7f1a431d23e17a15777652b1252e139f182b0e6, so drop it. To fix the confusion, rename the interface_data_t type to interface_info_t type and use the local variable "iface_info" everywhere. Rename interface_data of pcapng_t to "interfaces" and add a comment what this exactly means (interfaces listed in the capture file). Drop the number_of_interfaces field for interfaces as the array length is already available from GArray. Now interface_data is always initialized for wth (which also gets copied to idb). s/int/guint/g and replace cast at some places. There are no regressions for the in-tree test suite. Change-Id: I2d5985c9f1e43f8230dbb4a73bd1e243c4858170 Reviewed-on: https://code.wireshark.org/review/1656 Reviewed-by: Evan Huus <eapache@gmail.com> Tested-by: Evan Huus <eapache@gmail.com> Reviewed-by: Michael Mann <mmann78@netscape.net>
* Revert "Refactor Wiretap"Guy Harris2014-05-091-2/+2
| | | | | | | | | | This reverts commit 1abeb277f5e6bd27fbaebfecc8184e37ba9d008a. This isn't building, and looks as if it requires significant work to fix. Change-Id: I622b1bb243e353e874883a302ab419532b7601f2 Reviewed-on: https://code.wireshark.org/review/1568 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Refactor WiretapMichael Mann2014-05-091-2/+2
| | | | | | | | | | | Start of refactoring Wiretap and breaking structures down into "generally useful fields for dissection" and "capture specific". Since this in intended as a "base" for Wiretap and Filetap, the "wft" prefix is used for "common" functionality. The "architectural" changes can be found in cfile.h, wtap.h, wtap-int.h and (new file) wftap-int.h. Most of the other (painstaking) changes were really just the result of compiling those new architecture changes. bug:9607 Change-Id: Ife858a61760d7a8a03be073546c0e7e582cab2ae Reviewed-on: https://code.wireshark.org/review/1485 Reviewed-by: Michael Mann <mmann78@netscape.net>
* Remove all $Id$ from top of fileAlexis La Goutte2014-03-041-2/+0
| | | | | | | | | | (Using sed : sed -i '/^ \* \$Id\$/,+1 d') Fix manually some typo (in export_object_dicom.c and crc16-plain.c) Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8 Reviewed-on: https://code.wireshark.org/review/497 Reviewed-by: Anders Broman <a.broman58@gmail.com>
* We always HAVE_CONFIG_H so don't bother checking whether we have it or not.Jeff Morriss2012-09-201-3/+1
| | | | svn path=/trunk/; revision=45015
* Update Free Software Foundation address.Jakub Zawadzki2012-06-281-1/+1
| | | | | | (COPYING will be updated in next commit) svn path=/trunk/; revision=43536
* For a capture file, keep an array of all encapsulation types seen.Guy Harris2012-06-151-2/+2
| | | | | | | | | Show all of them in the summary dialog; we will be using it in the future to figure out what capture file formats we can write to (just because a capture file format supports per-packet encapsulations, that doesn't mean that it supports *all possible* encapsulations). svn path=/trunk/; revision=43278
* That doesn't work correctly if we read in a file with no interfaceGuy Harris2012-05-281-0/+3
| | | | | | | | | | | | information, as it'll fill in whatever stuff happens to be in the capture info. We should somehow figure uot whether this is a capture we just did (note: cf->is_tempfile does *NOT* necessarily tell us that, as it's set for the result of a merge, and is cleared if we save the capture) and fill in the interface information only if that's the case. Put in a comment to note that we need to do that. svn path=/trunk/; revision=42874
* Correctly implement what was my intent when removing the HAVE_LIBPCAPGuy Harris2012-05-281-34/+29
| | | | | | | | | | | | | | | | stuff - arrange that the interface summary list is set, if we've read a capture file that has interface information, *regardless* of whether we have libpcap/WinPcap or not. That means that summary_fill_in() should fill in the interface information for the summary if there's interface information from the capture file, and summary_fill_in_capture() - which is called only if HAVE_LIBPCAP is defined, and can exist only if HAVE_LIBPCAP is defined (as it takes an argument of a type that's defined only if HAVE_LIBPCAP is defined) - just fills in interface information from the capture options and does so only if there's none from the file. svn path=/trunk/; revision=42873
* Don't use pcap LINKTYPE_ values in the iface_options structure, useGuy Harris2012-05-281-4/+4
| | | | | | | | | | | | | | Wiretap encapsulation values; rename the field in question encap_type to emphasize that. (Code that looks at that field already assumes it's a Wiretap encapsulation value.) For live captures, map the LINKTYPE_ value to a Wiretap encapsulation value. wtap_encap_string() never returns NULL, so don't check for a null return value. svn path=/trunk/; revision=42871
* Clean up indentation (use spaces, not tabs).Guy Harris2012-05-271-16/+16
| | | | svn path=/trunk/; revision=42868
* Use cf_update_capture_comment() to save the capture comment (instead ofJeff Morriss2012-05-241-9/+0
| | | | | | | | summary_update_comment() which is no longer necessary). cf_update_capture_comment() has the advantage that it doesn't mark the file as unsaved unless the comment actually changed. svn path=/trunk/; revision=42832
* Keep track, in Wiretap, of whether the file is compressed, and provideGuy Harris2012-05-241-0/+1
| | | | | | | | | | | an API to fetch that. When doing "Save" on a compressed file, write it out compressed. In the Statistics -> Summary dialog and in capinfos, report whether the file is gzip-compressed. svn path=/trunk/; revision=42818
* Actually remove #include <sys/types.h> ....Bill Meier2012-05-051-4/+0
| | | | svn path=/trunk/; revision=42444
* AFAICT '#include sys/types.h' is not needed for these files.Bill Meier2012-05-051-3/+3
| | | | svn path=/trunk/; revision=42443
* Delete a duplicate line of code. Fixes Coverity CID 1393: UNUSED VALUE.Chris Maynard2012-03-211-2/+0
| | | | svn path=/trunk/; revision=41700
* If we have one ISB, display the droped count from it.Anders Broman2012-03-151-0/+8
| | | | svn path=/trunk/; revision=41561
* if_filter isn't a string per se,The first byte of the Option Data keeps a ↵Anders Broman2012-03-041-1/+1
| | | | | | code of the filter used svn path=/trunk/; revision=41339
* - Add a LED in the statusbar to indicate that capture comments exists,Anders Broman2012-02-291-6/+13
| | | | | | | | | | clickable to open an edit window. - Add checks for NULL pointers. Help with a different color LED possibly with Jeff's (c) in it apreceated. Should the LED be placed elsewhere or the whole thing done differently? svn path=/trunk/; revision=41242
* Make it possible to edit capture commentsAnders Broman2012-02-261-0/+9
| | | | svn path=/trunk/; revision=41193
* Suppress invalid or non-meaningful statistics - for example, withoutGuy Harris2012-02-261-33/+55
| | | | | | | | | time stamps on all packets in a set, you can't determine the start and end time of the packets in the set (even one timestampless packet throws the determination off - was that packet before the first time-stamped or after the last time-stamped packet, or between them?). svn path=/trunk/; revision=41187
* From Irene Ruengeler: Fix a bug where the interfaceMichael Tüxen2012-02-241-11/+14
| | | | | | names are not shown during capturing. svn path=/trunk/; revision=41175
* Add SHB info to SummaryAnders Broman2012-02-231-0/+12
| | | | svn path=/trunk/; revision=41167
* Fix the handling of snaplen.Michael Tüxen2012-02-231-7/+5
| | | | | | While there fix some whitespace issues. svn path=/trunk/; revision=41164
* Have the used interfaces show up if number of interfaces > 0.Anders Broman2012-02-231-1/+19
| | | | | | (pcapng file). svn path=/trunk/; revision=41163
* Don't show interface info when loading a capture file.Michael Tüxen2011-07-151-9/+10
| | | | svn path=/trunk/; revision=38051
* Add initial support for multiple interfaces. More to come afterMichael Tüxen2011-07-051-9/+25
| | | | | | | | the capture options dialog box supports also multiple interfaces. This patch has been developed by Irene Ruengeler. svn path=/trunk/; revision=37904
* Get rid of old non-interface specific settings which are now interfaceMichael Tüxen2011-06-271-3/+6
| | | | | | | specifc. This finalizes the change of the infrastructure. This patch is based on work by Irene Ruengeler. svn path=/trunk/; revision=37794
* Create a new frame_data_sequence data type; it represents a denseGuy Harris2011-04-271-2/+2
| | | | | | | | | | | | | | | | | sequence of frame_data structures, indexed by the frame number. Extract the relevant bits of the capture_file data structure and move them to the frame_data_sequence, and move the relevant code from cfile.c and tweak it to handle frame_data_sequence structures. Have a possibly-null pointer to a frame_data_sequence structure in the capture_file structure; if it's null, we aren't keeping a sequence of frame_data structures (we don't keep that sequence when we're doing one-pass processing in TShark). Nothing in libwireshark should care about a capture_file structure; get rid of some unnecessary includes of cfile.h. svn path=/trunk/; revision=36881
* Store the frame_data structures in a tree, rather than a linked list. Guy Harris2011-04-251-9/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This lets us get rid of the per-frame_data-structure prev and next pointers, saving memory (at least according to Activity Monitor's report of the virtual address space size on my Snow Leopard machine, it's a noticeable saving), and lets us look up frame_data structures by frame number in O(log2(number of frames)) time rather than O(number of frames) time. It seems to take more CPU time when reading in the file, but seems to go from "finished reading in all the packets" to "displaying the packets" faster and seems to free up the frame_data structures faster when closing the file. It *is* doing more copying, currently, as we now don't allocate the frame_data structure until after the packet has passed the read filter, so that might account for the additional CPU time. (Oh, and, for what it's worth, on an LP64 platform, a frame_data structure is exactly 128 bytes long. However, there's more stuff to remove, so the power-of-2 size is not guaranteed to remain, and it's not a power-of-2 size on an ILP32 platform.) It also means we don't need GLib 2.10 or later for the two-pass mode in TShark. It also means some code in the TCP dissector that was checking pinfo->fd->next to see if it's NULL, in order to see if this is the last packet in the file, no longer works, but that wasn't guaranteed to work anyway: we might be doing a one-pass read through the capture in TShark; we might be dissecting the frame while we're reading in the packets for the first time in Wireshark; we might be doing a live capture in Wireshark; in which case packets might be prematurely considered "the last packet". #if 0 the no-longer-working tests, pending figuring out a better way of doing it. svn path=/trunk/; revision=36849
* Make the packet count an unsigned value, as frame numbers are unsigned.Guy Harris2011-04-251-1/+1
| | | | | | | | | | Make the loops that scan through all the packets do so by frame number, to abstract away the "next" and "previous" pointers in the frame_data structure. Add a routine to cfile.c to map frame numbers to frame_data structures, and put in some special case handling so scanning forward or backward through the packets is O(N) rather than O(N^2). svn path=/trunk/; revision=36846
* Added "Ignore Packet" menu items to the main menu.Stig Bjørlykke2009-12-171-0/+4
| | | | | | Show ignored packages in the summary dialog. svn path=/trunk/; revision=31289
* Rename capture_file.plist to capture_file.plist_start to make it consistent ↵Kovarththanan Rajaratnam2009-09-211-3/+3
| | | | | | with capture_file.plist_end svn path=/trunk/; revision=30047
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-25 17:37:51 +0000