[Wireshark-dev] Proposal for a Win32 update functionality -> http://wiki.wireshark.org/Development/Update
Hi List! I've added a proposal for an automatic update functionality to the Wiki. Please comment! Regards, ULFL ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Questions about dev
I try this out as well. Thank you. On 11/7/06, Kukosa, Tomas <[EMAIL PROTECTED]> wrote:
Hello,I use a little bit differen solution for a similar problem.Sometimes I need to dissect proprietray protocols from tracesfiles not
supported by Wireshark.I use following way:1) convert trace file to pcap format with linktype DLT_USERx (x=0-15) simple conversion tool can be written in Perl, Python or whatever youlike2) register my dissector to WTAP_ENCAP_USERx;
dissector_add("wtap_encap", WTAP_ENCAP_USERx, my_proto_handle);The advantage is that it does not need any changes (and recompilation)in Wireshark.regards, Tomas-Original Message-
From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED]] On Behalf Of Neha Chahal
Sent: Tuesday, November 07, 2006 9:13 PMTo: Developer support list for WiresharkSubject: Re: [Wireshark-dev] Questions about devOn 11/7/06, Guy Harris <[EMAIL PROTECTED]
> wrote:> Neha Chahal wrote:>> > The format of the file is binary>> "Binary" isn't a format for a packet capture; there are severalcapture> file formats, all of which are binary, but they're not all the same.
> What *specific* binary format is it?>> Is this some standard format (libpcap format as used by> tcpdump/WinDump/Wireshark/etc., DOS Sniffer format, Windows Sniffer> format, Microsoft Network Monitor format, Sun snoop format, etc.), or
is> it some format you or somebody else has created?Yes it is "not" one of these formats. The packets are in LEA binaryformat.>> > and the protocol is LEA.>> What protocol is that?
Law Enforcement Agency protocol for call tracing(lawful interceptprotocol)>> > It is a protocol at the application layer. So it is the top mostprotocol.>> What protocol does it run atop? TCP? UDP? Some other protocol?
>On top of UDP for my application.> > So I have to implement both. Is that true?>> Yes, you have to implement both read and seek_read functions.>> > So my read routine is returning the packet in wth->frame_buffer. But
I> > have not implementes the seek_read. The README.dev says "implement> > seek_read if necessary". What does this mean?>> It means that the documentation hasn't been updated to indicate that
> there's no longer a "default" seek_read routine that a file format> module can use, so modules always have to have their own seek_read> routine. (I've just checked in a change to wiretap/README.developer
to> fix that.)>> > When is it necessary?>> Always.>> > My packets dont have any transport layer headers. They are in the> > format I have specified in the dissector. So this is the way my
packet> > looks like.> >> > fixed header> > payload header> > variable length payload>> So are you saying that the *ONLY* protocol in the packet is this "LEA"
> protocol?Yes, only LEA.>> > In the dissector I have given protocol details starting from thefixed> > header. So the packet that I return in the wth->frame_buffer should
> > start from the fixed header to the end of the payload. Is this> > correct?>> Yes.>> > Where should the data offset point. At the payload header or at the> > fixed header ?
>> At the fixed header - it's the offset to which the seek_read routine> would need to seek to get the entire packet.okay.So once I am done doing these changes. How do I test my changes?
Should I do a make install. And then run tethereal on my binary file.Currently I am working on the ethereal tar, I downloaded.Thank you very much, forgive me if I sound stupid. But I am very newto ethereal/wireshark.
--Neha> ___> Wireshark-dev mailing list> Wireshark-dev@wireshark.org>
http://www.wireshark.org/mailman/listinfo/wireshark-dev>--Thanks and Regards,Neha ChahalCell- 443 207 0414___Wireshark-dev mailing list
Wireshark-dev@wireshark.orghttp://www.wireshark.org/mailman/listinfo/wireshark-dev___
Wireshark-dev mailing listWireshark-dev@wireshark.orghttp://www.wireshark.org/mailman/listinfo/wireshark-dev
-- Thanks and Regards,Neha ChahalCell- 443 207 0414
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Questions about frame buffer
Hi I have a question about wth->frame_buffer. Does the plugin library (i.e the code that I am writing) have to initialize this buffer or is it done by wireshark internally. in what case will this buffer be empty. Currently my program is crashing becase the frame buffer is not initialized properly (looks like). I was refering to the snoop.c file and I didnot see anything bieng initialized there. Also the README.developer doesnot say anything about this frame_buffer or the wtap structure and if we have to open the file. I am not initializing any of these structures and I am not opening or closing any files. I am not able to understand what could be the problem. Please if someone could suggest something. -- Thanks and Regards, Neha Chahal Cell- 443 207 0414 ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Warnings in gtkvumeter.c
On Wed, Nov 08, 2006 at 04:59:56PM -0800, Stephen Fisher wrote: > On Wed, Nov 08, 2006 at 04:48:58PM -0800, Stephen Fisher wrote: > > > One way that you can fix the warning is by manually assigning numbers > > to the enumerated values in gtkvumeter.h: > > A cleaner fix would be to just reverse the parameter order: My bad, the macro wants the low first then the high. That probably won't work. Steve ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Warnings in gtkvumeter.c
On Wed, Nov 08, 2006 at 04:48:58PM -0800, Stephen Fisher wrote: > One way that you can fix the warning is by manually assigning numbers > to the enumerated values in gtkvumeter.h: A cleaner fix would be to just reverse the parameter order: CLAMP (scaling, GTK_VUMETER_SCALING_LINEAR, GTK_VUMETER_SCALING_LOG); becomes.. CLAMP (scaling, GTK_VUMETER_SCALING_LOG, GTK_VUMETER_SCALING_LINEAR); And the same for the other warning. Steve ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Warnings in gtkvumeter.c
On Wed, Nov 08, 2006 at 11:07:15PM +0100, Ulf Lamping wrote:
> Joerg Mayer wrote:
> > gtkvumeter.c:946: warning: comparison of unsigned expression < 0 is
> > always false
> >
> CLAMP is called with three variables of type GtkVUMeterScaling
> > gtkvumeter.c:1144: warning: comparison of unsigned expression < 0 is
> > always false
> >
> CLAMP is called with three variables of type GtkVUMeterPeakFalloff
>
> Both types are "typedef enum" so I don't understand these warnings.
Since an enum defines the first value 0 and the next 1, look at what the
CLAMP macro from Glib expands into:
Definition:
#define CLAMP(x, low, high) (((x) > (high)) ? (high) : (((x) < (low)) ?
(low) : (x)))
Our use:
vumeter->scaling = CLAMP (scaling, GTK_VUMETER_SCALING_LINEAR,
GTK_VUMETER_SCALING_LOG);
Which turns into:
((scaling) > (1)) ? (1) : (((scaling) < (0)) ? (0) : (scaling)))
An enum is by default "unsigned" since it starts at 0, the macro's check
of < 0 can never be true.
One way that you can fix the warning is by manually assigning numbers to
the enumerated values in gtkvumeter.h:
typedef enum {
GTK_VUMETER_SCALING_LINEAR=1,
GTK_VUMETER_SCALING_LOG=2
} GtkVUMeterScaling;
typedef enum {
GTK_VUMETER_PEAK_FALLOFF_SLOW=1,
GTK_VUMETER_PEAK_FALLOFF_MEDIUM=2,
GTK_VUMETER_PEAK_FALLOFF_FAST=3,
GTK_VUMETER_PEAK_FALLOFF_USER=4
} GtkVUMeterPeakFalloff;
It looks like CLAMP is being used here to just check if the value is
equal to one or the other (it can't be in between since the parameter x
is the same enum).
Steve
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Replace ntohl() with g_ntohl() -> automated check?
LEGO wrote: > what about #defining them so they trigger an error? > Although this would be a nice solution, I don't see a way to do this - it will conflict with the existing function declarations IMHO. I would be more than glad if we could do it that simple ... Regards, ULFL ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Enabling threads
Gerald Combs wrote: > That's correct. Checking for updates would be pretty easy if we could > connect to the server, issue a request, and feed the response to > read_prefs_file(). It'd be even easier if we could do so from a thread > instead of a separate process. > And probably less memory consuming :-) > > In regard to Ulf's comment about threads not working well with GTK+ 2.4, > it looks like that's still the case and won't change any time soon. The > threads section of the GDK reference on developer.gnome.org says: > > "Unfortunately the above holds with the X11 backend only. With the Win32 > backend, GDK calls should not be attempted from multiple threads at all." > > There's also a bug entry at > http://bugzilla.gnome.org/show_bug.cgi?id=60620 that's been marked > WONTFIX with the recommendation of using idle/timer callbacks instead of > threads for display code. > Are you already working on this? I had a look at the cygwin setup program, as they (depending on a user setting) use the internet access from Internet Explorer to load files from the internet. That has the great advantage that this is working well with a proxy, if the proxy settings of IE is set correct. I've also started to write a proposal how a file content could look like to update things - it needs some more polishing before I'll send it to this list (to reduce a lot of discussion by providing a clean proposal the first time). My thought was also to use the syntax of the preferences file :-) Regards, ULFL ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Core points to wtap_buf_ptr in wtap.c at line 556
Hi I am trying to test my code in the wiretap directory.When I run tethereal on my binary file it crashes randomly.The core points here--
Loaded symbols for /lib/libresolv.so.2#0 0x0038fbfd in wtap_buf_ptr (wth=0x9fd35c0) at wtap.c:556556 return buffer_start_ptr(wth->frame_buffer);(gdb) where#0 0x0038fbfd in wtap_buf_ptr (wth=0x9fd35c0) at
wtap.c:556#1 0x08061a23 in load_cap_file (cf=0x806de40, save_file=0x0, out_file_type=2) at tethereal.c:2115#2 0x080606af in main (argc=1, argv=0xbfff86e4) at tethereal.c:1424(gdb) p wth$1 = (wtap *) 0x9fd35c0
(gdb) p *wth$2 = {fh = 0x9fd0b10, fd = 4, random_fh = 0x0, file_type = 44, snapshot_length = 0, frame_buffer = 0xe3cc, phdr = {ts
= {secs = 285310101, nsecs = 279183626}, caplen = 19, len = 19,
pkt_encap = 0}, pseudo_header = {eth = { fcs_len
= 0}, x25 = {flags = 0 '\0'}, isdn = {uton = 0, channel = 0 '\0'}, atm
= {flags = 0, aal = 0 '\0', type
= 0 '\0', subtype = 0 '\0', vpi = 0, vci = 0, channel = 0, cells = 0,
aal5t_u2u = 0, aal5t_len = 0, aal5t_chksum
= 0}, ascend = {type = 0, user = '\0' , sess =
0, call_num = '\0' , chunk
= 0, task = 0}, p2p = {sent = 0}, ieee_802_11 = {fcs_len = 0, channel =
0 '\0', data_rate = 0 '\0', signal_level
= 0 '\0'}, cosine = {encap = 0 '\0', direction = 0 '\0', if_name = '\0'
, pro = 0, off
= 0, pri = 0, rm = 0, err = 0}, irda = {pkttype = 0}, nettl = {subsys =
0, devid = 0, kind = 0, pid = 0, uid
= 0}, mtp2 = {sent = 0 '\0', annex_a_used = 0 '\0', link_number = 0},
k12 = {input = 0, input_name = 0x0, stack_file
= 0x0, input_type = 0, input_info = {atm = {vp = 0, vc = 0, cid = 0},
ds0mask = 0}, stuff = 0x0}, lapd = { pkttype
= 0, we_network = 0 '\0'}}, data_offset = 0, capture = {pcap = 0x0,
lanalyzer = 0x0, ngsniffer = 0x0,iseries =
0x0, i4btrace = 0x0, nettl = 0x0, netmon = 0x0, netxray = 0x0, ascend =
0x0, csids = 0x0, etherpeek = 0x0,airopeek9 = 0x0, erf = 0x0, k12 = 0x0, generic = 0x0}, subtype_read = 0x38f688 , subtype_seek_read = 0x38f7c8 , subtype_sequential_close = 0, subtype_close = 0, file_encap = 0,
tsprecision = 6}(gdb) p *(wth->frame_buffer)Cannot access memory at address 0xe3cc(gdb) p (wth->frame_buffer)
$3 = (struct Buffer *) 0xe3cc(gdb)(gdb)--- Looks like a illegal memory access. Can some one please suggest what might be wrong.
Thanks and Regards,Neha ChahalCell- 443 207 0414
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Enabling threads
That's correct. Checking for updates would be pretty easy if we could connect to the server, issue a request, and feed the response to read_prefs_file(). It'd be even easier if we could do so from a thread instead of a separate process. In regard to Ulf's comment about threads not working well with GTK+ 2.4, it looks like that's still the case and won't change any time soon. The threads section of the GDK reference on developer.gnome.org says: "Unfortunately the above holds with the X11 backend only. With the Win32 backend, GDK calls should not be attempted from multiple threads at all." There's also a bug entry at http://bugzilla.gnome.org/show_bug.cgi?id=60620 that's been marked WONTFIX with the recommendation of using idle/timer callbacks instead of threads for display code. LEGO wrote: > However I believe that what Gerald is talking about is using threads > for asyncronously executing upgrades. > > I do not think that the very linking to the thread libraries causes > performance degradation. > > If on a single processor you must continiuously switch contexts > between the main thread and the redraw one that causes a significant > overhead. > > However, wouldn't be better just fork the upgrade agent? > > On 11/8/06, ronnie sahlberg <[EMAIL PROTECTED]> wrote: >> yes. >> >> we used to have 2 threads in the old ethereal for a short period. >> >> one thread for the main application and a second thread that was >> dedicated to only update/redraw teh statistics taps once every few >> seconds. >> >> this did cause a quite significant degradation in performance/speed of >> ethereal which is why it was removed :-( >> >> >> >> On 11/8/06, Ulf Lamping <[EMAIL PROTECTED]> wrote: >>> Gerald Combs wrote: Is there any reason threads shouldn't be enabled by default? It would make implementing the version checking and windows update features in the roadmap a bit easier and cleaner. >>> Sorry, but I don't really understand the relationship - can you explain >>> what you mean? >>> >>> When I remember correct, the threading support wasn't working well with >>> GTK2.4, but that might have changed since then. >>> >>> Regards, ULFL >>> ___ >>> Wireshark-dev mailing list >>> Wireshark-dev@wireshark.org >>> http://www.wireshark.org/mailman/listinfo/wireshark-dev >>> >> ___ >> Wireshark-dev mailing list >> Wireshark-dev@wireshark.org >> http://www.wireshark.org/mailman/listinfo/wireshark-dev >> > > ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Warnings in gtkvumeter.c
Hmmm, I don't understand both. Joerg Mayer wrote: > gtkvumeter.c:946: warning: comparison of unsigned expression < 0 is > always false > CLAMP is called with three variables of type GtkVUMeterScaling > gtkvumeter.c:1144: warning: comparison of unsigned expression < 0 is > always false > CLAMP is called with three variables of type GtkVUMeterPeakFalloff Both types are "typedef enum" so I don't understand these warnings. Any ideas? Regards, ULFL ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
The "cd.." will make epan would working directory. So it copies the mkstemp.c and strptime.c files from the root directory to the epan directory. (Odd but it does not copy the header file) I confimed this by deleting the files in epan, and the script copied them again. So, by deduction, it seems you are missing these files. They do not seem to be self-generated so you should find them in your C:\wireshark_source_00_99_4\ directory. They are in the SVN version sytem so you should have them. Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Trybis Sent: Wednesday, November 08, 2006 3:33 PM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? Bill, Here is what I got in the build output; cd .. ..\tools\lemon\lemon t=..\tools\lemon\lempar.c dtd_grammar.lemon flex -odtd_parse.c dtd_parse.l flex -odtd_preparse.c dtd_preparse.l flex radius_dict.l xcopy ..\mkstemp.c . /d xcopy ..\strptime.c . /d Can you confirm which directories the two files appear in on your system? Regards RT > -Original Message- > From: [EMAIL PROTECTED] [mailto:wireshark-dev- > [EMAIL PROTECTED] On Behalf Of Bill Florac > Sent: 08 November 2006 16:22 > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > I think you need to look further back into the nmake output. You should > see this: > -- > cd .. > ..\tools\lemon\lemon t=..\tools\lemon\lempar.c dtd_grammar.lemon > flex -odtd_parse.c dtd_parse.l > flex -odtd_preparse.c dtd_preparse.l > flex radius_dict.l > xcopy ..\mkstemp.c . /d > ..\mkstemp.c > 1 File(s) copied > xcopy ..\strptime.c . /d > ..\strptime.c > 1 File(s) copied > -- > It may give you a clue as to what is going wrong. You could just copy > the two file by hand... > > Bill > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Robert Trybis > Sent: Wednesday, November 08, 2006 10:10 AM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > I have got the path correct for XCOPY, I get "invalid number of > parameters" if I run it from the command line. > > Could I move mkstemp.c and strptime.c , by hand - where should I put > them? > I feel I am very close to getting this working. > > Regards > RT > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:wireshark-dev- > > [EMAIL PROTECTED] On Behalf Of Lars Ruoff > > Sent: 08 November 2006 15:15 > > To: Developer support list for Wireshark > > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > > > is xcopy in the PATH? > > On the command line type xcopy. > > The PATH to add on WinXP might be C:\WINNT\system32\ instead of > > C:\Windows\system32\ > > > > Lars > > > > Robert Trybis wrote: > > > I am in C:\Program Files\wireshark which is where I installed the > > > sources using SVN and I am using the commands you mentioned; > > > nmake -f Makefile.nmake distclean > > > nmake -f Makefile.nmake all > > > > > > The files mkstemp.c and strptime.c both exist in C:\Program > > > Files\Wireshark > > > > > > Regards > > > RT > > > > > >> -Original Message- > > >> From: [EMAIL PROTECTED] [mailto:wireshark-dev- > > >> [EMAIL PROTECTED] On Behalf Of Ulf Lamping > > >> Sent: 08 November 2006 13:47 > > >> To: Developer support list for Wireshark > > >> Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > >> > > >> Robert Trybis wrote: > > >>> I have tried again after deleting the wireshark directory and > > > getting a > > >>> clean copy of 00.99.4. Under XP the build ends prematurely with > the > > >>> lines given below. > > >>> > > >>> > > >> Both files should be copied by epan\Makefile.nmake: > > >> > > >> mkstemp.c: ..\mkstemp.c > > >> xcopy ..\mkstemp.c . /d > > >> > > >> I don't know what's going wrong here. > > >> > > >> What commands do you use? > > >> > > >> It should be enough to call the following in the *sources root > dir*: > > >> > > >> nmake -f Makefile.nmake distclean nmake -f Makefile.nmake all> > > > >> Any ideas why these files appear to > be > > > missing and how to work round it? > > >>> I did not go through the process of doing the automated library > > > download > > >>> again, but presumably I should not have to do that? > > >>> > > >> No, that won't help. > > >>> Regards > > >>> RT > > >>> > > >>> Generating Code... > > >>> Compiling... > > >>> tap.c > > >>> tap.c(284) : warning C4090: 'return' : different 'const' > qualifiers > > >>> tcap-persistentdata.c > > >>> tcap-persistentdata.c(988) : warning C4101: 'ti' : unreferenced > > > local > > >>> variable > > >>> timestamp.c > > >>> to_s
Re: [Wireshark-dev] Release 00.99.4 missing file?
Bill, Here is what I got in the build output; cd .. ..\tools\lemon\lemon t=..\tools\lemon\lempar.c dtd_grammar.lemon flex -odtd_parse.c dtd_parse.l flex -odtd_preparse.c dtd_preparse.l flex radius_dict.l xcopy ..\mkstemp.c . /d xcopy ..\strptime.c . /d Can you confirm which directories the two files appear in on your system? Regards RT > -Original Message- > From: [EMAIL PROTECTED] [mailto:wireshark-dev- > [EMAIL PROTECTED] On Behalf Of Bill Florac > Sent: 08 November 2006 16:22 > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > I think you need to look further back into the nmake output. You should > see this: > -- > cd .. > ..\tools\lemon\lemon t=..\tools\lemon\lempar.c dtd_grammar.lemon > flex -odtd_parse.c dtd_parse.l > flex -odtd_preparse.c dtd_preparse.l > flex radius_dict.l > xcopy ..\mkstemp.c . /d > ..\mkstemp.c > 1 File(s) copied > xcopy ..\strptime.c . /d > ..\strptime.c > 1 File(s) copied > -- > It may give you a clue as to what is going wrong. You could just copy > the two file by hand... > > Bill > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Robert Trybis > Sent: Wednesday, November 08, 2006 10:10 AM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > I have got the path correct for XCOPY, I get "invalid number of > parameters" if I run it from the command line. > > Could I move mkstemp.c and strptime.c , by hand - where should I put > them? > I feel I am very close to getting this working. > > Regards > RT > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:wireshark-dev- > > [EMAIL PROTECTED] On Behalf Of Lars Ruoff > > Sent: 08 November 2006 15:15 > > To: Developer support list for Wireshark > > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > > > is xcopy in the PATH? > > On the command line type xcopy. > > The PATH to add on WinXP might be C:\WINNT\system32\ instead of > > C:\Windows\system32\ > > > > Lars > > > > Robert Trybis wrote: > > > I am in C:\Program Files\wireshark which is where I installed the > > > sources using SVN and I am using the commands you mentioned; > > > nmake -f Makefile.nmake distclean > > > nmake -f Makefile.nmake all > > > > > > The files mkstemp.c and strptime.c both exist in C:\Program > > > Files\Wireshark > > > > > > Regards > > > RT > > > > > >> -Original Message- > > >> From: [EMAIL PROTECTED] [mailto:wireshark-dev- > > >> [EMAIL PROTECTED] On Behalf Of Ulf Lamping > > >> Sent: 08 November 2006 13:47 > > >> To: Developer support list for Wireshark > > >> Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > >> > > >> Robert Trybis wrote: > > >>> I have tried again after deleting the wireshark directory and > > > getting a > > >>> clean copy of 00.99.4. Under XP the build ends prematurely with > the > > >>> lines given below. > > >>> > > >>> > > >> Both files should be copied by epan\Makefile.nmake: > > >> > > >> mkstemp.c: ..\mkstemp.c > > >> xcopy ..\mkstemp.c . /d > > >> > > >> I don't know what's going wrong here. > > >> > > >> What commands do you use? > > >> > > >> It should be enough to call the following in the *sources root > dir*: > > >> > > >> nmake -f Makefile.nmake distclean > > >> nmake -f Makefile.nmake all> > Any ideas why these files appear to > be > > > missing and how to work round it? > > >>> I did not go through the process of doing the automated library > > > download > > >>> again, but presumably I should not have to do that? > > >>> > > >> No, that won't help. > > >>> Regards > > >>> RT > > >>> > > >>> Generating Code... > > >>> Compiling... > > >>> tap.c > > >>> tap.c(284) : warning C4090: 'return' : different 'const' > qualifiers > > >>> tcap-persistentdata.c > > >>> tcap-persistentdata.c(988) : warning C4101: 'ti' : unreferenced > > > local > > >>> variable > > >>> timestamp.c > > >>> to_str.c > > >>> tvbparse.c > > >>> tvbuff.c > > >>> unicode-utils.c > > >>> value_string.c > > >>> xdlc.c > > >>> xmlstub.c > > >>> inet_aton.c > > >>> inet_pton.c > > >>> inet_ntop.c > > >>> mkstemp.c > > >>> fatal error C1083: Cannot open source file: 'mkstemp.c ': No such > > > file or > > >>> directory > > >>> strptime.c > > >>> fatal error C1083: Cannot open source file: 'strptime.c': No such > > > file > > >>> or directory > > >>> Generating Code... > > >>> NMAKE : fatal error U1077: 'cl' : return code '0x2' > > >>> Stop. > > >>> NMAKE : fatal error U1077: > 'C:\PROGRA~1\MICROS~4\VC98\BIN\NMAKE.EXE' > > > : > > >>> return code '0x2' > > >>> Stop. > > >>> ___ > > >>> Wireshark-dev mailing list > > >>> Wireshark-
Re: [Wireshark-dev] Release 00.99.4 missing file?
Hi, I copied what seems to have been done in the binary distribution. Anyway just to check things I moved everything to C:\wireshark_source_00_99_4(no spaces in path) and tried another build, but I got exactly the same result with mkstemp.c strptime.c not being found. Regards RT > -Original Message- > From: [EMAIL PROTECTED] [mailto:wireshark-dev- > [EMAIL PROTECTED] On Behalf Of Jaap Keuter > Sent: 08 November 2006 16:48 > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > Hi, > > It's only now that I see it > > > Robert Trybis wrote: > > > I am in C:\Program Files\wireshark which is where I installed the > > > sources using SVN and I am using the commands you mentioned; > > You've actually put the sources where the installation is going to be? > For one that is considered poor style and could explaing wierd behaviour. > My advice is to put the source code in it's own directory, eg > C:\Source\Wireshark (note the lack of space characters!) and build from > there. A text execution is created by the build, while the NSIS installer > will default to C:\Program Files\Wireshark. > > Thanx, > Jaap > > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Enabling threads
However I believe that what Gerald is talking about is using threads for asyncronously executing upgrades. I do not think that the very linking to the thread libraries causes performance degradation. If on a single processor you must continiuously switch contexts between the main thread and the redraw one that causes a significant overhead. However, wouldn't be better just fork the upgrade agent? On 11/8/06, ronnie sahlberg <[EMAIL PROTECTED]> wrote: > yes. > > we used to have 2 threads in the old ethereal for a short period. > > one thread for the main application and a second thread that was > dedicated to only update/redraw teh statistics taps once every few > seconds. > > this did cause a quite significant degradation in performance/speed of > ethereal which is why it was removed :-( > > > > On 11/8/06, Ulf Lamping <[EMAIL PROTECTED]> wrote: > > Gerald Combs wrote: > > > Is there any reason threads shouldn't be enabled by default? It would > > > make implementing the version checking and windows update features in > > > the roadmap a bit easier and cleaner. > > > > > Sorry, but I don't really understand the relationship - can you explain > > what you mean? > > > > When I remember correct, the threading support wasn't working well with > > GTK2.4, but that might have changed since then. > > > > Regards, ULFL > > ___ > > Wireshark-dev mailing list > > Wireshark-dev@wireshark.org > > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev > -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Enabling threads
yes. we used to have 2 threads in the old ethereal for a short period. one thread for the main application and a second thread that was dedicated to only update/redraw teh statistics taps once every few seconds. this did cause a quite significant degradation in performance/speed of ethereal which is why it was removed :-( On 11/8/06, Ulf Lamping <[EMAIL PROTECTED]> wrote: > Gerald Combs wrote: > > Is there any reason threads shouldn't be enabled by default? It would > > make implementing the version checking and windows update features in > > the roadmap a bit easier and cleaner. > > > Sorry, but I don't really understand the relationship - can you explain > what you mean? > > When I remember correct, the threading support wasn't working well with > GTK2.4, but that might have changed since then. > > Regards, ULFL > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev > ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
Hi, It's only now that I see it > Robert Trybis wrote: > > I am in C:\Program Files\wireshark which is where I installed the > > sources using SVN and I am using the commands you mentioned; You've actually put the sources where the installation is going to be? For one that is considered poor style and could explaing wierd behaviour. My advice is to put the source code in it's own directory, eg C:\Source\Wireshark (note the lack of space characters!) and build from there. A text execution is created by the build, while the NSIS installer will default to C:\Program Files\Wireshark. Thanx, Jaap ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
I think you need to look further back into the nmake output. You should see this: -- cd .. ..\tools\lemon\lemon t=..\tools\lemon\lempar.c dtd_grammar.lemon flex -odtd_parse.c dtd_parse.l flex -odtd_preparse.c dtd_preparse.l flex radius_dict.l xcopy ..\mkstemp.c . /d ..\mkstemp.c 1 File(s) copied xcopy ..\strptime.c . /d ..\strptime.c 1 File(s) copied -- It may give you a clue as to what is going wrong. You could just copy the two file by hand... Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Trybis Sent: Wednesday, November 08, 2006 10:10 AM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? I have got the path correct for XCOPY, I get "invalid number of parameters" if I run it from the command line. Could I move mkstemp.c and strptime.c , by hand - where should I put them? I feel I am very close to getting this working. Regards RT > -Original Message- > From: [EMAIL PROTECTED] [mailto:wireshark-dev- > [EMAIL PROTECTED] On Behalf Of Lars Ruoff > Sent: 08 November 2006 15:15 > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > is xcopy in the PATH? > On the command line type xcopy. > The PATH to add on WinXP might be C:\WINNT\system32\ instead of > C:\Windows\system32\ > > Lars > > Robert Trybis wrote: > > I am in C:\Program Files\wireshark which is where I installed the > > sources using SVN and I am using the commands you mentioned; > > nmake -f Makefile.nmake distclean > > nmake -f Makefile.nmake all > > > > The files mkstemp.c and strptime.c both exist in C:\Program > > Files\Wireshark > > > > Regards > > RT > > > >> -Original Message- > >> From: [EMAIL PROTECTED] [mailto:wireshark-dev- > >> [EMAIL PROTECTED] On Behalf Of Ulf Lamping > >> Sent: 08 November 2006 13:47 > >> To: Developer support list for Wireshark > >> Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > >> > >> Robert Trybis wrote: > >>> I have tried again after deleting the wireshark directory and > > getting a > >>> clean copy of 00.99.4. Under XP the build ends prematurely with the > >>> lines given below. > >>> > >>> > >> Both files should be copied by epan\Makefile.nmake: > >> > >> mkstemp.c: ..\mkstemp.c > >> xcopy ..\mkstemp.c . /d > >> > >> I don't know what's going wrong here. > >> > >> What commands do you use? > >> > >> It should be enough to call the following in the *sources root dir*: > >> > >> nmake -f Makefile.nmake distclean > >> nmake -f Makefile.nmake all> > Any ideas why these files appear to be > > missing and how to work round it? > >>> I did not go through the process of doing the automated library > > download > >>> again, but presumably I should not have to do that? > >>> > >> No, that won't help. > >>> Regards > >>> RT > >>> > >>> Generating Code... > >>> Compiling... > >>> tap.c > >>> tap.c(284) : warning C4090: 'return' : different 'const' qualifiers > >>> tcap-persistentdata.c > >>> tcap-persistentdata.c(988) : warning C4101: 'ti' : unreferenced > > local > >>> variable > >>> timestamp.c > >>> to_str.c > >>> tvbparse.c > >>> tvbuff.c > >>> unicode-utils.c > >>> value_string.c > >>> xdlc.c > >>> xmlstub.c > >>> inet_aton.c > >>> inet_pton.c > >>> inet_ntop.c > >>> mkstemp.c > >>> fatal error C1083: Cannot open source file: 'mkstemp.c ': No such > > file or > >>> directory > >>> strptime.c > >>> fatal error C1083: Cannot open source file: 'strptime.c': No such > > file > >>> or directory > >>> Generating Code... > >>> NMAKE : fatal error U1077: 'cl' : return code '0x2' > >>> Stop. > >>> NMAKE : fatal error U1077: 'C:\PROGRA~1\MICROS~4\VC98\BIN\NMAKE.EXE' > > : > >>> return code '0x2' > >>> Stop. > >>> ___ > >>> Wireshark-dev mailing list > >>> Wireshark-dev@wireshark.org > >>> http://www.wireshark.org/mailman/listinfo/wireshark-dev > >>> > >> ___ > >> Wireshark-dev mailing list > >> Wireshark-dev@wireshark.org > >> http://www.wireshark.org/mailman/listinfo/wireshark-dev > > ___ > > Wireshark-dev mailing list > > Wireshark-dev@wireshark.org > > http://www.wireshark.org/mailman/listinfo/wireshark-dev > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
I have got the path correct for XCOPY, I get "invalid number of parameters" if I run it from the command line. Could I move mkstemp.c and strptime.c , by hand - where should I put them? I feel I am very close to getting this working. Regards RT > -Original Message- > From: [EMAIL PROTECTED] [mailto:wireshark-dev- > [EMAIL PROTECTED] On Behalf Of Lars Ruoff > Sent: 08 November 2006 15:15 > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > is xcopy in the PATH? > On the command line type xcopy. > The PATH to add on WinXP might be C:\WINNT\system32\ instead of > C:\Windows\system32\ > > Lars > > Robert Trybis wrote: > > I am in C:\Program Files\wireshark which is where I installed the > > sources using SVN and I am using the commands you mentioned; > > nmake -f Makefile.nmake distclean > > nmake -f Makefile.nmake all > > > > The files mkstemp.c and strptime.c both exist in C:\Program > > Files\Wireshark > > > > Regards > > RT > > > >> -Original Message- > >> From: [EMAIL PROTECTED] [mailto:wireshark-dev- > >> [EMAIL PROTECTED] On Behalf Of Ulf Lamping > >> Sent: 08 November 2006 13:47 > >> To: Developer support list for Wireshark > >> Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > >> > >> Robert Trybis wrote: > >>> I have tried again after deleting the wireshark directory and > > getting a > >>> clean copy of 00.99.4. Under XP the build ends prematurely with the > >>> lines given below. > >>> > >>> > >> Both files should be copied by epan\Makefile.nmake: > >> > >> mkstemp.c: ..\mkstemp.c > >> xcopy ..\mkstemp.c . /d > >> > >> I don't know what's going wrong here. > >> > >> What commands do you use? > >> > >> It should be enough to call the following in the *sources root dir*: > >> > >> nmake -f Makefile.nmake distclean > >> nmake -f Makefile.nmake all> > Any ideas why these files appear to be > > missing and how to work round it? > >>> I did not go through the process of doing the automated library > > download > >>> again, but presumably I should not have to do that? > >>> > >> No, that won't help. > >>> Regards > >>> RT > >>> > >>> Generating Code... > >>> Compiling... > >>> tap.c > >>> tap.c(284) : warning C4090: 'return' : different 'const' qualifiers > >>> tcap-persistentdata.c > >>> tcap-persistentdata.c(988) : warning C4101: 'ti' : unreferenced > > local > >>> variable > >>> timestamp.c > >>> to_str.c > >>> tvbparse.c > >>> tvbuff.c > >>> unicode-utils.c > >>> value_string.c > >>> xdlc.c > >>> xmlstub.c > >>> inet_aton.c > >>> inet_pton.c > >>> inet_ntop.c > >>> mkstemp.c > >>> fatal error C1083: Cannot open source file: 'mkstemp.c ': No such > > file or > >>> directory > >>> strptime.c > >>> fatal error C1083: Cannot open source file: 'strptime.c': No such > > file > >>> or directory > >>> Generating Code... > >>> NMAKE : fatal error U1077: 'cl' : return code '0x2' > >>> Stop. > >>> NMAKE : fatal error U1077: 'C:\PROGRA~1\MICROS~4\VC98\BIN\NMAKE.EXE' > > : > >>> return code '0x2' > >>> Stop. > >>> ___ > >>> Wireshark-dev mailing list > >>> Wireshark-dev@wireshark.org > >>> http://www.wireshark.org/mailman/listinfo/wireshark-dev > >>> > >> ___ > >> Wireshark-dev mailing list > >> Wireshark-dev@wireshark.org > >> http://www.wireshark.org/mailman/listinfo/wireshark-dev > > ___ > > Wireshark-dev mailing list > > Wireshark-dev@wireshark.org > > http://www.wireshark.org/mailman/listinfo/wireshark-dev > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
is xcopy in the PATH? On the command line type xcopy. The PATH to add on WinXP might be C:\WINNT\system32\ instead of C:\Windows\system32\ Lars Robert Trybis wrote: > I am in C:\Program Files\wireshark which is where I installed the > sources using SVN and I am using the commands you mentioned; > nmake -f Makefile.nmake distclean > nmake -f Makefile.nmake all > > The files mkstemp.c and strptime.c both exist in C:\Program > Files\Wireshark > > Regards > RT > >> -Original Message- >> From: [EMAIL PROTECTED] [mailto:wireshark-dev- >> [EMAIL PROTECTED] On Behalf Of Ulf Lamping >> Sent: 08 November 2006 13:47 >> To: Developer support list for Wireshark >> Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? >> >> Robert Trybis wrote: >>> I have tried again after deleting the wireshark directory and > getting a >>> clean copy of 00.99.4. Under XP the build ends prematurely with the >>> lines given below. >>> >>> >> Both files should be copied by epan\Makefile.nmake: >> >> mkstemp.c: ..\mkstemp.c >> xcopy ..\mkstemp.c . /d >> >> I don't know what's going wrong here. >> >> What commands do you use? >> >> It should be enough to call the following in the *sources root dir*: >> >> nmake -f Makefile.nmake distclean >> nmake -f Makefile.nmake all> > Any ideas why these files appear to be > missing and how to work round it? >>> I did not go through the process of doing the automated library > download >>> again, but presumably I should not have to do that? >>> >> No, that won't help. >>> Regards >>> RT >>> >>> Generating Code... >>> Compiling... >>> tap.c >>> tap.c(284) : warning C4090: 'return' : different 'const' qualifiers >>> tcap-persistentdata.c >>> tcap-persistentdata.c(988) : warning C4101: 'ti' : unreferenced > local >>> variable >>> timestamp.c >>> to_str.c >>> tvbparse.c >>> tvbuff.c >>> unicode-utils.c >>> value_string.c >>> xdlc.c >>> xmlstub.c >>> inet_aton.c >>> inet_pton.c >>> inet_ntop.c >>> mkstemp.c >>> fatal error C1083: Cannot open source file: 'mkstemp.c ': No such > file or >>> directory >>> strptime.c >>> fatal error C1083: Cannot open source file: 'strptime.c': No such > file >>> or directory >>> Generating Code... >>> NMAKE : fatal error U1077: 'cl' : return code '0x2' >>> Stop. >>> NMAKE : fatal error U1077: 'C:\PROGRA~1\MICROS~4\VC98\BIN\NMAKE.EXE' > : >>> return code '0x2' >>> Stop. >>> ___ >>> Wireshark-dev mailing list >>> Wireshark-dev@wireshark.org >>> http://www.wireshark.org/mailman/listinfo/wireshark-dev >>> >> ___ >> Wireshark-dev mailing list >> Wireshark-dev@wireshark.org >> http://www.wireshark.org/mailman/listinfo/wireshark-dev > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] The builbot is "deeply red" seem to be caused by h248 changes
On Wed, Nov 08, 2006 at 02:52:16PM +0100, Ulf Lamping wrote: > Someone may have a look? Looks like some function had a forward declaration that was incompatible with the later generated function (the forward declaration wasn't declared static, the autogenerated function was). ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
I am in C:\Program Files\wireshark which is where I installed the sources using SVN and I am using the commands you mentioned; nmake -f Makefile.nmake distclean nmake -f Makefile.nmake all The files mkstemp.c and strptime.c both exist in C:\Program Files\Wireshark Regards RT > -Original Message- > From: [EMAIL PROTECTED] [mailto:wireshark-dev- > [EMAIL PROTECTED] On Behalf Of Ulf Lamping > Sent: 08 November 2006 13:47 > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > Robert Trybis wrote: > > I have tried again after deleting the wireshark directory and getting a > > clean copy of 00.99.4. Under XP the build ends prematurely with the > > lines given below. > > > > > Both files should be copied by epan\Makefile.nmake: > > mkstemp.c: ..\mkstemp.c > xcopy ..\mkstemp.c . /d > > I don't know what's going wrong here. > > What commands do you use? > > It should be enough to call the following in the *sources root dir*: > > nmake -f Makefile.nmake distclean > nmake -f Makefile.nmake all> > Any ideas why these files appear to be missing and how to work round it? > > I did not go through the process of doing the automated library download > > again, but presumably I should not have to do that? > > > No, that won't help. > > Regards > > RT > > > > Generating Code... > > Compiling... > > tap.c > > tap.c(284) : warning C4090: 'return' : different 'const' qualifiers > > tcap-persistentdata.c > > tcap-persistentdata.c(988) : warning C4101: 'ti' : unreferenced local > > variable > > timestamp.c > > to_str.c > > tvbparse.c > > tvbuff.c > > unicode-utils.c > > value_string.c > > xdlc.c > > xmlstub.c > > inet_aton.c > > inet_pton.c > > inet_ntop.c > > mkstemp.c > > fatal error C1083: Cannot open source file: 'mkstemp.c ': No such file or > > directory > > strptime.c > > fatal error C1083: Cannot open source file: 'strptime.c': No such file > > or directory > > Generating Code... > > NMAKE : fatal error U1077: 'cl' : return code '0x2' > > Stop. > > NMAKE : fatal error U1077: 'C:\PROGRA~1\MICROS~4\VC98\BIN\NMAKE.EXE' : > > return code '0x2' > > Stop. > > ___ > > Wireshark-dev mailing list > > Wireshark-dev@wireshark.org > > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > > > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [PATCH] dccp: support for variable-length checksums
This patch adds support for correct computation of
variable length DCCP checksums as specified in
RFC 4340, section 9.
Previously wireshark was unable to compute these
checksums, only full-coverage checksums could be
validated.
This patch
* makes checksum computation dependent
upon the header CsCov field (cf. RFC 4340, 5.1)
* removes the case where checksums are zero
(unlike UDP/packet-udp, from which the code stems,
zero checksums are illegal in DCCP (as in TCP))
* fixes a minor typo - missing bitshift of the
CCVal field
The patch has been tested against latest automatic build,
correctness of checksum computation
has been manually validated; sample traces can be supplied.
I would like to see this merged, in particular since a
Linux kernel patch for DCCP partial checksums already exists.
Thanks,
Gerrit Renker
---
packet-dcp.c | 23 +++
1 file changed, 15 insertions(+), 8 deletions(-)
--- wireshark-0.99.4-SVN-19738/epan/dissectors/packet-dcp.c.orig 2006-10-30 14:52:53.0 +
+++ wireshark-0.99.4-SVN-19738/epan/dissectors/packet-dcp.c 2006-10-30 14:53:02.0 +
@@ -541,6 +541,16 @@
} /* end while() */
}
+/* compute DCCP checksum coverage according to RFC 4340, section 9 */
+static inline guint dccp_csum_coverage(const e_dcphdr *dcph, guint len)
+{
+ guint cov;
+
+ if (dcph->cscov == 0)
+ return len;
+ cov = (dcph->data_offset + dcph->cscov - 1) * sizeof(guint32);
+ return (cov > len)? len : cov;
+}
static void dissect_dcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
@@ -595,7 +605,8 @@
/* DBG("dcph->data_offset: %d\n", dcph->data_offset); */
dcph->cscov=tvb_get_guint8(tvb, offset+5)&0x0F;
/* DBG("dcph->cscov: %d\n", dcph->cscov); */
- dcph->ccval=tvb_get_guint8(tvb, offset+5)&0xF0;
+ dcph->ccval=tvb_get_guint8(tvb, offset+5) &0xF0;
+ dcph->ccval >>= 4;
/* DBG("dcph->ccval: %d\n", dcph->ccval); */
dcph->checksum=tvb_get_ntohs(tvb, offset+6);
/* DBG("dcph->checksum: %d\n", dcph->checksum); */
@@ -662,15 +673,11 @@
proto_tree_add_uint(dcp_tree, hf_dcp_ccval, tvb, offset + 5, 1, dcph->ccval);
proto_tree_add_uint(dcp_tree, hf_dcp_cscov, tvb, offset + 5, 1, dcph->cscov);
- /* checksum analisys taken from packet-udp */
+ /* checksum analysis taken from packet-udp (difference: mandatory checksums in DCCP) */
reported_len = tvb_reported_length(tvb);
len = tvb_length(tvb);
- if (dcph->checksum == 0) {
- /* No checksum supplied in the packet */
- proto_tree_add_uint_format_value(dcp_tree, hf_dcp_checksum, tvb,
- offset + 6, 2, dcph->checksum, "0x%04x (none)", dcph->checksum);
- } else if (!pinfo->fragmented && len >= reported_len) {
+ if (!pinfo->fragmented && len >= reported_len) {
/* The packet isn't part of a fragmented datagram and isn't
truncated, so we can checksum it.
@@ -703,7 +710,7 @@
break;
}
cksum_vec[3].ptr = tvb_get_ptr(tvb, offset, len);
-cksum_vec[3].len = reported_len;
+cksum_vec[3].len = dccp_csum_coverage(dcph, reported_len);
computed_cksum = in_cksum(&cksum_vec[0], 4);
if (computed_cksum == 0) {
proto_tree_add_uint_format_value(dcp_tree, hf_dcp_checksum, tvb,
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] The builbot is "deeply red" seem to be caused by h248 changes
Hi List! Someone may have a look? Regards, ULFL ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
Robert Trybis wrote: > I have tried again after deleting the wireshark directory and getting a > clean copy of 00.99.4. Under XP the build ends prematurely with the > lines given below. > > Both files should be copied by epan\Makefile.nmake: mkstemp.c: ..\mkstemp.c xcopy ..\mkstemp.c . /d I don't know what's going wrong here. What commands do you use? It should be enough to call the following in the *sources root dir*: nmake -f Makefile.nmake distclean nmake -f Makefile.nmake all > Any ideas why these files appear to be missing and how to work round it? > I did not go through the process of doing the automated library download > again, but presumably I should not have to do that? > No, that won't help. > Regards > RT > > Generating Code... > Compiling... > tap.c > tap.c(284) : warning C4090: 'return' : different 'const' qualifiers > tcap-persistentdata.c > tcap-persistentdata.c(988) : warning C4101: 'ti' : unreferenced local > variable > timestamp.c > to_str.c > tvbparse.c > tvbuff.c > unicode-utils.c > value_string.c > xdlc.c > xmlstub.c > inet_aton.c > inet_pton.c > inet_ntop.c > mkstemp.c > fatal error C1083: Cannot open source file: 'mkstemp.c': No such file or > directory > strptime.c > fatal error C1083: Cannot open source file: 'strptime.c': No such file > or directory > Generating Code... > NMAKE : fatal error U1077: 'cl' : return code '0x2' > Stop. > NMAKE : fatal error U1077: 'C:\PROGRA~1\MICROS~4\VC98\BIN\NMAKE.EXE' : > return code '0x2' > Stop. > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev > ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [Patch] Fix for bug #1163: "Dissector bug. ISO8073COTP protocol."
Steve,
> > This patch (r19733) breaks the dissection of X.400 and X.500
> > protocols, and probably other things besides. I think that the
> > heuristic is incorrect.
>
> Oops, sorry about that. Do you know where I can get a copy of the
> standard so I can fix the heuristic in a better way?
No problem. I'll see what I can find but ...
... I suspect the issue is in the COTP dissector and that it shouldn't
be calling the Session dissector on COTP user data.
Look at ositp_decode_DT() in packet-clnp.c. It tries a heuristic
dissector list ("cotp_is") for inactive subset and if that fails uses
session. I'm not sure what protocol is being run on top of COTP but I
suspect it either isn't registered on the "copt_is" list or is not
successfully recognising the protocol.
Also, there seems to be an issue with inactive subset and COTP
reassembly there too - it calls the subdissector on each fragment as
well as the reassembled whole. However, I'm not very clear how
inactive subset is supposed to work!
Hope this helps. Let me know if I can help out any further with this issue.
Graeme
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
I have tried again after deleting the wireshark directory and getting a clean copy of 00.99.4. Under XP the build ends prematurely with the lines given below. Any ideas why these files appear to be missing and how to work round it? I did not go through the process of doing the automated library download again, but presumably I should not have to do that? Regards RT Generating Code... Compiling... tap.c tap.c(284) : warning C4090: 'return' : different 'const' qualifiers tcap-persistentdata.c tcap-persistentdata.c(988) : warning C4101: 'ti' : unreferenced local variable timestamp.c to_str.c tvbparse.c tvbuff.c unicode-utils.c value_string.c xdlc.c xmlstub.c inet_aton.c inet_pton.c inet_ntop.c mkstemp.c fatal error C1083: Cannot open source file: 'mkstemp.c': No such file or directory strptime.c fatal error C1083: Cannot open source file: 'strptime.c': No such file or directory Generating Code... NMAKE : fatal error U1077: 'cl' : return code '0x2' Stop. NMAKE : fatal error U1077: 'C:\PROGRA~1\MICROS~4\VC98\BIN\NMAKE.EXE' : return code '0x2' Stop. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Questions about dev
On Wed, Nov 08, 2006 at 09:52:26AM +0100, Jaap Keuter wrote: > I'm all for that. I personally don't like extending Wireshark into the > realm of trace file analyser. Actually adding new file formats is quite ok, as long as there is some "real use" for it for more than just a handful of users. Also, of course, some sample traces and protocols captured must be available. ciao Joerg ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Question about Wireshark´s repor ts
Hi everyone, I have a question, I´ve being told that wireshark has an option that shows the Quality of Sevice of each call, but not in the RTP Stream´s Window. I mean, somewhere in a protocol´s data or protocol´s header. My problem is that I´m doing my measures in a specific point of the trace of the call, but maybe is not the specific path for the RTP packets, I mean, sometimes in a wireshark capture I can see the signaling of a call (using H.225 for example) but I don´t see the info of the RTP packets for that specific call. (when I´m using SIP I can see both). Therefore if its true that somewhere else I can find the info for QoS of the call different from the RTP Streams it would be great! Thanks for your time, Looking forward for any help, Andreina ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Enabling threads
Gerald Combs wrote: > Is there any reason threads shouldn't be enabled by default? It would > make implementing the version checking and windows update features in > the roadmap a bit easier and cleaner. > Sorry, but I don't really understand the relationship - can you explain what you mean? When I remember correct, the threading support wasn't working well with GTK2.4, but that might have changed since then. Regards, ULFL ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
Robert Trybis wrote: > > >>> Can anybody tell me how to undo everything that has been done by >>> Nmake -f Makefile.nmake all >>> ? >>> >>> >> Go back to the beginning, like so >> nmake -f Makefile.nmake distclean >> then build again >> nmake -f Makefile.nmake all >> > > I did the clean as above then tried to build again it failed :-( > The build looked like it was going well, the output reached 1215 lines, > below are the final ones. > > Still searching for the output ... Without the error output it will be extremely hard to find solution :-) > Could the clean have removed some files it should not? > I am going to start from scratch by downloading a new copy. > No. I'm doing a distclean maybe twice a week. Regards, ULFL ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
Missing bits; tvbparse.c tvbuff.c unicode-utils.c value_string.c xdlc.c xmlstub.c inet_aton.c inet_pton.c inet_ntop.c mkstemp.c fatal error C1083: Cannot open source file: 'mkstemp.c': No such file or directory strptime.c fatal error C1083: Cannot open source file: 'strptime.c': No such file or directory Generating Code... NMAKE : fatal error U1077: 'cl' : return code '0x2' Stop. NMAKE : fatal error U1077: 'C:\PROGRA~1\MICROS~4\VC98\BIN\NMAKE.EXE' : return code '0x2' Stop. > -Original Message- > From: [EMAIL PROTECTED] [mailto:wireshark-dev- > [EMAIL PROTECTED] On Behalf Of Robert Trybis > Sent: 08 November 2006 12:06 > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > > > > Can anybody tell me how to undo everything that has been done by > > > Nmake -f Makefile.nmake all > > > ? > > > > > > > Go back to the beginning, like so > > nmake -f Makefile.nmake distclean > > then build again > > nmake -f Makefile.nmake all > > I did the clean as above then tried to build again it failed :-( > The build looked like it was going well, the output reached 1215 lines, > below are the final ones. > > Could the clean have removed some files it should not? > I am going to start from scratch by downloading a new copy. > > Regards > RT > > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
> > Can anybody tell me how to undo everything that has been done by > > Nmake -f Makefile.nmake all > > ? > > > > Go back to the beginning, like so > nmake -f Makefile.nmake distclean > then build again > nmake -f Makefile.nmake all I did the clean as above then tried to build again it failed :-( The build looked like it was going well, the output reached 1215 lines, below are the final ones. Could the clean have removed some files it should not? I am going to start from scratch by downloading a new copy. Regards RT ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
On Wed, 8 Nov 2006, Robert Trybis wrote: > Hello, > > Peter hit the nail on the head, it's the Windows PATH variable. > The cygwin installation does not set an environment variable to allow > python to be found. Also all the stuff that accumulates in the PATH > environment variable can confuse things, though I don't think the length > is important. > > As Peter suggested the solution is not to use the default environment > PATH but to make a clean PATH variable with the minimum information > required for the build. > > You can do this in your command window with; > > PATH=C:\windows\system32\;C:\cygwin\bin\; > > C:\Program Files\Microsoft Visual Studio\VC98\Bin\VCVARS32.BAT > > You need the path to C:\windows\system32\ or the build will give errors > about XCOPY and possibly other things not being found. The path to > C:\cygwin\bin\ finds python avoiding the error "ENV: PYTHON: No such > file or directory" error. The batch file adds the paths required by > Microsoft Visual Studio 6. > > The resulting path is; > > PATH=C:\PROGRA~1\MICROS~4\Common\msdev98\BIN;C:\PROGRA~1\MICROS~4\VC98\B > IN;C:\PROGRA~1\MICROS~4\Common\TOOLS\WINNT;C:\PROGRA~1\MICROS~4\Common\T > OOLS;C:\windows\system32\;C:\cygwin\bin\; > > Another step forward :-) That is a Good Thing(tm) > Can anybody tell me how to undo everything that has been done by > Nmake -f Makefile.nmake all > ? > Go back to the beginning, like so nmake -f Makefile.nmake distclean then build again nmake -f Makefile.nmake all > I have had several partial builds each with errors before getting an > exe. > I would like to start from scratch and run right through with a clean > build. > The exe I have presently got generates an error about a dll not being > found, but I'll raise that in another thread. > > Thanks for the help > RT > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Peter > Johansson > Sent: 07 November 2006 16:35 > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? > > I remember having problems like this once when my PATH environment > variable got to long when going through the build process. > Try to use an additional setup of the PATH variable (in conjunction with > > what is setup using vcvars32.bat) that is less extensive but supports > the build environment. > > Regards, Peter ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
Hello, Peter hit the nail on the head, it's the Windows PATH variable. The cygwin installation does not set an environment variable to allow python to be found. Also all the stuff that accumulates in the PATH environment variable can confuse things, though I don't think the length is important. As Peter suggested the solution is not to use the default environment PATH but to make a clean PATH variable with the minimum information required for the build. You can do this in your command window with; > PATH=C:\windows\system32\;C:\cygwin\bin\; > C:\Program Files\Microsoft Visual Studio\VC98\Bin\VCVARS32.BAT You need the path to C:\windows\system32\ or the build will give errors about XCOPY and possibly other things not being found. The path to C:\cygwin\bin\ finds python avoiding the error "ENV: PYTHON: No such file or directory" error. The batch file adds the paths required by Microsoft Visual Studio 6. The resulting path is; PATH=C:\PROGRA~1\MICROS~4\Common\msdev98\BIN;C:\PROGRA~1\MICROS~4\VC98\B IN;C:\PROGRA~1\MICROS~4\Common\TOOLS\WINNT;C:\PROGRA~1\MICROS~4\Common\T OOLS;C:\windows\system32\;C:\cygwin\bin\; Another step forward :-) Can anybody tell me how to undo everything that has been done by Nmake -f Makefile.nmake all ? I have had several partial builds each with errors before getting an exe. I would like to start from scratch and run right through with a clean build. The exe I have presently got generates an error about a dll not being found, but I'll raise that in another thread. Thanks for the help RT -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Johansson Sent: 07 November 2006 16:35 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Release 00.99.4 missing file? I remember having problems like this once when my PATH environment variable got to long when going through the build process. Try to use an additional setup of the PATH variable (in conjunction with what is setup using vcvars32.bat) that is less extensive but supports the build environment. Regards, Peter ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Release 00.99.4 missing file?
Ulf Lamping wrote: >> I let cygwin do its default thing, plus adding in the additional >> downloads required for the Wireshark documentation. Then I went back to >> an earlier version of Bash. I only installed cygwin to get Wireshark >> working so it should be standard. >> >> The file system is NTFS. >> > > Hi! > > I have these problems too, but didn't found a good way to handle this with > the cygwin python. The hint that the PATH should not be too long might be an > idea, as my PATH is very long - but I currently don't have the time to figure > it out. > > The only solution which reliably works on my machine is to use the native > windows port from python.org and change the settings in config.nmake > accordingly. > > I would like to return to the cygwin python (for easier build environment > setup), but I've already spend hours to try to fix this without any success > :-( > > Even worse, it *sometimes* do work but most of the time not ?!? I'm really > stuck here to find a good solution :-( > Very odd. My wireshark dev is carried out on a much abused XP system that has all sorts of odd junk installed on it. My path (from a command shell) is 653 chars long before vcvars32 and 797 chars after. I used to use a native python (I believed that it was faster), but switched back to the default cygwin one time time ago with no problems at all. -- Regards, Graham Bloice ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Questions about dev
Hi,
I'm all for that. I personally don't like extending Wireshark into the
realm of trace file analyser.
Thanx,
Jaap
On Wed, 8 Nov 2006, Kukosa, Tomas wrote:
> Hello,
>
> I use a little bit differen solution for a similar problem.
> Sometimes I need to dissect proprietray protocols from tracesfiles not
> supported by Wireshark.
> I use following way:
> 1) convert trace file to pcap format with linktype DLT_USERx (x=0-15)
>simple conversion tool can be written in Perl, Python or whatever you
> like
> 2) register my dissector to WTAP_ENCAP_USERx;
>dissector_add("wtap_encap", WTAP_ENCAP_USERx, my_proto_handle);
>
> The advantage is that it does not need any changes (and recompilation)
> in Wireshark.
>
> regards,
> Tomas
>
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Neha Chahal
> Sent: Tuesday, November 07, 2006 9:13 PM
> To: Developer support list for Wireshark
> Subject: Re: [Wireshark-dev] Questions about dev
>
> On 11/7/06, Guy Harris <[EMAIL PROTECTED]> wrote:
> > Neha Chahal wrote:
> >
> > > The format of the file is binary
> >
> > "Binary" isn't a format for a packet capture; there are several
> capture
> > file formats, all of which are binary, but they're not all the same.
> > What *specific* binary format is it?
> >
> > Is this some standard format (libpcap format as used by
> > tcpdump/WinDump/Wireshark/etc., DOS Sniffer format, Windows Sniffer
> > format, Microsoft Network Monitor format, Sun snoop format, etc.), or
> is
> > it some format you or somebody else has created?
>
> Yes it is "not" one of these formats. The packets are in LEA binary
> format.
> >
> > > and the protocol is LEA.
> >
> > What protocol is that?
>
> Law Enforcement Agency protocol for call tracing(lawful intercept
> protocol)
>
> >
> > > It is a protocol at the application layer. So it is the top most
> protocol.
> >
> > What protocol does it run atop? TCP? UDP? Some other protocol?
> >
>
> On top of UDP for my application.
>
> > > So I have to implement both. Is that true?
> >
> > Yes, you have to implement both read and seek_read functions.
> >
> > > So my read routine is returning the packet in wth->frame_buffer. But
> I
> > > have not implementes the seek_read. The README.dev says "implement
> > > seek_read if necessary". What does this mean?
> >
> > It means that the documentation hasn't been updated to indicate that
> > there's no longer a "default" seek_read routine that a file format
> > module can use, so modules always have to have their own seek_read
> > routine. (I've just checked in a change to wiretap/README.developer
> to
> > fix that.)
> >
> > > When is it necessary?
> >
> > Always.
> >
> > > My packets dont have any transport layer headers. They are in the
> > > format I have specified in the dissector. So this is the way my
> packet
> > > looks like.
> > >
> > > fixed header
> > > payload header
> > > variable length payload
> >
> > So are you saying that the *ONLY* protocol in the packet is this "LEA"
> > protocol?
>
> Yes, only LEA.
>
> >
> > > In the dissector I have given protocol details starting from the
> fixed
> > > header. So the packet that I return in the wth->frame_buffer should
> > > start from the fixed header to the end of the payload. Is this
> > > correct?
> >
> > Yes.
> >
> > > Where should the data offset point. At the payload header or at the
> > > fixed header ?
> >
> > At the fixed header - it's the offset to which the seek_read routine
> > would need to seek to get the entire packet.
>
> okay.
>
> So once I am done doing these changes. How do I test my changes?
> Should I do a make install. And then run tethereal on my binary file.
> Currently I am working on the ethereal tar, I downloaded.
>
> Thank you very much, forgive me if I sound stupid. But I am very new
> to ethereal/wireshark.
>
> --Neha
> > ___
> > Wireshark-dev mailing list
> > Wireshark-dev@wireshark.org
> > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> >
>
>
> --
> Thanks and Regards,
> Neha Chahal
> Cell- 443 207 0414
> ___
> Wireshark-dev mailing list
> Wireshark-dev@wireshark.org
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
> ___
> Wireshark-dev mailing list
> Wireshark-dev@wireshark.org
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
>
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
