[Wireshark-dev] Proposed change to packet-tcp (tcp_dissect_pdus)
Hi! I have come a across a really old protocol on top of TCP that I want to be able to decode using wireshark. Unfortunately the protocol's header is "polymorphic" and mean different things depending on from which source port the message is being sent. Hence the length of the PDU cannot be computed looking at the protocol header alone. To make it easier to implement desegmentation of this protocol on top of TCP I would like to use the tcp_dissect_pdus(...) function in packet-tcp, however the with the information supplied in the callback to packet-my_own_decoder_with_some_obscude_header I cannot determine the PDU length. To do this properly I would require the packet_info structure also being passed along in the call from packet-tcp's tcp_dissect_pdus. Would you approve of changing the interface to the function pointer "guint (*get_pdu_len)(tvbuff_t *, int)" into "guint (*get_pdu_len)(tvbuff_t *, int, packet_info*)" instead? Please let me know and I will get on with the changes, supplying a list of patches asap. Taking the current set of dissectors into account, I would have to make changes to 66 dissectors in the current version. / Regards, Peter ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Need info of "recently" added: GNUTLS, KFW, NETTLE, LUA and PortAudio for the Devel Guide and elsewhere
>I will move relevant stuff from readme.win32 (unmaintained) to the Devel >Guide and remove the devel part completely when I find some time. I'd just add a note that it's not maintained and point to the Devel. Guide For an up to date description... Best regards Anders ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] question about RTP Streams - [ SPAM - Bayesian] Bayesian Filter detected spam
PSH is a flag in the TCP layer.It essentially means : dont do any delays on this packet and send back an ACK immediately.This is different from normal tcp segments that can be and often are deliberately delayed and queued in both the transmitter and the receiver for potentially hundreds of miliseconds and also that there can be a delay before a host will acknowledge teh data. These artificial delays will make any rtt measurement unreliable.The good thing though is that special packets will have the PSH bit set and these packets must be immediately delivered and immediately acknowledged which makes these packets a good choice when picking which packets to use for rtt measurement. this is also why all implementations of tcp use these PSH packets for these measurements and why rfc2988 describes these should be used.On 9/12/06, Andreina Toro <[EMAIL PROTECTED]> wrote: Hi ronnie, thanks for helping me... I´m a little lost.. In general I undestand what you mean.. the total latency A <-> B will be the sum of the latencies. But what does it mean PSH when you said... TCP PSH to A? Another thing, I´ll be taking the measures somewhere on the path between A and B but I´m not sure if I can find TCP sessions for both A and B in the trace?... Here I attach you a file with a picture of where I´ll be measuring, if you could take a look I´ll be thankfull.. I´ll be listening to everything that goes trhough and I will only save to a file VoIP traces, I`ll filter them with RTP Streams. How can I measure the latency as you said? because wireshark already gives me the % of packet loss, jitter, etc, but not latency. Thanks so much, Regards, Andreina On 9/8/06, ronnie sahlberg <[EMAIL PROTECTED] > wrote: while you can not find the end to end latency between the peers A andB by looking at RTP traffic there may be other ways to measure it. IF the analyzer is somewhere on the path between A and B and IF youcan also find TCP sessions for both A and B in the trace you can :Measure the time between a TCP PSH to A and the time until you find an ACK coming back from A for the data of that PSH segment.That will give you the latency between the sniffer and ADo the same for a TCP session for B which gives you the latencybetween the sniffer and B. With some luck the latency A <-> B will be the sum of the latenciesyou measured above.On 9/8/06, Andreina Toro < [EMAIL PROTECTED]> wrote: > Hi Miha, now I understand why only analyzing RTP streams I can`t get the> information I need.>> Thank you to all for your time.. it´s amaizing your dedication and good will> helping me!.. >> Regards,>> Andreina (a venezuelan student)> On 9/7/06, Miha Jemec < [EMAIL PROTECTED]> wrote:> > > >> > > " looking at the> > > packets you could see a delay of 100ms, which is long but> > > acceptable"where in the RTP Streams window you look at the> > > delay? The only parameters I see are: > > > * Src IP addr,Src port,Dest IP addr,Dest> > > port,SSRC,Payload,Packets,Lost,Max Delta (ms),Max Jitter> > > (ms),Mean Jitter (ms),Pb?,> >> > Hi Angelina, > >> > wireshark can not measure end-to-end delay, nor the> > end-to-capture_destination delay. At least not using the RTP protocol or> > better said, this information is not provided inside RTP protocol. > >> > The timestamp inside RTP header increments monotonically, that is true,> > but this is the information for the receiver side, to know when a sample> > should be played. This is not (absolute!) time reference. > >> > If you take a look inside whole RTP packet you can see, there is no> > other time information. Nor in the RTP header nor in the ETH/IP/UDP> > headers. It means you can not know when this packet was sent on the > > wire. And you can not know when the voice sample was made. And even if> > this information would be there, would you trust it? How would you know> > that the clock inside VoIP transmitter and your capture device are well > > synchronized? Don't forget, we are talking about milliseconds here.> >> > Of course there are procedures how to measure ONE WAY END TO END DELAY> > and all include devices on both sides which are time synchronized (using > > GPS clock f.e.) but using only wireshark and RTP protocol this is not> > possible.> >> > A simple demonstration of this problem would be:> >> > I can send you over the Internet an RTP stream from my VoIP phone or PC. > > Speech coded with g.711 and 20ms packetization. Let's say, the network> > will work perfectly today and no jitter will be inserted. It means you> > will receive one packet every 20ms. No jitter, what about the delay? > >> > Now, where do you come from? I'm from Europe, if you live somewhere near> > me, the delay (the difference in the time between my PC will put a> > packet on the link and the time you will receive this packet) will be > > relatively small, let's say 50ms. What about if you come from the other> > part of the world. Just because of the distance the propagation time> > will incre
Re: [Wireshark-dev] Need info of "recently" added: GNUTLS, KFW, NETTLE, LUA and PortAudio for the Devel Guide and elsewhere
Gerald Combs wrote: > GnuTLS > > Libgcrypt > I've added both to the Devel Guide. I will move relevant stuff from readme.win32 (unmaintained) to the Devel Guide and remove the devel part completely when I find some time. > Both libraries provide routines and defines for version numbers and > strings, e.g. GNUTLS_VERSION and GCRYPT_VERSION. > I'll try to have a look tomorrow. > I added Nettle support for a client a while back. If no one else is > using it we might want to drop it in favor of Libgcrypt. > Sounds like a good idea to remove complexity (KISS), let's wait a bit (if someone complains) and then just remove it. Regards, ULFL ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Need info of "recently" added: GNUTLS, KFW, NETTLE, LUA and PortAudio for the Devel Guide and elsewhere
Kerberos decryption has been "standard" on unix/linux hosts for a long time sincemost unix/linux distributions come with some sort of kerberos by default today.Since the wireshark code needs access to internal apis inside the kerberos implementation this means wireshark needs to know a fair bit about the internals of the kerberos toolkit.Wireshark knows how and what functions to use for both MIT or Heimdal kerberos, where available.On windows however, there are few options for kerberos outside of microsofts own implementation and i dont think there is any documentation on how to access the internal api inside whatever dll's microsof implement their kerberos with.This has meant that this feature has been missing for the windows platform for quite a while. KerberosForWindows is merely a port of MIT kerberos that runs on windows which allows wireshark to provide this feature on the windows platform as well.On 9/12/06, Ulf Lamping <[EMAIL PROTECTED]> wrote: ronnie sahlberg wrote:> KFW>> what it is:> Kerberos For Windows. A port of MIT Kerberos for the windows platform.>> what it is used for:> It provides support to decrypt Kerberos, sealed DCERPC and secureLDAP. >> unix version: kfw is not used on unix builds.>Is it called differently, or is no Kerberos (and alike) dissectionavailable on *NIX platforms?Regards, ULFL___ Wireshark-dev mailing listWireshark-dev@wireshark.orghttp://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] A problem of building wiresharkunder cygwin(libpcap)
I did not build MSVC and Cygwin combination, I just want to try if it can be built under pure Cygwin environment. My problem is could not install libpcap under Cygwin environment, I think it could be built under Cygwin if we fix this problem. Regards, Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ext Andrew Hood Sent: Tuesday, September 12, 2006 6:01 AM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] A problem of building wiresharkunder cygwin(libpcap) Cook, Timothy wrote: > Have you explored the possibility of building using the recommended > MSVC 6/ CYGWIN combination??? A It makes it hard to understand the cause and effect. Q What's wrong with top-posting? I have Visual Studio .Net Professional 2003 and Visual Studio Professional 2005. These days MSVC 6 is effectively unobtainable, at least in my part of the world. I have built Ethereal with VS 2003. I have not yet tried Wireshark or VS 2005. Shame about MS's license conditions. >>-Original Message- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED] On Behalf Of >>[EMAIL PROTECTED] >>Sent: Monday, September 11, 2006 6:19 AM >>To: wireshark-dev@wireshark.org >>Subject: [Wireshark-dev] A problem of building wireshark under >>cygwin(libpcap) >> >> >>All, >> >>I met a problem when I was trying to build wireshark under cygwin, it >>reported following errors when I ran ./configure: >> >>Checking pcap.h presence... no >>Configure: error: Header file pcap.h not found; if you installed >>libpcap from source, did you also do "make install-incl", and if you >>installed a binary package of libpcap, is there also a developer's >>package of libpcap, and did you also install that package? >> >>I can not found libpcap in cygwin lib lists, I also download >>libpcap-0.8.1, but can not installed in cygwin environment. >>It reported following error: >> >>Checking for ANSI ioctl definitions... No >>Configure:error: see the INSTALL for more info. >> >>I also installed winpcap, but still could not work. Are there anyone >>can tell me, how to install libpcap in wireshark? Or tell me how to >>handle this problem in Wireshark? -- There's no point in being grown up if you can't be childish sometimes. -- Dr. Who ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Feedback: Wireshark User's Guide
On Sep 11, 2006, at 10:05 AM, Brian Drab wrote: > On the first page (the Title page) it has a comma after Ed Warnicke > which I believe to be incorrect. > Section 1.1.3 – It states “Despite its name, Wireshark can capture > traffic…” I believe the “Despite its name” part can be taken out > since the name is now Wireshark and not Ethereal. ...or perhaps changed to indicate that it can capture wireless traffic, the "wire" in its name nonwithstanding. (No, no "Airshark", please. "Landshark", however, would be OK. :-)) ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Need info of "recently" added: GNUTLS, KFW, NETTLE, LUA and PortAudio for the Devel Guide and elsewhere
The Kerberos decryption has been available on unix for several years and are built in by defaultas long as automagic finds either standard heimdal or standard mit kerberos libraries during the build.I think virtually all unix/linux hosts come with either of these by default today. The Kerberos For Windows is just a port of MIT Kerberos for the windows platformOn 9/12/06, Ulf Lamping < [EMAIL PROTECTED]> wrote:ronnie sahlberg wrote:> KFW>> what it is: > Kerberos For Windows. A port of MIT Kerberos for the windows platform.>> what it is used for:> It provides support to decrypt Kerberos, sealed DCERPC and secureLDAP.>> unix version: kfw is not used on unix builds. >Is it called differently, or is no Kerberos (and alike) dissectionavailable on *NIX platforms?Regards, ULFL___Wireshark-dev mailing list Wireshark-dev@wireshark.orghttp://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] A problem of building wireshark under cygwin(libpcap)
Cook, Timothy wrote: > Have you explored the possibility of building using the recommended MSVC > 6/ CYGWIN combination??? A It makes it hard to understand the cause and effect. Q What's wrong with top-posting? I have Visual Studio .Net Professional 2003 and Visual Studio Professional 2005. These days MSVC 6 is effectively unobtainable, at least in my part of the world. I have built Ethereal with VS 2003. I have not yet tried Wireshark or VS 2005. Shame about MS's license conditions. >>-Original Message- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED] On Behalf Of >>[EMAIL PROTECTED] >>Sent: Monday, September 11, 2006 6:19 AM >>To: wireshark-dev@wireshark.org >>Subject: [Wireshark-dev] A problem of building wireshark >>under cygwin(libpcap) >> >> >>All, >> >>I met a problem when I was trying to build wireshark under >>cygwin, it reported following errors when I ran ./configure: >> >>Checking pcap.h presence... no >>Configure: error: Header file pcap.h not found; if you >>installed libpcap from source, did you also do "make >>install-incl", and if you installed a binary package of >>libpcap, is there also a developer's package of libpcap, and >>did you also install that package? >> >>I can not found libpcap in cygwin lib lists, I also download >>libpcap-0.8.1, but can not installed in cygwin environment. >>It reported following error: >> >>Checking for ANSI ioctl definitions... No >>Configure:error: see the INSTALL for more info. >> >>I also installed winpcap, but still could not work. Are there >>anyone can tell me, how to install libpcap in wireshark? Or >>tell me how to handle this problem in Wireshark? -- There's no point in being grown up if you can't be childish sometimes. -- Dr. Who ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Need info of "recently" added: GNUTLS, KFW, NETTLE, LUA and PortAudio for the Devel Guide and elsewhere
ronnie sahlberg wrote: > KFW > > what it is: > Kerberos For Windows. A port of MIT Kerberos for the windows platform. > > what it is used for: > It provides support to decrypt Kerberos, sealed DCERPC and secureLDAP. > > unix version: kfw is not used on unix builds. > Is it called differently, or is no Kerberos (and alike) dissection available on *NIX platforms? Regards, ULFL ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Need info of "recently" added: GNUTLS, KFW, NETTLE, LUA and PortAudio for the Devel Guide and elsewhere
Ulf Lamping wrote: > Hi List! > > The recently added libs are not mentioned in the documentation and in the > "About" box. > > To add it, I need the following infos of the libs: > > - what is it (e.g. PortAudio - portable cross-platform Audio API) > - what is it used for in Wireshark (e.g. enables audio support for RTP > streams) > - how can it be used in Wireshark (e.g. how to use the RTP audio output?) > - URL to get the Unix version (e.g. http://www.portaudio.com/download.html) > - URL to get Win32 binaries (e.g. ???) > - how can it be detected if installed and how to get the version - into the > version info (About box "Compiled with" / "Running with") > > If someone can provide me with that info, I'll add that to the Devel Guide > and Readme.Win32 and will try to add it to version_info.c. There should probably be separate items for GnuTLS and Gcrypt: GnuTLS What it is: The GNU Transport Layer Security library. Provides support for the TLS and SSL protocols, along with associated authentication, certificate handling, and encryption/decryption. What it's used for: SSL/TLS decryption Unix version: http://www.gnu.org/software/gnutls/ Windows version: We roll our own using http://josefsson.org/gnutls4win/ Libgcrypt: What it is: Low-level encryption library. Provides support for many ciphers, such as DES, 3DES, AES, Blowfish, and others. What it's used for: Decryption support in several places. Unix version: http://www.gnupg.org/ Windows version: Part of our homemade GnuTLS package. Both libraries provide routines and defines for version numbers and strings, e.g. GNUTLS_VERSION and GCRYPT_VERSION. I added Nettle support for a client a while back. If no one else is using it we might want to drop it in favor of Libgcrypt. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Cannot use make setup with proxy on Win32?
Lars Ruoff wrote: > Hi, i'm trying to run nmake -f Makefile.nmake setup on a WinXP with the > 0.99.3a tar sources. > cygwin wget is intsalled and runs properly. > But how do i specify the proxy and parameters (authenthication)? > I tried defining a HTTP_PROXY environment variable to ipaddress:port and > added a --proxy-user=xxx --proxy-password=yyy in the win32-setup.sh but it > still doesn't use the proxy (HTTP request goes out directly => is > unanswered). > How do i specify it? > > There might be other ways: I've used wget from cygwin. Edit (or create) the .wgetrc file in the cygwin home dir and add: http_proxy = http://yourproxy.com:1234/ And more important: comment out the line 54 of win32-setup.sh #use_proxy="-Y off" I'm thinking about keeping this line commented, as it doesn't seem to make sense to me, why would you *prevent* wget from using a proxy ... Regards, ULFL ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Need info of "recently" added: GNUTLS, KFW, NETTLE, LUA and PortAudio for the Devel Guide and elsewhere
KFW what it is: Kerberos For Windows. A port of MIT Kerberos for the windows platform. what it is used for: It provides support to decrypt Kerberos, sealed DCERPC and secureLDAP. unix version: kfw is not used on unix builds. windows version: www.mit.edu/~kerberos On 9/11/06, Ulf Lamping <[EMAIL PROTECTED]> wrote: > Hi List! > > The recently added libs are not mentioned in the documentation and in the > "About" box. > > To add it, I need the following infos of the libs: > > - what is it (e.g. PortAudio - portable cross-platform Audio API) > - what is it used for in Wireshark (e.g. enables audio support for RTP > streams) > - how can it be used in Wireshark (e.g. how to use the RTP audio output?) > - URL to get the Unix version (e.g. http://www.portaudio.com/download.html) > - URL to get Win32 binaries (e.g. ???) > - how can it be detected if installed and how to get the version - into the > version info (About box "Compiled with" / "Running with") > > If someone can provide me with that info, I'll add that to the Devel Guide > and Readme.Win32 and will try to add it to version_info.c. > > Regards, ULFL > ___ > Viren-Scan für Ihren PC! Jetzt für jeden. Sofort, online und kostenlos. > Gleich testen! http://www.pc-sicherheit.web.de/freescan/?mc=02 > > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev > ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Feedback: Wireshark User's Guide
I thought I would pass on some more info I found that you may want to consider changing in the User Guide. I’m using 19086 for Wireshark 0.99.3. On the first page (the Title page) it has a comma after Ed Warnicke which I believe to be incorrect. Section 1.1.3 – It states “Despite its name, Wireshark can capture traffic…” I believe the “Despite its name” part can be taken out since the name is now Wireshark and not Ethereal. Section 1.2.2 – Suse Linux is listed. You may want to uppercase SUSE. Section 1.6.2 – It states “For example, there is an explanation how to capture…” I believe the word on is missing before the word how. Section 4.7 – It states “…so you will have a guide what to do:”. I believe the word of is missing before the word what. Section 4.9 – It states “The selection which protocols are counted cannot be changed.” I believe the word of is missing after the word selection. Section 5.2 – There is a word behaviour in there. I believe it should be spelled behavior. Section 5.2.1 – Screen shot still from Ethereal. Section 5.3.1 – Screen shot still from Ethereal. Section 5.4.1 – Screen shot still from Ethereal. Section 5.5 – It states “…the captured data is spreaded over several…” I believe the word spreaded should be spread. This is like this a second time in the last paragraph of the shaded block of info. Section 5.6.1 – Screen shot still from Ethereal. Section 5.6.2 – Screen shot still from Ethereal. Section 5.6.4 – Screen shot still from Ethereal. Section 5.6.5 – Screen shot still from Ethereal. Section 5.6.6 – Screen shot still from Ethereal. Section 6.2.1 – It states “The following table gives an overview which functions…”. I believe the word of is missing after the word overview. Section 6.2.2 – It states “The following table gives an overview which functions…”. I believe the word of is missing after the word overview. Section 6.2.3 – It states “The following table gives an overview which functions…”. I believe the word of is missing after the word overview. Figure 6.6 – Screen shot doesn’t really match the paragraph that explains it. The paragraph says packets 1-10 are hidden and that it starts with 11 however the screen shot shows starting at 14. Section 6.3 – It states “A list of such fields is available in the Wireshark in the Add _expression_…” Something needs changed here. Doesn’t sound correct. Section 6.5 – For the Cancel option it states “you can leave the Add _expression_… dialog box without any effect by clicking the Cancel”. I believe the word button is missing from the end. Section 7.5.2 – It states “The tooltip of the higher level protocol setting will note you if…” I believe the word note should be notify. Section 7.6 – It states “There are two possible ways to do this conversations…” I believe the word this would be these. Section 7.6.1 – It states “Name resolution can be invaluable while working with Wireshark and may save you even hours of work.” I believe this should be may even save you hours of work. Put the word even after may. Section 7.6.1 – It states “…because you can’t connect a name server…”. I believe the word to should be after the word connect. Again I thought I would do my very small part in contributing to this fantastic product. Thank you. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Cannot use make setup with proxy on Win32?
Hi, i'm trying to run nmake -f Makefile.nmake setup on a WinXP with the 0.99.3a tar sources. cygwin wget is intsalled and runs properly. But how do i specify the proxy and parameters (authenthication)? I tried defining a HTTP_PROXY environment variable to ipaddress:port and added a --proxy-user=xxx --proxy-password=yyy in the win32-setup.sh but it still doesn't use the proxy (HTTP request goes out directly => is unanswered). How do i specify it? best regards, Lars Ruoff ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] What's the state of the Meta/LUA plugins? How to continue?
On 9/11/06, Ulf Lamping <[EMAIL PROTECTED]> wrote: > Both plugins are marked experimental (at least in the Win32 installer) for > some time now. Yes, they are both kinda experimental... > The LUA scripting support seems to be the way to go, but what's the current > state (implementation, documentation, ...). I would like to add some more > basic scripting support for the Wireshark GUI like: opening a capture file, > applying a display filter, exporting to ... The current state is that we have a prototype bindding to lua... I'm on my way to the "good one". Although the current one is functional it is a little bit messy and it would not allow as-is to make lua applications that use epan (open a file find this do that and dump to here... ). What I'm doing this time is creating a series of C++ classes to wrap epan objects (proto_tree, proto_item, tvbuff, etc...) and then generate the lua bindings using either luabind or tolua++ or cpplua. I want both WS to be extensible in Lua and Lua to be able to use WS as a libary. > As I don't like the idea of having to support two scripting engines, I would > like to mark Mate as deprecated for now, so we can remove it some day, when > the Lua support is really stable for a while. MATE ain't a sripting enguine... Is an educable tool for linking frames. I been thinking about getting rid of it and changed my mind I do not think is a good idea of getting rid of it. Me and others still use it very productivelly. Luis -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] What's the state of the Meta/LUA plugins? How to continue?
Hi List! Both plugins are marked experimental (at least in the Win32 installer) for some time now. The LUA scripting support seems to be the way to go, but what's the current state (implementation, documentation, ...). I would like to add some more basic scripting support for the Wireshark GUI like: opening a capture file, applying a display filter, exporting to ... As I don't like the idea of having to support two scripting engines, I would like to mark Mate as deprecated for now, so we can remove it some day, when the Lua support is really stable for a while. Regards, ULFL __ XXL-Speicher, PC-Virenschutz, Spartarife & mehr: Nur im WEB.DE Club! Jetzt gratis testen! http://freemail.web.de/home/landingpad/?mc=021130 ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Need info of "recently" added: GNUTLS, KFW, NETTLE, LUA and PortAudio for the Devel Guide and elsewhere
On Mon, Sep 11, 2006 at 06:29:36PM +0200, Ulf Lamping wrote: > To add it, I need the following infos of the libs: > > - what is it (e.g. PortAudio - portable cross-platform Audio API) > - what is it used for in Wireshark (e.g. enables audio support for RTP > streams) > - how can it be used in Wireshark (e.g. how to use the RTP audio output?) > - URL to get the Unix version (e.g. http://www.portaudio.com/download.html) > - URL to get Win32 binaries (e.g. ???) Portaudio: coudln't find them. > - how can it be detected if installed and how to get the version - into the > version info (About box "Compiled with" / "Running with") Portaudio: I don't see a way for versions 18 and below (except by looking at the full library name of the dynamic lib: libportaudio.so.0.0.18 is version 18. If the code was statically linked, then I don't have any idea. Starting with version 19 (API 2.0), it's Pa_GetVersionText(). ciao Joerg PS: It would have been nice to include the list of libs into the mailbody as well -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Need info of "recently" added : GNUTLS, KFW, NETTLE, LUA and PortAudio for the Devel Guide and elsewhere
Hi List! The recently added libs are not mentioned in the documentation and in the "About" box. To add it, I need the following infos of the libs: - what is it (e.g. PortAudio - portable cross-platform Audio API) - what is it used for in Wireshark (e.g. enables audio support for RTP streams) - how can it be used in Wireshark (e.g. how to use the RTP audio output?) - URL to get the Unix version (e.g. http://www.portaudio.com/download.html) - URL to get Win32 binaries (e.g. ???) - how can it be detected if installed and how to get the version - into the version info (About box "Compiled with" / "Running with") If someone can provide me with that info, I'll add that to the Devel Guide and Readme.Win32 and will try to add it to version_info.c. Regards, ULFL ___ Viren-Scan für Ihren PC! Jetzt für jeden. Sofort, online und kostenlos. Gleich testen! http://www.pc-sicherheit.web.de/freescan/?mc=02 ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] A problem of building wireshark under cygwin(libpcap)
Have you explored the possibility of building using the recommended MSVC 6/ CYGWIN combination??? -Tim > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > [EMAIL PROTECTED] > Sent: Monday, September 11, 2006 6:19 AM > To: wireshark-dev@wireshark.org > Subject: [Wireshark-dev] A problem of building wireshark > under cygwin(libpcap) > > > All, > > I met a problem when I was trying to build wireshark under > cygwin, it reported following errors when I ran ./configure: > > Checking pcap.h presence... no > Configure: error: Header file pcap.h not found; if you > installed libpcap from source, did you also do "make > install-incl", and if you installed a binary package of > libpcap, is there also a developer's package of libpcap, and > did you also install that package? > > I can not found libpcap in cygwin lib lists, I also download > libpcap-0.8.1, but can not installed in cygwin environment. > It reported following error: > > Checking for ANSI ioctl definitions... No > Configure:error: see the INSTALL for more info. > > I also installed winpcap, but still could not work. Are there > anyone can tell me, how to install libpcap in wireshark? Or > tell me how to handle this problem in Wireshark? > > Best Regards, > Chris > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > __ > ___ > Scanned by IBM Email Security Management Services powered by > MessageLabs. For more information please visit > http://www.ers.ibm.com > __ > ___ > ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] A problem of building wireshark under cygwin (libpcap)
All, I met a problem when I was trying to build wireshark under cygwin, it reported following errors when I ran ./configure: Checking pcap.h presence... no Configure: error: Header file pcap.h not found; if you installed libpcap from source, did you also do "make install-incl", and if you installed a binary package of libpcap, is there also a developer's package of libpcap, and did you also install that package? I can not found libpcap in cygwin lib lists, I also download libpcap-0.8.1, but can not installed in cygwin environment. It reported following error: Checking for ANSI ioctl definitions... No Configure:error: see the INSTALL for more info. I also installed winpcap, but still could not work. Are there anyone can tell me, how to install libpcap in wireshark? Or tell me how to handle this problem in Wireshark? Best Regards, Chris ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev