[Wireshark-dev] PortableApps Wireshark feedback
FYI: I was finally able to build & test a PortableApps version of Wireshark. The SVN version I used was 23398. Initially when I built it and tried to run it off a USB flash drive, it failed due to some "unspecified error". I had tried to save some time by not running a distclean first, but in the end, it cost me more time because after I recompiled it following a distclean, I created an installer that actually worked. I tested it on only 1 Windows PC thus far, but it worked great. No issues to speak of, although I only tested a few basic things, such as: a simple capture, apply some display filters, change some column preferences, save the file to the flash drive, close the PortableApps Wireshark and re-launch it to be sure the settings were retained, close the PortableApps Wireshark and open the PC's installed version of Wireshark to be sure its settings were not affected, and perhaps a few other misc. tests. Anyway, as I said, no issues to report, at least as far as those the tests are concerned. The only negative comment I have has to do with the time it took to actually install the PortableApps Wireshark on the flash disk I borrowed. I didn't time it, but it took at least an hour. Nothing to do with Wireshark though, just a really slow drive to write to I guess. Reading was ok though and launching Wireshark from the USB drive was a little slower, as expected, but nothing too painful. Anyway, excellent stuff! I have a U3 flash disk, but we have a lot of non-U3 drives floating around, so this will come in handy for many people I would imagine. Oh, one last thing - I read an article, linked from the www.portableapps.com website that indicated that you could run a PortableApps application on Linux if you have wine installed. I did not try that ... yet. Unfortunately, I probably won't be able to try it until next week at the earliest. Unless someone can tell me a reason why they know it wouldn't work and that I need not bother trying it out? - Chris P.S. Here's the article: http://www.manilastandardtoday.com/?page=business6_aug14_2007 - This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, retention, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message. Also, email is susceptible to data corruption, interception, tampering, unauthorized amendment and viruses. We only send and receive emails on the basis that we are not liable for any such corruption, interception, tampering, amendment or viruses or any consequence thereof. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Network Sorcery and protocol documentation
On Thu, Nov 08, 2007 at 08:57:19PM -0700, Stephen Fisher wrote: > > that I reference quite often, namely > > http://www.networksorcery.com/enp/Protocol.htm. > > The network sorcery pages are a wonderful reference. Our protocol pages > should be geared more toward how the protocol is dissected in Wireshark. > How about we put links to the proper Network Sorcery page on each > Wireshark Wiki page? I don't see a need to duplicate all of the work > they do. I do: The information is copyright by a company, we'd like to provide a free alternative. From their home page: Our mission statement To create great software products and valuable network information for our customers. So they are in there to their customers, not Wiresharks customers. ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Network Sorcery and protocol documentation
On Tue, Nov 06, 2007 at 11:47:04PM -0500, Maynard, Chris wrote: > I was reminded of a very handy web site for protocol documentation > that I reference quite often, namely > http://www.networksorcery.com/enp/Protocol.htm. > Anyway, I personally think the format is somewhat superior to the > current wireshark wiki pages for protocol descriptions and would like > to see Wireshark protocol pages mimic theirs. Is it possible to > mirror that site's content on Wireshark's site? And then as we add > new protocols, we could use a similar format? At the very least, > provide a link to it from Wireshark? The network sorcery pages are a wonderful reference. Our protocol pages should be geared more toward how the protocol is dissected in Wireshark. How about we put links to the proper Network Sorcery page on each Wireshark Wiki page? I don't see a need to duplicate all of the work they do. Steve ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [Wireshark-commits] rev 23395: /trunk/ /trunk/epan/: prefs.c prefs.h /trunk/gtk/: layout_prefs.c toolbar.c
On Thu, Nov 08, 2007 at 05:30:40AM +0100, Ulf Lamping wrote: > The problem with such preferences is: there will be too much of them. > Having lot's of preferences makes it hard to get an idea what they are > all about. > > So, I'd vote to simply remove this preference, Thanks.. I removed the toolbar arrow preference as of SVN revision 23407. Steve ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] SMB and lost NBSS streams
Hi, I am analyzing SMB traces from CIFS and NetBIOS ports. All packets use the session layer NBSS protocol to determine application level (SMB) packet boundaries. In some cases we drop packets (heavy I/O periods usually) and can lose the end of a NBSS stream and the beginning of the next. When this happens, wireshark does not know the correct offset in the NBSS stream to look for the next SMB header. As a result, it just passes the packet to the NBSS handler which just tags it as continuation data, even when there may be a SMB header within the packet, though not directly following the TCP header. I am wondering if anyone else has encountered this (which seems highly likely if packet loss occurs) and if anyone knows of any good solutions? I have been using a brute for byte by byte search for SMB headers to alleviate the problem, though this solution isn't particularly graceful. Thanks! Andrew ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Alignment warnings - don't ignore them!
Guy Harris wrote: > [EMAIL PROTECTED] wrote: >> http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=23401 >> >> User: morriss >> Date: 2007/11/08 07:13 PM >> >> Log: >> Don't cast pinfo->src.data to (const mtp3_addr_pc_t *) unless we *know* it's >> an MTP3 PC in there (else we get a bus error on SPARC systems). > > Yup, SPARC processors don't support unaligned references, even though > x86/x86-64, S/390 and z/Architecture, and PowerPC processors do. If GCC > warns about a pointer type conversion from a type with one alignment > requirement to a type with stricter alignment requirements, believe the > warning. I probably need a newer gcc because I'm not seeing any alignment warnings (well, at least not there). :-( ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Small performance improvements to packet-http.c
This time, with the patch attached. On Nov 8, 2007 9:56 PM, Kaul <[EMAIL PROTECTED]> wrote: > I've fixed ep_strndup <-> se_stnrdup, patch attached. > From subjective testings, it seems that there is some measurable > performance improvement - 5-10 percent on my test pcap file (~ > you are not just avoiding a strncmp(), but also the char-by-char search > for the space that follows the method (as well as another strncmp() for > 'M-', which is a rare case as well). The optimization, while not the > cleanest coding-wise, works well because it works for the most common cases > - and I believe many, many times (subjectively > 90%) of the times it'll hit > the optimized path. > Nevertheless, it is important for me that it'll be understood - so I > documented it inline clearly - I think. > > > > On Nov 8, 2007 2:12 AM, Stephen Fisher < [EMAIL PROTECTED]> wrote: > > > On Mon, Nov 05, 2007 at 09:15:45AM +0200, Kaul wrote: > > > > > Somewhat inspired by the performance improvements to tvbuff, I've made > > > some small performance improvements to packet-http.c: > > > > > 1. In the most common cases 'GET ', 'POST', 'HTTP' - compare them > > > against the 32bit value of those strings, instead of strncmp(). I > > > reckon in most cases it'll be used, and there won't be need for longer > > > comparison paths. > > > > Is this a significant enough performance improvement to warrant making > > the code a bit harder to read, maintain and understand? The strncmp() > > function, at least in a recent FreeBSD libc, looks pretty quick and > > simple as it is. I am just wondering; I do not mean to discourage you > > from you from contributing. > > > > > > Steve > > > > ___ > > Wireshark-dev mailing list > > Wireshark-dev@wireshark.org > > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > > > packet-http.c.diff Description: Binary data ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Small performance improvements to packet-http.c
I've fixed ep_strndup <-> se_stnrdup, patch attached. >From subjective testings, it seems that there is some measurable performance improvement - 5-10 percent on my test pcap file (~ you are not just avoiding a strncmp(), but also the char-by-char search for the space that follows the method (as well as another strncmp() for 'M-', which is a rare case as well). The optimization, while not the cleanest coding-wise, works well because it works for the most common cases - and I believe many, many times (subjectively > 90%) of the times it'll hit the optimized path. Nevertheless, it is important for me that it'll be understood - so I documented it inline clearly - I think. On Nov 8, 2007 2:12 AM, Stephen Fisher < [EMAIL PROTECTED]> wrote: > On Mon, Nov 05, 2007 at 09:15:45AM +0200, Kaul wrote: > > > Somewhat inspired by the performance improvements to tvbuff, I've made > > some small performance improvements to packet-http.c: > > > 1. In the most common cases 'GET ', 'POST', 'HTTP' - compare them > > against the 32bit value of those strings, instead of strncmp(). I > > reckon in most cases it'll be used, and there won't be need for longer > > comparison paths. > > Is this a significant enough performance improvement to warrant making > the code a bit harder to read, maintain and understand? The strncmp() > function, at least in a recent FreeBSD libc, looks pretty quick and > simple as it is. I am just wondering; I do not mean to discourage you > from you from contributing. > > > Steve > > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev > ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Alignment warnings - don't ignore them!
[EMAIL PROTECTED] wrote: > http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=23401 > > User: morriss > Date: 2007/11/08 07:13 PM > > Log: > Don't cast pinfo->src.data to (const mtp3_addr_pc_t *) unless we *know* it's > an MTP3 PC in there (else we get a bus error on SPARC systems). Yup, SPARC processors don't support unaligned references, even though x86/x86-64, S/390 and z/Architecture, and PowerPC processors do. If GCC warns about a pointer type conversion from a type with one alignment requirement to a type with stricter alignment requirements, believe the warning. (README.developer mentions the alignment issues in some places, but it doesn't mention that issue - it mainly talks about assuming that pointers to raw packet data are aligned.) ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] my added dissectors don't appear in the Makefile
Fulko Hew wrote: > > Im just wrapping up development on my enhancements and new > dissectors for wireshark, and while preparing my patch set, I'm > testing it by applying it to a virgin tarball. > > The developer instructions say I just had to add my src files > to epan/dissectors/Makefile.common, and then I run > 'configure' and make. > > But the resultant epan/dissectors/Makefile doesn't contain > references (to compile/link) the my dissectors (that I added > to Makefile.common. This is driving me NUTS! > > I can't figure out why my virgin test case isn't including _my_ > dissectors. It seems that configure writes the makefile, > but I can't figure out how/where its done, or whats missing > that its not doing it right. > > (Then again, on my test machine, if I remove my entry from > Makefile.common, ./configure; make; my entry isn't removed > either.) > > > Any clues would be welcome (for my sanity). Makefile.common + Makefile.am become Makefile.in when you run 'autogen.sh'. 'configure' takes Makefile.in and makes Makefile . (The source tarballs have already had autogen run on them so they have a usable Makefile.in .) (At least that's my feeble understanding...) ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] why there is no frame check sequence field in ethernet frame
zhou rui wrote: > hi all > seems it is very confused that > there is no "frame check sequence"field in the ethernet frame captured > by wireshark,while the other sniffer has that Because most hardware (NICs) don't provide the checksum to the capturing engine. Specialized (sniffer) hardware typically does since, well, it's whole purpose in life is capturing. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] my added dissectors don't appear in the Makefile
Im just wrapping up development on my enhancements and new dissectors for wireshark, and while preparing my patch set, I'm testing it by applying it to a virgin tarball. The developer instructions say I just had to add my src files to epan/dissectors/Makefile.common, and then I run 'configure' and make. But the resultant epan/dissectors/Makefile doesn't contain references (to compile/link) the my dissectors (that I added to Makefile.common. This is driving me NUTS! I can't figure out why my virgin test case isn't including _my_ dissectors. It seems that configure writes the makefile, but I can't figure out how/where its done, or whats missing that its not doing it right. (Then again, on my test machine, if I remove my entry from Makefile.common, ./configure; make; my entry isn't removed either.) Any clues would be welcome (for my sanity). TIA Fulko ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Codec plugin
Short description: - extract easy_codec.zip into the plugins/easy_codec directory - download codec libraries (EasyG723.1, EasyG729A, EasyG722) from http://www.imtelephone.com/ - extract downloaded libraries with headers into following directories: plugins/easy_codec/EasyG7231 plugins/easy_codec/EasyG729A plugins/easy_codec/EasyG722 - run nmake -f Makefile.nmake from plugins/easy_codec - when you start Wireshark you should see easy_codec plugin (type codec) in the list of plugins Od: [EMAIL PROTECTED] za uživatele Joerg Mayer Odesláno: čt 8.11.2007 16:29 Komu: Tomas Kukosa Kopie: wireshark-dev@wireshark.org Předmět: Re: [Wireshark-dev] Codec plugin Hello Tomas, On Thu, Nov 08, 2007 at 03:34:38PM +0100, Tomas Kukosa wrote: > I am sending it again from "standard" mail. Thanks - that was readable :-) I'll do it later today (GMT-5). Maybe you can provide a small README that explains where to find the Codes etc? Ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev <>___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Missing Interface Name on Windows Vistaforwireshark
- Original Message - From: <[EMAIL PROTECTED]> To: "Developer support list for Wireshark" Sent: Thursday, November 08, 2007 5:11 AM Subject: Re: [Wireshark-dev] Missing Interface Name on Windows Vistaforwireshark > Hi , > I have attached the ipconfig -a output. > Sorry its in Norwegian but the `PPP-kort Nokia 6680 GGSN PH3` is not > displayed at all. It makes sense. It's listed as "PPP..." so it's probably dialup-like. > > Can anyone trace on a interface that is not listed by wireshark I mean > using a MAC address or something ? > Can wireshark display hidden interfaces ? No. Wireshark uses WinPcap to capture packets. It doesn't have any built-in capture capabilities. and unfortunately WinPcap doesn't support dialup-like capture on Vista. The reason is that WinPcap uses the Microsoft NetMon component to capture from dialup, and NetMon is not an inbox component of Vista. Have a nice day GV > > Microsoft Windows [Versjon 6.0.6000] > Copyright (c) 2006 Microsoft Corporation. Med enerett. > > C:\Users\yngve>ipconfig /all > > Windows IP-konfigurasjon > > Vertsnavn . . . . . . . . . . . : yngve-laptop > Primær DNS-suffiks . . . . . . . : > Nodetype . . . . . . . . . . . . : Hybrid > IP-ruting aktivert . . . . . . . : Nei > WINS Proxy aktivert . . . . . . . : Nei > > PPP-kort Nokia 6680 GGSN PH3: > > Tilkoblingsspesifikt DNS-suffiks : > Beskrivelse . . . . . . . . . . : Nokia 6680 GGSN PH3 > Fysisk adresse . . . . . . . . . : > DHCP aktivert . . . . . . . . . . : Nei > Automatisk konfigurasjon aktivert : Ja > IPv4-adresse. . . . . . . . . . . : 10.59.20.219(Foretrukket) > Nettverksmaske . . . . . . . . . .: 255.255.255.255 > Standard gateway . . . . . . . . .: 0.0.0.0 > DNS-servere . . . . . . . . . . . : 172.28.225.11 > 172.28.225.11 > NetBIOS over Tcpip. . . . . . . . : Deaktivert > > Ethernet-kort Lokal tilkobling* 7: > > Medietilstand . . . . . . . . . . : Medium frakoblet > Tilkoblingsspesifikt DNS-suffiks : > Beskrivelse . . . . . . . . . . : Check Point Virtual Network Adapter > For > ecureClient > Fysisk adresse . . . . . . . . . : 54-18-B8-39-0E-0E > DHCP aktivert . . . . . . . . . . : Ja > Automatisk konfigurasjon aktivert : Ja > > Trådløst LAN-kort Trådløs nettverkstilkobling: > > Medietilstand . . . . . . . . . . : Medium frakoblet > Tilkoblingsspesifikt DNS-suffiks : domain.actdsltmp > Beskrivelse . . . . . . . . . . : Intel(R) PRO/Wireless 3945ABG > Network Co > nection > Fysisk adresse . . . . . . . . . : 00-1B-77-B5-C7-61 > DHCP aktivert . . . . . . . . . . : Ja > Automatisk konfigurasjon aktivert : Ja > > Ethernet-kort Lokal tilkobling: > > Medietilstand . . . . . . . . . . : Medium frakoblet > Tilkoblingsspesifikt DNS-suffiks : > Beskrivelse . . . . . . . . . . : Broadcom NetLink (TM) Fast Ethernet > Fysisk adresse . . . . . . . . . : 00-15-C5-7E-BB-7F > DHCP aktivert . . . . . . . . . . : Ja > Automatisk konfigurasjon aktivert : Ja > > Tunnelkort Lokal tilkobling*: > > Medietilstand . . . . . . . . . . : Medium frakoblet > Tilkoblingsspesifikt DNS-suffiks : > Beskrivelse . . . . . . . . . . : Teredo Tunneling Pseudo-Interface > Fysisk adresse . . . . . . . . . : 02-00-54-55-4E-01 > DHCP aktivert . . . . . . . . . . : Nei > Automatisk konfigurasjon aktivert : Ja > > Tunnelkort Lokal tilkobling* 9: > > Medietilstand . . . . . . . . . . : Medium frakoblet > Tilkoblingsspesifikt DNS-suffiks : > Beskrivelse . . . . . . . . . . : 6TO4 Adapter > Fysisk adresse . . . . . . . . . : 00-00-00-00-00-00-00-E0 > DHCP aktivert . . . . . . . . . . : Nei > Automatisk konfigurasjon aktivert : Ja > > Tunnelkort Lokal tilkobling* 10: > > Medietilstand . . . . . . . . . . : Medium frakoblet > Tilkoblingsspesifikt DNS-suffiks : > Beskrivelse . . . . . . . . . . : 6TO4 Adapter > Fysisk adresse . . . . . . . . . : 00-00-00-00-00-00-00-E0 > DHCP aktivert . . . . . . . . . . : Nei > Automatisk konfigurasjon aktivert : Ja > > C:\Users\yngve> > > > Regards, > Sameer > > > - Original Message > From: Gianluca Varenni <[EMAIL PROTECTED]> > To: Developer support list for Wireshark > Sent: Wednesday, November 7, 2007 4:16:38 PM > Subject: Re: [Wireshark-dev] Missing Interface Name on Windows Vista > forwireshark > > I think that those interfaces are exported as dialup connections. Under > Vista WinPcap does *not* support dialup-like interfaces. > > Can you please post the output of ipconfig -a? > > Thanks > GV > > > - Original Message - > From: <[EMAIL PROTECTED]> > To: > Sent: Wednesday, November 07, 2007 5:32 AM > Subject: [Wireshark-dev] Missing Interface Name on Windows Vista > forwireshark > > >> Hi, >> >> I intend to use Wireshark to capture packets on a network interface that >> is basically a USB connected mobile device, the latter acts as a modem. >> The Operating System I am using is Windows Vista. >
Re: [Wireshark-dev] 0.99.7 release?
MIB-RFC1213 is already in the default smi_modules file... I am aware that asking libSMI to reload a MIB already loaded (even if renamed) causes a crash (I see oids.c:572 in the stack but that's a debugger issue I guess). But I do not know a simple solution to avoid reloading a MIB that is already loaded, I've open a bug with the LibSMI guys. I have an item in http://wiki.wireshark.org/Development/SNMP about the issue... This weekend I'll try to close as many of the critical Items in that list. Luis On 11/8/07, Andrew Hood <[EMAIL PROTECTED]> wrote: > Ulf Lamping wrote: > > Gerald Combs schrieb: > > > >>It's been a while since 0.99.6 was released (Holy crap! July 5!), so it > >>would > >>probably be a good idea to push 0.99.7 out the door. I'd like to make a > >>prerelease on the 19th or 20th, with a final release a week later. > >> > > > > I had the same idea recently. > > > > Things that probably need a fix before: > > > > - buildbot is unhappy (make it happy again somehow) > > - SNMP changes finished? > > I build HEAD yesterday on Windows (MSVC2005). > > If I include RFC1213-MIB, required to import various Microsoft MIBs, it > segfaults in oids.c at line 574. > > If I don't include RFC1213-MIB it generates an error about the MIB being > missing, but at least it runs. > > If I run in under the MSVC debugger some of the time it works with > RFC1213-MIB present, some time it doesn't. > > I've run smilint against all the M$ MIBs and fixed all the "errors", > event the cosmetic ones, and it still segfaults. > > > -- > There's no point in being grown up if you can't be childish sometimes. > -- Dr. Who > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev > -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Codec plugin
Hello Tomas, On Thu, Nov 08, 2007 at 03:34:38PM +0100, Tomas Kukosa wrote: > I am sending it again from "standard" mail. Thanks - that was readable :-) I'll do it later today (GMT-5). Maybe you can provide a small README that explains where to find the Codes etc? Ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Missing Interface Name on Windows Vista forwireshark
Hi , I have attached the ipconfig -a output. Sorry its in Norwegian but the `PPP-kort Nokia 6680 GGSN PH3` is not displayed at all. Can anyone trace on a interface that is not listed by wireshark I mean using a MAC address or something ? Can wireshark display hidden interfaces ? Microsoft Windows [Versjon 6.0.6000] Copyright (c) 2006 Microsoft Corporation. Med enerett. C:\Users\yngve>ipconfig /all Windows IP-konfigurasjon Vertsnavn . . . . . . . . . . . : yngve-laptop Primær DNS-suffiks . . . . . . . : Nodetype . . . . . . . . . . . . : Hybrid IP-ruting aktivert . . . . . . . : Nei WINS Proxy aktivert . . . . . . . : Nei PPP-kort Nokia 6680 GGSN PH3: Tilkoblingsspesifikt DNS-suffiks : Beskrivelse . . . . . . . . . . : Nokia 6680 GGSN PH3 Fysisk adresse . . . . . . . . . : DHCP aktivert . . . . . . . . . . : Nei Automatisk konfigurasjon aktivert : Ja IPv4-adresse. . . . . . . . . . . : 10.59.20.219(Foretrukket) Nettverksmaske . . . . . . . . . .: 255.255.255.255 Standard gateway . . . . . . . . .: 0.0.0.0 DNS-servere . . . . . . . . . . . : 172.28.225.11 172.28.225.11 NetBIOS over Tcpip. . . . . . . . : Deaktivert Ethernet-kort Lokal tilkobling* 7: Medietilstand . . . . . . . . . . : Medium frakoblet Tilkoblingsspesifikt DNS-suffiks : Beskrivelse . . . . . . . . . . : Check Point Virtual Network Adapter For ecureClient Fysisk adresse . . . . . . . . . : 54-18-B8-39-0E-0E DHCP aktivert . . . . . . . . . . : Ja Automatisk konfigurasjon aktivert : Ja Trådløst LAN-kort Trådløs nettverkstilkobling: Medietilstand . . . . . . . . . . : Medium frakoblet Tilkoblingsspesifikt DNS-suffiks : domain.actdsltmp Beskrivelse . . . . . . . . . . : Intel(R) PRO/Wireless 3945ABG Network Co nection Fysisk adresse . . . . . . . . . : 00-1B-77-B5-C7-61 DHCP aktivert . . . . . . . . . . : Ja Automatisk konfigurasjon aktivert : Ja Ethernet-kort Lokal tilkobling: Medietilstand . . . . . . . . . . : Medium frakoblet Tilkoblingsspesifikt DNS-suffiks : Beskrivelse . . . . . . . . . . : Broadcom NetLink (TM) Fast Ethernet Fysisk adresse . . . . . . . . . : 00-15-C5-7E-BB-7F DHCP aktivert . . . . . . . . . . : Ja Automatisk konfigurasjon aktivert : Ja Tunnelkort Lokal tilkobling*: Medietilstand . . . . . . . . . . : Medium frakoblet Tilkoblingsspesifikt DNS-suffiks : Beskrivelse . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Fysisk adresse . . . . . . . . . : 02-00-54-55-4E-01 DHCP aktivert . . . . . . . . . . : Nei Automatisk konfigurasjon aktivert : Ja Tunnelkort Lokal tilkobling* 9: Medietilstand . . . . . . . . . . : Medium frakoblet Tilkoblingsspesifikt DNS-suffiks : Beskrivelse . . . . . . . . . . : 6TO4 Adapter Fysisk adresse . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktivert . . . . . . . . . . : Nei Automatisk konfigurasjon aktivert : Ja Tunnelkort Lokal tilkobling* 10: Medietilstand . . . . . . . . . . : Medium frakoblet Tilkoblingsspesifikt DNS-suffiks : Beskrivelse . . . . . . . . . . : 6TO4 Adapter Fysisk adresse . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktivert . . . . . . . . . . : Nei Automatisk konfigurasjon aktivert : Ja C:\Users\yngve> Regards, Sameer - Original Message From: Gianluca Varenni <[EMAIL PROTECTED]> To: Developer support list for Wireshark Sent: Wednesday, November 7, 2007 4:16:38 PM Subject: Re: [Wireshark-dev] Missing Interface Name on Windows Vista forwireshark I think that those interfaces are exported as dialup connections. Under Vista WinPcap does *not* support dialup-like interfaces. Can you please post the output of ipconfig -a? Thanks GV - Original Message - From: <[EMAIL PROTECTED]> To: Sent: Wednesday, November 07, 2007 5:32 AM Subject: [Wireshark-dev] Missing Interface Name on Windows Vista forwireshark > Hi, > > I intend to use Wireshark to capture packets on a network interface that > is basically a USB connected mobile device, the latter acts as a modem. > The Operating System I am using is Windows Vista. > > When I open the Wireshark Capture option it does not list the network > interface connected to the Mobile device and hence I cannot capture any > packets on that specific interface. > > When I do an ipconfig –a option on the Command prompt I can see a IP > address allocated to my workstation with some other requisite entries. I > can even browse through on the web whilst connected through the modem.. > > Can someone suggest a way in which I can see the network Interface in my > capture Screen of wireshark on Windows Vista? > > Has anyone else encountered this problem earlier or have I missed out on > anything? > > This problem definitely does not arise when using Wireshark on Windows XP. > I have encountered this problem using 2 different mobile devices Samsung > and Nokia. > >
Re: [Wireshark-dev] Startup speed up - assembler usage
Kukosa, Tomas wrote: > E.g. I was able (with about 80 lines in assembler) to reduce time > spent in libwireshark.dll during startup from cca 2600ms to 1300ms on my PC. Which code did you change from C to assembler to get that speedup? ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] 0.99.7 release?
Ulf Lamping wrote: > Gerald Combs schrieb: > >>It's been a while since 0.99.6 was released (Holy crap! July 5!), so it would >>probably be a good idea to push 0.99.7 out the door. I'd like to make a >>prerelease on the 19th or 20th, with a final release a week later. >> > > I had the same idea recently. > > Things that probably need a fix before: > > - buildbot is unhappy (make it happy again somehow) > - SNMP changes finished? I build HEAD yesterday on Windows (MSVC2005). If I include RFC1213-MIB, required to import various Microsoft MIBs, it segfaults in oids.c at line 574. If I don't include RFC1213-MIB it generates an error about the MIB being missing, but at least it runs. If I run in under the MSVC debugger some of the time it works with RFC1213-MIB present, some time it doesn't. I've run smilint against all the M$ MIBs and fixed all the "errors", event the cosmetic ones, and it still segfaults. -- There's no point in being grown up if you can't be childish sometimes. -- Dr. Who ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev