[Wireshark-dev] Outstanding issues for 0.99.7
The 0.99.7 section in http://wiki.wireshark.org/Development/Roadmap lists two outstanding items for 0.99.7: - Add "PortableApps" (Windows USB stick) package to website - Items marked with {1} in the TODO list of Development/SNMP I'll work on the PortableApps updates in the next day or so. How do the outstanding items in Development/SNMP affect users? Is it a matter of a few missing PIBs in the distribution, or is it something more severe? ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Interpreting ethernet trailers
>On Tue, Dec 11, 2007 at 01:09:21PM -0800, Benn Bollay wrote: >> I'm trying to write a dissector for ethernet trailers. It seems like >> the ideal way would be to hook the existing ethernet dissector and >> have it call my dissector, however I can't figure out any way of doing >> this on the existence of the trailer that doesn't require manipulating >> packet-eth.c (I was hoping for a plugin). I was looking at doing this >> as a postdissector, but then I would have to parse the relevent >> headers to determine where the end of the "proper" packet lay, which >> seemed like a lot of unnecessary duplicate work. > > The Ethernet dissector already handles the display of Ethernet trailers > when it can guess that they are present based on comparing the size of > the packet to the minimum packet size of Ethernet. The current > functionality highlights the trailer bytes when selecting the Ethernet > dissector and displays them under the Ethernet dissector's tree. Is > there something more you're looking to do? I think it does a little more then that, since it correctly identifies the location of trailers even on full MTU sized packets it must therefor have some idea where the IP packet ends. The actual use case involves some data I'm throwing in the trailer for internal testing, and I'd like to dissect it within wireshark itself. We have a modified tcpdump that does this behavior, but I'd love to have a plugin for wireshark. Cheers, --Benn ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Interpreting ethernet trailers
On Tue, Dec 11, 2007 at 01:09:21PM -0800, Benn Bollay wrote: > I'm trying to write a dissector for ethernet trailers. It seems like > the ideal way would be to hook the existing ethernet dissector and > have it call my dissector, however I can't figure out any way of doing > this on the existence of the trailer that doesn't require manipulating > packet-eth.c (I was hoping for a plugin). I was looking at doing this > as a postdissector, but then I would have to parse the relevent > headers to determine where the end of the "proper" packet lay, which > seemed like a lot of unnecessary duplicate work. The Ethernet dissector already handles the display of Ethernet trailers when it can guess that they are present based on comparing the size of the packet to the minimum packet size of Ethernet. The current functionality highlights the trailer bytes when selecting the Ethernet dissector and displays them under the Ethernet dissector's tree. Is there something more you're looking to do? Steve ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Installation error in wireshark-0.99.6
[EMAIL PROTECTED] wrote: > */usr/bin/install: reading `.libs/libwireshark.so.0.0.1': Input/output > error* > > * * > > Can anybody please help? Is the directory in which you're compiling Wireshark located on a local disk on the machine on which you're compiling Wireshark, or on a file server? If it's on a local disk, is that disk having any problems? If it's on a file server, is any disk on the file server having problems? "Input/output error" is EIO, which usually means that an I/O error occurred, for example a read error on a disk. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Interpreting ethernet trailers
Hello all -- I'm trying to write a dissector for ethernet trailers. It seems like the ideal way would be to hook the existing ethernet dissector and have it call my dissector, however I can't figure out any way of doing this on the existence of the trailer that doesn't require manipulating packet-eth.c (I was hoping for a plugin). I was looking at doing this as a postdissector, but then I would have to parse the relevent headers to determine where the end of the "proper" packet lay, which seemed like a lot of unnecessary duplicate work. Any comments or suggestions? Cheers, --B ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Compilation failure: cannot open include file: 'hmac.h' (packet-isakmp.c) / 'des.h' (packet-kerberos.c)
Mine was defined, not even sure why. Without it, it compiles fine - thanks. I've filed http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2089 about this issue. Perhaps the bug is that nettle is not brought by the 'nmake ... setup' command? On Dec 11, 2007 10:02 AM, Stephen Fisher <[EMAIL PROTECTED]> wrote: > On Tue, Dec 11, 2007 at 09:01:13AM +0200, Kaul wrote: > > > Thanks, I've tried that, but it didn't help. Can you tell me where > > your hmac.h and/or des.h files are located? > > I actually don't seem to have those files. Notice that they're included > in packet-isakmp.c / packet-kerberos.c within a #ifdef HAVE_LIBNETTLE > block. My c:\wireshark\config.h does NOT hav e HAVE_LIBNETTLE defined. > Does yours? > > > Steve > > ___ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-dev > ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Compilation failure: cannot open include file: 'hmac.h' (packet-isakmp.c) / 'des.h' (packet-kerberos.c)
On Tue, Dec 11, 2007 at 09:01:13AM +0200, Kaul wrote: > Thanks, I've tried that, but it didn't help. Can you tell me where > your hmac.h and/or des.h files are located? I actually don't seem to have those files. Notice that they're included in packet-isakmp.c / packet-kerberos.c within a #ifdef HAVE_LIBNETTLE block. My c:\wireshark\config.h does NOT hav e HAVE_LIBNETTLE defined. Does yours? Steve ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev