[Wireshark-dev] new dissector / redback lawful intercept packet

2008-02-27 Thread Florian Lohoff 

Hi,
here a new dissector for the RedBack Smartedge Lawful Intercept packet format.

Flo
-- 
Florian Lohoff  [EMAIL PROTECTED] +49-171-2280134
Those who would give up a little freedom to get a little 
  security shall soon have neither - Benjamin Franklin
Index: epan/dissectors/Makefile.common
===
--- epan/dissectors/Makefile.common	(revision 24458)
+++ epan/dissectors/Makefile.common	(working copy)
@@ -626,6 +626,7 @@
 	packet-rdm.c		\
 	packet-rdt.c		\
 	packet-redback.c 	\
+	packet-redbackli.c 	\
 	packet-retix-bpdu.c 	\
 	packet-rgmp.c		\
 	packet-rip.c		\
Index: epan/dissectors/packet-redbackli.c
===
--- epan/dissectors/packet-redbackli.c	(revision 0)
+++ epan/dissectors/packet-redbackli.c	(revision 0)
@@ -0,0 +1,222 @@
+/* packet-redbackli.c
+ *
+ * Redback Lawful Intercept Packet dissector
+ *
+ * Copyright 2008 Florian Lohoff [EMAIL PROTECTED]
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include config.h
+#endif
+
+#include stdio.h
+#include stdlib.h
+#include ctype.h
+#include time.h
+#include string.h
+
+#include glib.h
+#include epan/packet.h
+#include epan/addr_resolv.h
+#include epan/prefs.h
+#include epan/strutil.h
+
+#define UDP_PORT_RBLI 4000
+
+void proto_reg_handoff_redbackli(void);
+static int proto_redbackli = -1;
+
+static int hf_redbackli_seqno = -1;		/* Sequence No */
+static int hf_redbackli_liid = -1;		/* LI Id */
+static int hf_redbackli_sessid = -1;		/* Session Id */
+static int hf_redbackli_label = -1;		/* Label */
+static int hf_redbackli_eohpad = -1;		/* End Of Header Padding */
+static int hf_redbackli_unknownavp = -1;	/* Unknown AVP */
+
+static int ett_redbackli = -1;
+
+static guint global_udp_port_redbackli = UDP_PORT_RBLI;
+static guint udp_port_redbackli = UDP_PORT_RBLI;
+
+static dissector_handle_t ip_handle;
+
+#define RB_AVP_SEQNO	1
+#define RB_AVP_LIID	2
+#define RB_AVP_SESSID	3
+#define RB_AVP_LABEL	20
+#define RB_AVP_EOH	0
+
+static const value_string avp_names[] = {
+	{RB_AVP_SEQNO,		Sequence No},
+	{RB_AVP_LIID,		Lawful Intercept Id},
+	{RB_AVP_SESSID,		Session Id},
+	{RB_AVP_LABEL,		Label},
+	{RB_AVP_EOH,		End Of Header},
+	{0,			NULL},
+};
+
+static int dissect_redbackli_avp(guint8 avptype, guint8 avplen, tvbuff_t *tvb, gint offset, proto_tree *t) {
+	guint32		avpintval;
+	char		*avpcharval;
+	const char	*avpname;
+	proto_tree	*ti, *st=NULL;
+
+	avpname=val_to_str(avptype, avp_names, Unknown);
+
+	if (t) {
+		ti = proto_tree_add_text(t, tvb, offset, avplen+2, %s AVP, avpname);
+		st = proto_item_add_subtree(ti, ett_redbackli);
+
+		proto_tree_add_text(st, tvb, offset, 1, AVP Type: %d, avptype);
+		proto_tree_add_text(st, tvb, offset+1, 1, AVP Length: %d, avplen);
+	}
+
+	switch(avptype) {
+		case(RB_AVP_SEQNO):
+			avpintval=tvb_get_ntohl(tvb, offset+2);
+			if (t)
+proto_tree_add_uint(st, hf_redbackli_seqno, tvb,
+	offset+2, avplen, avpintval);
+			break;
+		case(RB_AVP_LIID):
+			avpintval=tvb_get_ntohl(tvb, offset+2);
+			if (t)
+proto_tree_add_uint(st, hf_redbackli_liid, tvb,
+	offset+2, avplen, avpintval);
+			break;
+		case(RB_AVP_SESSID):
+			avpintval=tvb_get_ntohl(tvb, offset+2);
+			if (t)
+proto_tree_add_uint(st, hf_redbackli_sessid, tvb,
+	offset+2, avplen, avpintval);
+			break;
+		case(RB_AVP_LABEL):
+			avpcharval=tvb_get_string(tvb, offset+2, avplen);
+			if (t)
+proto_tree_add_string(st, hf_redbackli_label, tvb,
+	offset+2, avplen, avpcharval);
+			break;
+		case(RB_AVP_EOH):
+			if (t  avplen)
+proto_tree_add_item(st, hf_redbackli_eohpad, tvb,
+	offset+2, avplen, FALSE);
+			return 1;
+		default:
+			if (t  avplen)
+proto_tree_add_item(st, hf_redbackli_unknownavp, tvb,
+	offset+2, avplen, FALSE);
+			return 0;
+
+	}
+
+	return 0;
+}
+
+static void dissect_redbackli(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+	guint8		avptype, avplen;
+	gint		len, offset=0, eoh=0;
+	proto_tree	*ti, *redbackli_tree=NULL;
+	tvbuff_t	*next_tvb;
+
+	if(check_col(pinfo-cinfo,COL_PROTOCOL)){
+		col_add_str(pinfo-cinfo,COL_PROTOCOL,RBLI);
+	}
+
+	if (tree) {
+		ti = proto_tree_add_item(tree, proto_redbackli,
+tvb, 0, -1, FALSE);
+

[Wireshark-dev] Problems in building wireshark

2008-02-27 Thread chandra.kotikalapudi 
Hi,



When I was trying to build wirehark 0.99.7 on windows 2000 professional
, I got the following errors(nmake -f Makefile all).



1)  NMAKE:fatal error U1077 : C:\Program files\microsoft visual
studio\VC98\Bin\cl.exe return code '0X2'



Stop.



2) NMAKE:fatal error U1077 : C:\Program files\microsoft visual
studio\VC98\Bin\nmake.exe return code '0X2'



Stop.





I am using Microsoft visual studio 6.0.



Some one please help me.



Thanks and regards.

Chandra.


The information contained in this electronic message and any attachments to 
this message are intended for the exclusive use of the addressee(s) and may 
contain proprietary, confidential or privileged information. If you are not the 
intended recipient, you should not disseminate, distribute or copy this e-mail. 
Please notify the sender immediately and destroy all copies of this message and 
any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should 
check this email and any attachments for the presence of viruses. The company 
accepts no liability for any damage caused by any virus transmitted by this 
email.

www.wipro.com

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] Error compiling a custom dll plugin for Wireshark0.99.7

2008-02-27 Thread A Verma 
 Hi,
*I am trying to create a dll called xxx.dll in plugings/xxx folder in
wireshark source code folder.*
*I executed the following commands:*
**

*C:\wireshark\plugins\xxxnmake -f Makefile.nmake distclean*

Output:

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

Copyright (C) Microsoft Corporation.  All rights reserved.



rm -f packet-xxx.obj  plugin.obj xxx.res plugin.c *.pdb  xxx.dll
xxx.dll  .manifest
xxx.lib  xxx.exp xxx.rc



*C:\wireshark\plugins\xxxnmake -f Makefile.nmake all*

Output:

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

Copyright (C) Microsoft Corporation.  All rights reserved.



Making plugin.c (using python)

sed -e s/@PLUGIN_NAME@/xxx/  -e s/@RC_MODULE_VERSION@/0,99,8,0/  -e
s/@R

C_VERSION@/0,99,8/  -e s/@MODULE_VERSION@/0.99.8.0/  -e s/@PACKAGE@/xxx/  -e
s/@

VERSION@/0.99.8-xxx-yyy-01/  -e s/@MSVC_VARIANT@/MSVC2005EE/  
plugin.rc.in 

 xxx.rc

rc  /r xxx.rc

cl /DHAVE_WIN32_LIBWIRESHARK_LIB /D_NEED_VAR_IMPORT_ /WX
/DHAVE_CONFIG_H

 /I../.. /I../../wiretap /IC:\wireshark-win32-libs\glib\include\glib-2.0
/IC:\w

ireshark-win32-libs\glib\lib\glib-2.0\include
/IC:\wireshark-win32-libs\WPdpack

\include -D_U_= /Zi /W3 /MD /D_CRT_SECURE_NO_DEPRECATE
/D_CRT_NONSTDC_NO_DEPRE

CATE /DMSC_VER_REQUIRED=1400 -Fd.\ -c packet-xxx.c plugin.c

Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50727.762 for
80x86



Copyright (C) Microsoft Corporation.  All rights reserved.



packet-xxx.c

C:\wireshark\epan/ftypes/ftypes-int.h(30) : fatal error C1083: Cannot open
include file: 'pcre.h': No such file or directory

plugin.c

Generating Code...

NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\cl.EXE' : return code '0x2'

Stop.



 pcre.h file is present at path:

C:\wireshark-win32-libs\pcre-6.4\include



So why is the eoor being generated. Can someone please help me.

Thanks for your time!


thanks  regards,
Ash
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Problems in building wireshark

2008-02-27 Thread Graham Bloice 
[EMAIL PROTECTED] wrote:

 Hi,

  

 When I was trying to build wirehark 0.99.7 on windows 2000 
 professional , I got the following errors(nmake –f Makefile all).

  

 1)  NMAKE:fatal error U1077 : C:\Program files\microsoft visual 
 studio\VC98\Bin\cl.exe return code ‘0X2’

  

 Stop.

  

 2) NMAKE:fatal error U1077 : C:\Program files\microsoft visual 
 studio\VC98\Bin\nmake.exe return code ‘0X2’

  

 Stop.

  

  

 I am using Microsoft visual studio 6.0.

  

 Some one please help me.

  

To allow us to help you, you'll need to provide us with the lines of 
output leading up to the error.

-- 
Regards,

Graham Bloice

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] new dissector / redback lawful intercept packet

2008-02-27 Thread Abhik Sarkar 
Hello Flo,

I think you need to follow this procedure to submit your dissector:
http://www.wireshark.org/docs/wsdg_html/#ChSrcSend

Best regards,
Abhik.

On Wed, Feb 27, 2008 at 2:00 PM, Florian Lohoff [EMAIL PROTECTED] wrote:

  Hi,
  here a new dissector for the RedBack Smartedge Lawful Intercept packet 
 format.

  Flo
  --
  Florian Lohoff  [EMAIL PROTECTED] +49-171-2280134
 Those who would give up a little freedom to get a little
   security shall soon have neither - Benjamin Franklin

 -BEGIN PGP SIGNATURE-
  Version: GnuPG v1.4.6 (GNU/Linux)

  iD8DBQFHxTTZUaz2rXW+gJcRAoxMAJ0SD1awbMGqIrvU0Ts+88vYbaW+WQCdFc33
  3zi01ekmYhh/WtIjEeVJvqI=
  =+hDb
  -END PGP SIGNATURE-

 ___
  Wireshark-dev mailing list
  Wireshark-dev@wireshark.org
  http://www.wireshark.org/mailman/listinfo/wireshark-dev


___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] Error compiling a custom dll plugin for Wireshark0.99.7

2008-02-27 Thread A Verma 
Hi,
*I am trying to create a dll called xxx.dll in plugings/xxx folder in
wireshark source code folder.*
*I executed the following commands:*
**

*C:\wireshark\plugins\xxxnmake -f Makefile.nmake distclean*

Output:

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

Copyright (C) Microsoft Corporation.  All rights reserved.



rm -f packet-xxx.obj  plugin.obj xxx.res plugin.c *.pdb  xxx.dll
xxx.dll  .manifest
xxx.lib  xxx.exp xxx.rc



*C:\wireshark\plugins\xxxnmake -f Makefile.nmake all*

Output:

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

Copyright (C) Microsoft Corporation.  All rights reserved.



Making plugin.c (using python)

sed -e s/@PLUGIN_NAME@/xxx/  -e s/@RC_MODULE_VERSION@/0,99,8,0/  -e
s/@R

C_VERSION@/0,99,8/  -e s/@MODULE_VERSION@/0.99.8.0/  -e s/@PACKAGE@/xxx/  -e
s/@

VERSION@/0.99.8-xxx-yyy-01/  -e s/@MSVC_VARIANT@/MSVC2005EE/  
plugin.rc.in 

 xxx.rc

rc  /r xxx.rc

cl /DHAVE_WIN32_LIBWIRESHARK_LIB /D_NEED_VAR_IMPORT_ /WX
/DHAVE_CONFIG_H

 /I../.. /I../../wiretap /IC:\wireshark-win32-libs\glib\include\glib-2.0
/IC:\w

ireshark-win32-libs\glib\lib\glib-2.0\include
/IC:\wireshark-win32-libs\WPdpack

\include -D_U_= /Zi /W3 /MD /D_CRT_SECURE_NO_DEPRECATE
/D_CRT_NONSTDC_NO_DEPRE

CATE /DMSC_VER_REQUIRED=1400 -Fd.\ -c packet-xxx.c plugin.c

Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50727.762 for
80x86



Copyright (C) Microsoft Corporation.  All rights reserved.



packet-xxx.c

C:\wireshark\epan/ftypes/ftypes-int.h(30) : fatal error C1083: Cannot open
include file: 'pcre.h': No such file or directory

plugin.c

Generating Code...

NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\cl.EXE' : return code '0x2'

Stop.



 pcre.h file is present at path:

C:\wireshark-win32-libs\pcre-6.4\include



So why is the eoor being generated. Can someone please help me.

Thanks for your time!


thanks  regards,
Ash
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] please fix your scripts and makefile script fragments!

2008-02-27 Thread Greg A. Woods 
Please fix your scripts and makefile script fragments!

Note the following well known behaviour of test(1):

09:02 [252] $ if test -n ; then echo true; else echo false; fi
true
09:02 [253] $ if test -n ; then echo true; else echo false; fi
false
09:02 [254] $ if test -n blah; then echo true; else echo false; fi
true
09:02 [255] $ 

As a result not that patches such as the following are necessary for
_ALL_ of the plugins makefiles, at least as of 0.99.7:

--- plugins/ethercat/Makefile.am.orig   Mon Dec 17 20:14:47 2007
+++ plugins/ethercat/Makefile.amWed Feb 27 08:57:33 2008
@@ -81,7 +81,7 @@ LIBS =
 #
 plugin.c: $(DISSECTOR_SRC) $(top_srcdir)/tools/make-dissector-reg \
 $(top_srcdir)/tools/make-dissector-reg.py
-   @if test -n $(PYTHON); then \
+   @if test -n $(PYTHON); then \
echo Making plugin.c with python ; \
$(PYTHON) $(top_srcdir)/tools/make-dissector-reg.py $(srcdir) \
plugin $(DISSECTOR_SRC) ; \



-- 
Greg A. Woods

H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack [EMAIL PROTECTED]
Planix, Inc. [EMAIL PROTECTED]   Secrets of the Weird [EMAIL PROTECTED]


pgp1NxoosK47Q.pgp
Description: PGP signature
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Error compiling a custom dll plugin forWireshark0.99.7

2008-02-27 Thread Anders Broman 
Hi,

You may have to run the setup target PCRE was recently updated to 7.0.

Regards

Anders

 

   _  

Från: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] För A Verma
Skickat: den 27 februari 2008 11:48
Till: wireshark-dev@wireshark.org
Ämne: [Wireshark-dev] Error compiling a custom dll plugin forWireshark0.99.7

 

Hi,

I am trying to create a dll called xxx.dll in plugings/xxx folder in
wireshark source code folder.

I executed the following commands:

 

C:\wireshark\plugins\xxxnmake -f Makefile.nmake distclean

Output: 

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

Copyright (C) Microsoft Corporation.  All rights reserved.

 

rm -f packet-xxx.obj  plugin.obj xxx.res plugin.c *.pdb  xxx.dll xxx.dll
.manifest xxx.lib  xxx.exp xxx.rc

 

C:\wireshark\plugins\xxxnmake -f Makefile.nmake all

Output: 

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

Copyright (C) Microsoft Corporation.  All rights reserved.

 

Making plugin.c (using python)

sed -e HYPERLINK mailto:s/@PLUGIN_NAME@/xxx/s/@PLUGIN_NAME@/xxx/
-e s/@RC_MODULE_VERSION@/0,99,8,0/  -e s/@R

C_VERSION@/0,99,8/  -e s/@MODULE_VERSION@/0.99.8.0/  -e HYPERLINK
mailto:s/@PACKAGE@/xxx/s/@PACKAGE@/xxx/  -e s/@

VERSION@/0.99.8-xxx-yyy-01/  -e s/@MSVC_VARIANT@/MSVC2005EE/   HYPERLINK
http://plugin.rc.inplugin.rc.in 

 xxx.rc

rc  /r xxx.rc

cl /DHAVE_WIN32_LIBWIRESHARK_LIB /D_NEED_VAR_IMPORT_ /WX
/DHAVE_CONFIG_H

 /I../.. /I../../wiretap /IC:\wireshark-win32-libs\glib\include\glib-2.0
/IC:\w

ireshark-win32-libs\glib\lib\glib-2.0\include
/IC:\wireshark-win32-libs\WPdpack

\include -D_U_= /Zi /W3 /MD /D_CRT_SECURE_NO_DEPRECATE
/D_CRT_NONSTDC_NO_DEPRE

CATE /DMSC_VER_REQUIRED=1400 -Fd.\ -c packet-xxx.c plugin.c

Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50727.762 for
80x86

 

Copyright (C) Microsoft Corporation.  All rights reserved.

 

packet-xxx.c

C:\wireshark\epan/ftypes/ftypes-int.h(30) : fatal error C1083: Cannot open
include file: 'pcre.h': No such file or directory

plugin.c

Generating Code...

NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\cl.EXE' : return code '0x2'

Stop.

  

 pcre.h file is present at path:

C:\wireshark-win32-libs\pcre-6.4\include

 

So why is the eoor being generated. Can someone please help me.

Thanks for your time!

 

thanks  regards,

Ash

 

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date: 2008-02-27
08:35


No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date: 2008-02-27
08:35
 
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] please fix your scripts and makefile script fragments!

2008-02-27 Thread Stig Bjørlykke 
On 27. feb.. 2008, at 15.34, Greg A. Woods wrote:

 Please fix your scripts and makefile script fragments!


Committed revision 24488.
Thank you.


-- 
Stig Bjørlykke


___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Error compiling a custom dll plugin forWireshark0.99.7

2008-02-27 Thread A Verma 
Hi,
Thanks for your help.
Can you please let me what do I need to do exactly. I didn't quite fully
understand your answer.

Thanks so much.

regards,
Ash


On 2/27/08, Anders Broman [EMAIL PROTECTED] wrote:

  Hi,

 You may have to run the setup target PCRE was recently updated to 7.0.

 Regards

 Anders


  --

 *Från:* [EMAIL PROTECTED] [mailto:
 [EMAIL PROTECTED] *För *A Verma
 *Skickat:* den 27 februari 2008 11:48
 *Till:* wireshark-dev@wireshark.org
 *Ämne:* [Wireshark-dev] Error compiling a custom dll plugin
 forWireshark0.99.7



 Hi,

 *I am trying to create a dll called xxx.dll in plugings/xxx folder in
 wireshark source code folder.*

 *I executed the following commands:*



 *C:\wireshark\plugins\xxxnmake -f Makefile.nmake distclean*

 Output:

 Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

 Copyright (C) Microsoft Corporation.  All rights reserved.



 rm -f packet-xxx.obj  plugin.obj xxx.res plugin.c *.pdb  xxx.dll xxx.dll  
 .manifest
 xxx.lib  xxx.exp xxx.rc



 *C:\wireshark\plugins\xxxnmake -f Makefile.nmake all*

 Output:

 Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

 Copyright (C) Microsoft Corporation.  All rights reserved.



 Making plugin.c (using python)

 sed -e s/@PLUGIN_NAME@/xxx/  -e s/@RC_MODULE_VERSION@/0,99,8,0/
 -e s/@R

 C_VERSION@/0,99,8/  -e s/@MODULE_VERSION@/0.99.8.0/  -e s/@PACKAGE@/xxx/
 -e s/@

 VERSION@/0.99.8-xxx-yyy-01/  -e s/@MSVC_VARIANT@/MSVC2005EE/  
 plugin.rc.in 

  xxx.rc

 rc  /r xxx.rc

 cl /DHAVE_WIN32_LIBWIRESHARK_LIB /D_NEED_VAR_IMPORT_ /WX
 /DHAVE_CONFIG_H

  /I../.. /I../../wiretap /IC:\wireshark-win32-libs\glib\include\glib-2.0
 /IC:\w

 ireshark-win32-libs\glib\lib\glib-2.0\include
 /IC:\wireshark-win32-libs\WPdpack

 \include -D_U_= /Zi /W3 /MD /D_CRT_SECURE_NO_DEPRECATE
 /D_CRT_NONSTDC_NO_DEPRE

 CATE /DMSC_VER_REQUIRED=1400 -Fd.\ -c packet-xxx.c plugin.c

 Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50727.762 for
 80x86



 Copyright (C) Microsoft Corporation.  All rights reserved.



 packet-xxx.c

 C:\wireshark\epan/ftypes/ftypes-int.h(30) : fatal error C1083: Cannot open
 include file: 'pcre.h': No such file or directory

 plugin.c

 Generating Code...

 NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
 8\VC\BIN\cl.EXE' : return code '0x2'

 Stop.



  pcre.h file is present at path:

 C:\wireshark-win32-libs\pcre-6.4\include



 So why is the eoor being generated. Can someone please help me.

 Thanks for your time!



 thanks  regards,

 Ash



 No virus found in this incoming message.
 Checked by AVG Free Edition.
 Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date:
 2008-02-27 08:35

 No virus found in this outgoing message.
 Checked by AVG Free Edition.
 Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date:
 2008-02-27 08:35

 ___
 Wireshark-dev mailing list
 Wireshark-dev@wireshark.org
 http://www.wireshark.org/mailman/listinfo/wireshark-dev


___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Error compiling a custom dll plugin forWireshark0.99.7

2008-02-27 Thread Anders Broman 
Hi,

Run make –f makefile.nmake setup

To download all the latest packages

 

pcre.h file is present at path:

C:\wireshark-win32-libs\pcre-6.4\include

This have changed to 

C:\wireshark-win32-libs\pcre-7.0\include

With the update of PCRE

Regards

Anders

 

 

   _  

Från: A Verma [mailto:[EMAIL PROTECTED] 
Skickat: den 27 februari 2008 18:29
Till: Developer support list for Wireshark; [EMAIL PROTECTED]
Ämne: Re: [Wireshark-dev] Error compiling a custom dll plugin
forWireshark0.99.7

 

Hi,

Thanks for your help.

Can you please let me what do I need to do exactly. I didn't quite fully
understand your answer.

 

Thanks so much.

 

regards,

Ash

 

On 2/27/08, Anders Broman HYPERLINK
mailto:[EMAIL PROTECTED][EMAIL PROTECTED] wrote: 

Hi,

You may have to run the setup target PCRE was recently updated to 7.0.

Regards

Anders

 

   _  

Från: HYPERLINK mailto:[EMAIL PROTECTED]
[EMAIL PROTECTED] [mailto:HYPERLINK
mailto:[EMAIL PROTECTED]
[EMAIL PROTECTED] För A Verma
Skickat: den 27 februari 2008 11:48
Till: HYPERLINK mailto:wireshark-dev@wireshark.org;
[EMAIL PROTECTED]
Ämne: [Wireshark-dev] Error compiling a custom dll plugin forWireshark0.99.7

 

Hi,

I am trying to create a dll called xxx.dll in plugings/xxx folder in
wireshark source code folder.

I executed the following commands:

 

C:\wireshark\plugins\xxxnmake -f Makefile.nmake distclean

Output: 

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

Copyright (C) Microsoft Corporation.  All rights reserved.

 

rm -f packet-xxx.obj  plugin.obj xxx.res plugin.c *.pdb  xxx.dll xxx.dll
.manifest xxx.lib  xxx.exp xxx.rc

 

C:\wireshark\plugins\xxxnmake -f Makefile.nmake all

Output: 

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

Copyright (C) Microsoft Corporation.  All rights reserved.

 

Making plugin.c (using python)

sed -e HYPERLINK mailto:s/@PLUGIN_NAME@/xxx/;
\ns/@PLUGIN_NAME@/xxx/  -e s/@RC_MODULE_VERSION@/0,99,8,0/  -e s/@R

C_VERSION@/0,99,8/  -e s/@MODULE_VERSION@/0.99.8.0/  -e HYPERLINK
mailto:s/@PACKAGE@/xxx/; \ns/@PACKAGE@/xxx/  -e s/@

VERSION@/0.99.8-xxx-yyy-01/  -e s/@MSVC_VARIANT@/MSVC2005EE/   HYPERLINK
http://plugin.rc.in/; \nplugin.rc.in 

 xxx.rc

rc  /r xxx.rc

cl /DHAVE_WIN32_LIBWIRESHARK_LIB /D_NEED_VAR_IMPORT_ /WX
/DHAVE_CONFIG_H

 /I../.. /I../../wiretap /IC:\wireshark-win32-libs\glib\include\glib-2.0
/IC:\w

ireshark-win32-libs\glib\lib\glib-2.0\include
/IC:\wireshark-win32-libs\WPdpack

\include -D_U_= /Zi /W3 /MD /D_CRT_SECURE_NO_DEPRECATE
/D_CRT_NONSTDC_NO_DEPRE

CATE /DMSC_VER_REQUIRED=1400 -Fd.\ -c packet-xxx.c plugin.c

Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50727.762 for
80x86

 

Copyright (C) Microsoft Corporation.  All rights reserved.

 

packet-xxx.c

C:\wireshark\epan/ftypes/ftypes-int.h(30) : fatal error C1083: Cannot open
include file: 'pcre.h': No such file or directory

plugin.c

Generating Code...

NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\cl.EXE' : return code '0x2'

Stop.

  

 pcre.h file is present at path:

C:\wireshark-win32-libs\pcre-6.4\include

 

So why is the eoor being generated. Can someone please help me.

Thanks for your time!

 

thanks  regards,

Ash

 

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date: 2008-02-27
08:35

 

No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date: 2008-02-27
08:35


___
Wireshark-dev mailing list
HYPERLINK mailto:Wireshark-dev@wireshark.orgWireshark-dev@wireshark.org
HYPERLINK http://www.wireshark.org/mailman/listinfo/wireshark-dev;
\nhttp://www.wireshark.org/mailman/listinfo/wireshark-dev

 

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date: 2008-02-27
08:35


No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date: 2008-02-27
08:35
 
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] [Wireshark-bugs] [Bug 2205] New dissector plugin for Hilscher analyzer frames

2008-02-27 Thread Jeff Morriss 


Sake Blok wrote:
 On Mon, Feb 25, 2008 at 09:27:33PM +, [EMAIL PROTECTED] wrote:
 http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2205

 --- Comment #5 from Stephen Fisher [EMAIL PROTECTED]  2008-02-25 21:27:29 
 GMT ---

 Or should the Ethernet dissector also get a Try heuristic dissectors 
 first?
 preference (defaulted to FALSE)?
 I would hate to do this because it reduces the default functionality of
 Wireshark, but if it is that much slower we should probably do it.
 
 Hmmm... since we now have the nice feature of multiple profiles, would
 it not be an idea to ship Wireshark with a couple of profiles? At least 
 three profiles would be useful:
 
 - Maximum Features, which should have *all* features enabled
 - Maximum Performance, which should have all performance eating
 features and protocols disabled
 - General Usage, which could have all the most used features and
 protocols enabled

That would also help with post-dissectors for obscure protocols which we 
probably want disabled by default.  We discussed one a while ago:

http://www.wireshark.org/lists/wireshark-dev/200706/msg00065.html

which, oops, it looks like the author found a way to disable his 
dissector by default but we never reviewed/committed it.
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Parallel Redundancy Protocol (PRP) dissector

2008-02-27 Thread Jeff Morriss 

Hi Sven,

Sorry this got overlooked.  (That's part of the reason we recently 
changed to putting patches/new dissectors in the bugs database.)

Anyway I have checked in your new dissector in rev 24493 (that will not 
make 0.99.8).  In testing I did find it a bit annoying that the protocol 
disables itself each time it starts up, but until we find a Better Way 
this works without yielding a performance hit for everyone.

Would you mind adding a protocol description page to the Wiki (and put 
your sample capture on the SampleCaptures page--or would you mind if I do)?

Regards,
-Jeff

Meier Sven (msv) wrote:
 Hi
 
 Are there any further comments or wishes on that one?
 If not, could someone add it to the repository? Thanks
 
 Regards
   Sven
 
  ///  |||   |||  ///|||  ///Sven Meier
 ///   |||   ||| /// ||| /// Dipl.Ing. FH Informationstechnologie
///  |||///  |||///  Entwicklungsingenieur IEEE 1588
   ///   ||///   ||///   Institute of Embedded Systems 
  ///  |||   |///|///Raum / Room InES TW 220
 ///   |||   /// /// Postfach 805
 CH-8401 Winterthur
 Switzerland
  
 Zuercher Hochschule Winterthur  Phone :+41 (0)52 267 70 58
 (University of Applied Sciences)Fax   :+41 (0)52 268 70 58
 Mitglied der Zuercher Fachhochschule[EMAIL PROTECTED]
  
 
 -Ursprüngliche Nachricht-
 Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Meier Sven 
 (msv)
 Gesendet: Montag, 11. Juni 2007 11:05
 An: Developer support list for Wireshark
 Betreff: Re: [Wireshark-dev] Parallel Redundancy Protocol (PRP) dissector 
 -now disabled by default
 
 Hi
 
 Finally I found the required function to disable the protocol by default.
 So now the dissector is disabled by default, it can be enabled over the 
 normal enable/disable protocol wizard.
 
 Best regards
   Sven Meier
 
  ///  |||   |||  ///|||  ///Sven Meier
 ///   |||   ||| /// ||| /// Dipl.Ing. FH Informationstechnologie
///  |||///  |||///  Entwicklungsingenieur IEEE 1588
   ///   ||///   ||///   Institute of Embedded Systems 
  ///  |||   |///|///Raum / Room InES TW 220
 ///   |||   /// /// Postfach 805
 CH-8401 Winterthur
 Switzerland
  
 Zuercher Hochschule Winterthur  Phone :+41 (0)52 267 70 58
 (University of Applied Sciences)Fax   :+41 (0)52 268 70 58
 Mitglied der Zuercher Fachhochschule[EMAIL PROTECTED]
  
 
 -Ursprüngliche Nachricht-
 Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Meier Sven 
 (msv)
 Gesendet: Freitag, 1. Juni 2007 10:27
 An: Developer support list for Wireshark
 Betreff: Re: [Wireshark-dev] Parallel Redundancy Protocol (PRP) dissector
 
 The thing is, that not the dissector_add function but the 
 register_postdissector function is the problem. So this dissector is called 
 after all other dissectors independent of port or ethertype. 
 And how can I change values of a dissector at runtime? 
 
 The best solution would be if I could call some function, or set some value, 
 that disables the dissector by default, but that I can enable it by hand over 
 the enable/disable protocol wizard.
 
 In which configuration file are my preferences (which protocols are 
 enabled/disabled) stored anyway? If that file already exists at installation 
 time, we could probably change the entry of the PRP protocol to disabled.
 
 Best regards
   Sven Meier
 
 
  ///  |||   |||  ///|||  ///Sven Meier
 ///   |||   ||| /// ||| /// Dipl.Ing. FH Informationstechnologie
///  |||///  |||///  Entwicklungsingenieur IEEE 1588
   ///   ||///   ||///   Institute of Embedded Systems 
  ///  |||   |///|///Raum / Room InES TW 220
 ///   |||   /// /// Postfach 805
 CH-8401 Winterthur
 Switzerland
  
 Zuercher Hochschule Winterthur  Phone :+41 (0)52 267 70 58
 (University of Applied Sciences)Fax   :+41 (0)52 268 70 58
 Mitglied der Zuercher Fachhochschule[EMAIL PROTECTED]
  
 
 -Ursprüngliche Nachricht-
 Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Stephen Fisher
 Gesendet: Donnerstag, 31. Mai 2007 21:38
 An: Developer support list for Wireshark
 Betreff: Re: [Wireshark-dev] Parallel Redundancy Protocol (PRP) dissector
 
 A common method to disable a dissector is to register it with a 0 value 
 for the port/ethertype and have a preference where this can be changed 
 from a value other than 0.
 
 On Tue, May 29, 2007 at 09:51:30AM +0800, Jeff Morriss wrote:
 Oops, overlooked this one.  Any idea

Re: [Wireshark-dev] Parallel Redundancy Protocol (PRP) dissector

2008-02-27 Thread Jeff Morriss 

I added a preference (defaulted to FALSE) that decides if the protocol 
should be enabled or not in rev 24494.  That way it defaults to disabled 
for most people but if you really want it enabled (enough to change the 
preference) then it will stay that way until you change the preference 
again.

Jeff Morriss wrote:
 
 Hi Sven,
 
 Sorry this got overlooked.  (That's part of the reason we recently 
 changed to putting patches/new dissectors in the bugs database.)
 
 Anyway I have checked in your new dissector in rev 24493 (that will not 
 make 0.99.8).  In testing I did find it a bit annoying that the protocol 
 disables itself each time it starts up, but until we find a Better Way 
 this works without yielding a performance hit for everyone.
 
 Would you mind adding a protocol description page to the Wiki (and put 
 your sample capture on the SampleCaptures page--or would you mind if I do)?
 
 Regards,
 -Jeff
 
 Meier Sven (msv) wrote:
 Hi

 Are there any further comments or wishes on that one?
 If not, could someone add it to the repository? Thanks

 Regards
 Sven

  ///  |||   |||  ///|||  ///Sven Meier
 ///   |||   ||| /// ||| /// Dipl.Ing. FH 
 Informationstechnologie
///  |||///  |||///  Entwicklungsingenieur IEEE 1588
   ///   ||///   ||///   Institute of Embedded Systems 
  ///  |||   |///|///Raum / Room InES TW 220
 ///   |||   /// /// Postfach 805
 CH-8401 Winterthur
 Switzerland
  
 Zuercher Hochschule Winterthur  Phone :+41 (0)52 267 70 58
 (University of Applied Sciences)Fax   :+41 (0)52 268 70 58
 Mitglied der Zuercher Fachhochschule[EMAIL PROTECTED]
  

 -Ursprüngliche Nachricht-
 Von: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] Im Auftrag von Meier Sven 
 (msv)
 Gesendet: Montag, 11. Juni 2007 11:05
 An: Developer support list for Wireshark
 Betreff: Re: [Wireshark-dev] Parallel Redundancy Protocol (PRP) 
 dissector -now disabled by default

 Hi

 Finally I found the required function to disable the protocol by default.
 So now the dissector is disabled by default, it can be enabled over 
 the normal enable/disable protocol wizard.

 Best regards
 Sven Meier

  ///  |||   |||  ///|||  ///Sven Meier
 ///   |||   ||| /// ||| /// Dipl.Ing. FH 
 Informationstechnologie
///  |||///  |||///  Entwicklungsingenieur IEEE 1588
   ///   ||///   ||///   Institute of Embedded Systems 
  ///  |||   |///|///Raum / Room InES TW 220
 ///   |||   /// /// Postfach 805
 CH-8401 Winterthur
 Switzerland
  
 Zuercher Hochschule Winterthur  Phone :+41 (0)52 267 70 58
 (University of Applied Sciences)Fax   :+41 (0)52 268 70 58
 Mitglied der Zuercher Fachhochschule[EMAIL PROTECTED]
  

 -Ursprüngliche Nachricht-
 Von: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] Im Auftrag von Meier Sven 
 (msv)
 Gesendet: Freitag, 1. Juni 2007 10:27
 An: Developer support list for Wireshark
 Betreff: Re: [Wireshark-dev] Parallel Redundancy Protocol (PRP) dissector

 The thing is, that not the dissector_add function but the 
 register_postdissector function is the problem. So this dissector is 
 called after all other dissectors independent of port or ethertype. 
 And how can I change values of a dissector at runtime?
 The best solution would be if I could call some function, or set some 
 value, that disables the dissector by default, but that I can enable 
 it by hand over the enable/disable protocol wizard.

 In which configuration file are my preferences (which protocols are 
 enabled/disabled) stored anyway? If that file already exists at 
 installation time, we could probably change the entry of the PRP 
 protocol to disabled.

 Best regards
 Sven Meier


  ///  |||   |||  ///|||  ///Sven Meier
 ///   |||   ||| /// ||| /// Dipl.Ing. FH 
 Informationstechnologie
///  |||///  |||///  Entwicklungsingenieur IEEE 1588
   ///   ||///   ||///   Institute of Embedded Systems 
  ///  |||   |///|///Raum / Room InES TW 220
 ///   |||   /// /// Postfach 805
 CH-8401 Winterthur
 Switzerland
  
 Zuercher Hochschule Winterthur  Phone :+41 (0)52 267 70 58
 (University of Applied Sciences)Fax   :+41 (0)52 268 70 58
 Mitglied der Zuercher Fachhochschule[EMAIL PROTECTED]
  

 -Ursprüngliche Nachricht-
 Von: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] Im Auftrag von Stephen 
 Fisher
 Gesendet: Donnerstag, 31. Mai 2007 21:38
 An: Developer support list for Wireshark
 Betreff: Re:

[Wireshark-dev] Wireshark 0.99.8 is now available

2008-02-27 Thread Gerald Combs 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I'm proud to announce the release of Wireshark 0.99.8.

Sharkfest Reminder

~   Sharkfest '08 will be held March 31 to April 2 in Los Altos Hills,
~   CA. At Sharkfest you'll have the opportunity to meet many of the
~   people behind Wireshark and WinPcap, and take advantage of the wide
~   variety of courses that will be available. It's an excellent
~   opportunity to learn how to use Wireshark more effectively.

~   In addition to our many talented and knowledgeable presenters, Dr.
~   Vinton Cerf, PhD, Google Vice President and Chief Internet Evangelist
~   will open day 2 of Sharkfest with a talk entitled Non-discriminatory
~   Network Service.

~   For more information on Sharkfest, visit http://www.cacetech.com or
~   send email to [EMAIL PROTECTED]

What is Wireshark?

~   Wireshark is the world's most popular network protocol analyzer.
~   It is used for troubleshooting, analysis, development, and
~   education.

What's New

~  Bug Fixes

~   The following vulnerabilities have been fixed. See the security
~   advisory for details and a workaround.

~ o The SCTP dissector could crash.

~   Versions affected: 0.99.5 to 0.99.7

~ o The SNMP dissector could crash.

~   Versions affected: 0.99.6 to 0.99.7

~ o The TFTP dissector could crash Wireshark on Ubuntu 7.10. (This
~   appears to be a bug in the Cairo library on that platform.)
~   Reported by Noam Rathaus.

~   Versions affected: 0.6.0 to 0.99.7

~   The following bugs have been fixed:

~ o Wireshark could crash when saving I/O graphs.

~ o Wireshark could crash when editing table-based preferences.

~ o Wireshark could crash when trying to play RTP streams.

~ o Wireshark could crash when trying to apply a display filter
~   macro.

~ o Wireshark could crash in Turkish and other locales.

~  New and Updated Features

~   The following features are new (or have been significantly
~   updated) since the last release:

~ o You can now have multiple configuration profiles.

~ o Temporary coloring rules have been added, which let you color
~   or filter on a conversation.

~ o I/O graphs have been improved.

~ o Wireshark now has WLAN traffic statistics.

~ o The Wireshark GUI now supports RPCAP.

~ o Conversations and endpoints can now be limited to the current
~   display filter.

~ o Experimental support for the NTAR/PcapNG file format has been
~   added.

~  New Protocol Support

~   AiroPeek Remote Capture, China Mobile Point to Point, Distributed
~   Lock Manager 3, EUTRAN X2 Application Protocol, Fieldbus
~   Foundation, International Passenger Airline Reservation
~   System/Airline Link Control, Microsoft DirectPlay, Path
~   Computation Element communication Protocol, Real Time Messaging
~   Protocol, S1 Application Protocol, Scripting Service Protocol,
~   Societe Internationale de Telecommunications Aeronautiques, Unisys
~   Transmittal System, Wi-fi Protected Setup

~  Updated Protocol Support

~   3G A11, 3GPP, ACN, ACP133, ALCAP, AMR, ANSI A, ANSI IS-637-A, ANSI
~   MAP, ARP, ASAP, AVS WLAN, BACapp, BER, BOOTP, Bluetooth (HCI ACL,
~   HCI CMD, HCI EVT, HCI SCO, L2CAP, SDP), CDP, CFM, CMS, COPS,
~   Camel, Cisco ERSPAN, DAP, DCERPC SPOOLSS, DCERPC, DHCP, DHCPv6,
~   DIAMETER, DMP, DTLS, E.164, EAP, ENIP, ENRP, EtherCAT, Ethernet,
~   FMP, FTAM, GMRP, GRE, GSM MAP, GSM SMS, GSS-API, GTP, Gryphon,
~   H.223, H.225, H.245, H.263, H.264, H.460, HCI H1, HTTP, ICMP, IEEE
~   802.11, IGMP, IPP, ISAKMP, ISUP, JFIF, JPEG, JXTA, Kerberos, LDAP,
~   MP2T, MS MMS, MTP3MG, NBAP, NFS, NHRP, NetFlow, P7, PER, PIM,
~   PKCS12, PPPoE, PTP, P_Mul, Q.932, Quakeworld, RANAP, RMT ALC, RMT
~   LCT, ROS, RPC, RPL, RRC, RTCP, RTP, SCCP, SCTP, SDP, SLL, SMB,
~   SMB2, SMPP, SMTP, SNMP, SRVLOC, SSL, STUN2, T.38, TCAP, TCP, TFTP,
~   TiVoConnect, UCP, UDP-Lite, USB, VLAN, WBXML, X.411, X.420,
~   X.509if, X.509sat

~  New and Updated Capture File Support

~   Catapult DCT2000, DBS Etherwatch, NTAR/PcapNG, TamoSoft CommView,
~   Visual Networks

Getting Wireshark

~   The source code and Windows installer can be downloaded immediately
~   from http://www.wireshark.org/download/ .

~  Vendor-supplied Packages

~   Most Linux and Unix vendors supply their own Wireshark packages.
~   You can usually install or upgrade Wireshark using the package
~   management system specific to that platform. A list of third-party
~   packages can be found on the download page on the Wireshark web
~   site.

File Locations

~   Wireshark and TShark look in several different locations for
~   preference files, plugins, MIBS, and RADIUS dictionaries. These
~   locations vary from platform to platform. You can use
~   About-Folders to find the default locations on your system.

Known Problems

~   The Filter button is nonfunctional in the file dialogs under
~   Windows. (Bug 942)

Getting Help

~   Community support is available on the

[Wireshark-dev] Fwd: possibility of USB capture on windows

2008-02-27 Thread JoJo jojo 
Hi Gerald,

 what is the current capability of wireshark, with
 capturing all USB traffic on windows.

 Capturing all usb needs to be stressed, not just ethernet over usb.

 currently trying out wireshark as sniffUSB v1.8 or v2.0 don't work
 quite right in all the situations.

 which binaries to try, on windows? is using usbmon necessary on linux ?

 tia

 -JoJo
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] possibility of USB capture on windows

2008-02-27 Thread DePriest, Jason R. 
On Tue, Feb 26, 2008 at 11:56 PM, JoJo jojo  wrote:
 Hi everyone,

  what is the current capability of wireshark, with
  capturing all USB traffic on windows.

  Capturing all usb needs to be stressed, not just ethernet over usb.

  currently trying out wireshark as sniffUSB v1.8 or v2.0 don't work
  quite right in all the situations.

  which binaries to try, on windows? is using usbmon necessary on linux ?

  tia

  -JoJo

Yes, Wireshark can probably capture it:
http://www.wireshark.org/docs/dfref/u/usb.html and
http://wiki.wireshark.org/USB

USB can have poor timestamps:
http://www.wireshark.org/docs/wsug_html_chunked/ChAdvTimestamps.html

Not so good for Windows, better for Linux:
http://wiki.wireshark.org/CaptureSetup/USB

-Jason
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] possibility of USB capture on windows

2008-02-27 Thread Guy Harris 

On Feb 27, 2008, at 6:43 PM, DePriest, Jason R. wrote:

 Yes, Wireshark can probably capture it:
 http://www.wireshark.org/docs/dfref/u/usb.html and

There exist display filter elements for protocol XXX does not imply  
that Wireshark has any ability to capture protocol XXX on any  
particular platform.  It might be able to read capture files from some  
*other* source containing the protocol in question, or it might be  
able to capture it, but not on *your* platform...

 http://wiki.wireshark.org/USB

...and, in fact, that page specifically says at least for the linux  
platform, and doesn't mention Windows, which is the platform about  
which the person who sent the original message asked.

 USB can have poor timestamps:
 http://www.wireshark.org/docs/wsug_html_chunked/ChAdvTimestamps.html

That page says

USB connected network adapters often provide a very bad time stamp  
accuracy. The incoming packets have to take a long and winding road  
to travel through the USB cable until they actually reach the kernel.  
As the incoming packets are time stamped when they are processed by  
the kernel, this time stamping mechanism becomes very inaccurate.

It's not referring there to capturing raw USB messages; instead, it's  
referring to capturing network traffic on USB network adapters, as  
opposed to capturing on network adapters connected to the main  
peripheral bus (e.g., PCI) or to a bus more directly attached to that  
bus (e.g., PC Card or CardBus).  That's the just ethernet over usb  
in Capturing all usb needs to be stressed, not just ethernet over usb.

 Not so good for Windows, better for Linux:
 http://wiki.wireshark.org/CaptureSetup/USB

...where not so good translates as not at all, when using Wireshark:

You cannot capture raw USB traffic on Windows with Wireshark/WinPcap.

It then refers you to the Tools page, but that only refers you to some  
separate tools that can be used to capture USB traffic.  Those might  
work better than SniffUSB - or might not.
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Error compiling a custom dll plugin forWireshark0.99.7

2008-02-27 Thread A Verma 
Hi,
Thanks!
Even after I executed the command 'make –f makefile.nmake setup' , the pcre
version remains the same that it was earlier that is 6.4.
what do I do? Pls suggest.

regards
Ash


On 2/27/08, Anders Broman [EMAIL PROTECTED] wrote:

  Hi,

 Run make –f makefile.nmake setup

 To download all the latest packages



 pcre.h file is present at path:

 C:\wireshark-win32-libs\pcre-6.4\include

 This have changed to

 C:\wireshark-win32-libs\pcre-7.0\include

 With the update of PCRE

 Regards

 Anders




  --

 *Från:* A Verma [mailto:[EMAIL PROTECTED]
 *Skickat:* den 27 februari 2008 18:29
 *Till:* Developer support list for Wireshark; [EMAIL PROTECTED]
 *Ämne:* Re: [Wireshark-dev] Error compiling a custom dll plugin
 forWireshark0.99.7



 Hi,

 Thanks for your help.

 Can you please let me what do I need to do exactly. I didn't quite fully
 understand your answer.



 Thanks so much.



 regards,

 Ash



 On 2/27/08, *Anders Broman* [EMAIL PROTECTED] wrote:

 Hi,

 You may have to run the setup target PCRE was recently updated to 7.0.

 Regards

 Anders


  --

 *Från:* [EMAIL PROTECTED] [mailto:
 [EMAIL PROTECTED] *För *A Verma
 *Skickat:* den 27 februari 2008 11:48
 *Till:* wireshark-dev@wireshark.org
 *Ämne:* [Wireshark-dev] Error compiling a custom dll plugin
 forWireshark0.99.7



 Hi,

 *I am trying to create a dll called xxx.dll in plugings/xxx folder in
 wireshark source code folder.*

 *I executed the following commands:*



 *C:\wireshark\plugins\xxxnmake -f Makefile.nmake distclean*

 Output:

 Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

 Copyright (C) Microsoft Corporation.  All rights reserved.



 rm -f packet-xxx.obj  plugin.obj xxx.res plugin.c *.pdb  xxx.dll xxx.dll  
 .manifest
 xxx.lib  xxx.exp xxx.rc



 *C:\wireshark\plugins\xxxnmake -f Makefile.nmake all*

 Output:

 Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

 Copyright (C) Microsoft Corporation.  All rights reserved.



 Making plugin.c (using python)

 sed -e s/@PLUGIN_NAME@/xxx/  -e s/@RC_MODULE_VERSION@/0,99,8,0/
 -e s/@R

 C_VERSION@/0,99,8/  -e s/@MODULE_VERSION@/0.99.8.0/  -e s/@PACKAGE@/xxx/
 -e s/@

 VERSION@/0.99.8-xxx-yyy-01/  -e s/@MSVC_VARIANT@/MSVC2005EE/  
 plugin.rc.in 

  xxx.rc

 rc  /r xxx.rc

 cl /DHAVE_WIN32_LIBWIRESHARK_LIB /D_NEED_VAR_IMPORT_ /WX
 /DHAVE_CONFIG_H

  /I../.. /I../../wiretap /IC:\wireshark-win32-libs\glib\include\glib-2.0
 /IC:\w

 ireshark-win32-libs\glib\lib\glib-2.0\include
 /IC:\wireshark-win32-libs\WPdpack

 \include -D_U_= /Zi /W3 /MD /D_CRT_SECURE_NO_DEPRECATE
 /D_CRT_NONSTDC_NO_DEPRE

 CATE /DMSC_VER_REQUIRED=1400 -Fd.\ -c packet-xxx.c plugin.c

 Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50727.762 for
 80x86



 Copyright (C) Microsoft Corporation.  All rights reserved.



 packet-xxx.c

 C:\wireshark\epan/ftypes/ftypes-int.h(30) : fatal error C1083: Cannot open
 include file: 'pcre.h': No such file or directory

 plugin.c

 Generating Code...

 NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
 8\VC\BIN\cl.EXE' : return code '0x2'

 Stop.



  pcre.h file is present at path:

 C:\wireshark-win32-libs\pcre-6.4\include



 So why is the eoor being generated. Can someone please help me.

 Thanks for your time!



 thanks  regards,

 Ash



 No virus found in this incoming message.
 Checked by AVG Free Edition.
 Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date:
 2008-02-27 08:35



 No virus found in this outgoing message.
 Checked by AVG Free Edition.
 Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date:
 2008-02-27 08:35


 ___
 Wireshark-dev mailing list
 Wireshark-dev@wireshark.org
 http://www.wireshark.org/mailman/listinfo/wireshark-dev



 No virus found in this incoming message.
 Checked by AVG Free Edition.
 Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date:
 2008-02-27 08:35

 No virus found in this outgoing message.
 Checked by AVG Free Edition.
 Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date:
 2008-02-27 08:35

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Error compiling a custom dll pluginforWireshark0.99.7

2008-02-27 Thread Maynard, Chris 
Run svn update first, then try again.



From: [EMAIL PROTECTED] on behalf of A Verma
Sent: Wed 2/27/2008 10:39 PM
To: Anders Broman
Cc: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Error compiling a custom dll 
pluginforWireshark0.99.7


Hi,
Thanks!
Even after I executed the command 'make -f makefile.nmake setup' , the pcre 
version remains the same that it was earlier that is 6.4.
what do I do? Pls suggest.
 
regards
Ash

 
On 2/27/08, Anders Broman [EMAIL PROTECTED] wrote: 

Hi,

Run make -f makefile.nmake setup

To download all the latest packages

 

pcre.h file is present at path:

C:\wireshark-win32-libs\pcre-6.4\include

This have changed to 

C:\wireshark-win32-libs\pcre-7.0\include

With the update of PCRE

Regards

Anders

 

 





Från: A Verma [mailto:[EMAIL PROTECTED] 
Skickat: den 27 februari 2008 18:29
Till: Developer support list for Wireshark; [EMAIL PROTECTED]
Ämne: Re: [Wireshark-dev] Error compiling a custom dll plugin 
forWireshark0.99.7

 

Hi,

Thanks for your help.

Can you please let me what do I need to do exactly. I didn't quite 
fully understand your answer.

 

Thanks so much.

 

regards,

Ash

 

On 2/27/08, Anders Broman [EMAIL PROTECTED] wrote: 

Hi,

You may have to run the setup target PCRE was recently updated to 7.0.

Regards

Anders

 





Från: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] För A Verma
Skickat: den 27 februari 2008 11:48
Till: wireshark-dev@wireshark.org
Ämne: [Wireshark-dev] Error compiling a custom dll plugin 
forWireshark0.99.7

 

Hi,

I am trying to create a dll called xxx.dll in plugings/xxx folder in 
wireshark source code folder.

I executed the following commands:

 

C:\wireshark\plugins\xxxnmake -f Makefile.nmake distclean

Output: 

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

Copyright (C) Microsoft Corporation.  All rights reserved.

 

rm -f packet-xxx.obj  plugin.obj xxx.res plugin.c *.pdb  xxx.dll 
xxx.dll  .manifest xxx.lib  xxx.exp xxx.rc

 

C:\wireshark\plugins\xxxnmake -f Makefile.nmake all

Output: 

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762

Copyright (C) Microsoft Corporation.  All rights reserved.

 

Making plugin.c (using python)

sed -e s/@PLUGIN_NAME@/xxx/  -e s/@RC_MODULE_VERSION@/0,99,8,0/ 
 -e s/@R

C_VERSION@/0,99,8/  -e s/@MODULE_VERSION@/0.99.8.0/  -e 
s/@PACKAGE@/xxx/  -e s/@

VERSION@/0.99.8-xxx-yyy-01/  -e s/@MSVC_VARIANT@/MSVC2005EE/   
plugin.rc.in http://plugin.rc.in/  

 xxx.rc

rc  /r xxx.rc

cl /DHAVE_WIN32_LIBWIRESHARK_LIB /D_NEED_VAR_IMPORT_ /WX 
/DHAVE_CONFIG_H

 /I../.. /I../../wiretap 
/IC:\wireshark-win32-libs\glib\include\glib-2.0  /IC:\w

ireshark-win32-libs\glib\lib\glib-2.0\include  
/IC:\wireshark-win32-libs\WPdpack

\include -D_U_= /Zi /W3 /MD /D_CRT_SECURE_NO_DEPRECATE 
/D_CRT_NONSTDC_NO_DEPRE

CATE /DMSC_VER_REQUIRED=1400 -Fd.\ -c packet-xxx.c plugin.c

Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50727.762 
for 80x86

 

Copyright (C) Microsoft Corporation.  All rights reserved.

 

packet-xxx.c

C:\wireshark\epan/ftypes/ftypes-int.h(30) : fatal error C1083: Cannot 
open include file: 'pcre.h': No such file or directory

plugin.c

Generating Code...

NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio 
8\VC\BIN\cl.EXE' : return code '0x2'

Stop.

  

 pcre.h file is present at path:

C:\wireshark-win32-libs\pcre-6.4\include

 

So why is the eoor being generated. Can someone please help me.

Thanks for your time!

 

thanks  regards,

Ash

 

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date: 
2008-02-27 08:35

 

No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.1/1301 - Release Date: 
2008-02-27 08:35


___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

 

No virus found in this incoming message.
Checked by AVG Free

[Wireshark-dev] Patch for top-level Makefile.nmake

2008-02-27 Thread Maynard, Chris 
The attached patch adds the gettext-runtime-0.17-1 and nasm-2.00 directories to 
the list of directories in the clean_setup: target.
 
- Chris
 



-
This email may contain confidential and privileged material for the
sole use of the intended recipient(s). Any review, use, retention,
distribution or disclosure by others is strictly prohibited. If you
are not the intended recipient (or authorized to receive for the
recipient), please contact the sender by reply email and delete all
copies of this message. Also, email is susceptible to data
corruption, interception, tampering, unauthorized amendment and
viruses. We only send and receive emails on the basis that we are
not liable for any such corruption, interception, tampering,
amendment or viruses or any consequence thereof.Index: Makefile.nmake
===
--- Makefile.nmake  (revision 24495)
+++ Makefile.nmake  (working copy)
@@ -813,6 +813,7 @@
 rm -r -f $(WIRESHARK_LIBS)/adns-1.0-win32-05
 rm -r -f $(WIRESHARK_LIBS)/gettext-0.14.5
 rm -r -f $(WIRESHARK_LIBS)/gettext-0.17
+rm -r -f $(WIRESHARK_LIBS)/gettext-runtime-0.17-1
 rm -r -f $(WIRESHARK_LIBS)/glib
 rm -r -f $(WIRESHARK_LIBS)/gnutls-1.6.1-1
 rm -r -f $(WIRESHARK_LIBS)/gtk2
@@ -822,6 +823,7 @@
 rm -r -f $(WIRESHARK_LIBS)/libiconv-1.9.1.bin.woe32
 rm -r -f $(WIRESHARK_LIBS)/lua5.1
 rm -r -f $(WIRESHARK_LIBS)/libsmi-0.4.5
+rm -r -f $(WIRESHARK_LIBS)/nasm-2.00
 rm -r -f $(WIRESHARK_LIBS)/pcre-6.4
 rm -r -f $(WIRESHARK_LIBS)/pcre-7.0
 rm -r -f $(WIRESHARK_LIBS)/portaudio_v18_1
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] user-guide out-of-date

2008-02-27 Thread Maynard, Chris 
Running nmake -f Makefile.nmake setup downloads an older version of the 
user-guide, namely user-guide-23522, whereas the latest version available 
appears to be user-guide-24493.
 
- Chris
 

-
This email may contain confidential and privileged material for the
sole use of the intended recipient(s). Any review, use, retention,
distribution or disclosure by others is strictly prohibited. If you
are not the intended recipient (or authorized to receive for the
recipient), please contact the sender by reply email and delete all
copies of this message. Also, email is susceptible to data
corruption, interception, tampering, unauthorized amendment and
viruses. We only send and receive emails on the basis that we are
not liable for any such corruption, interception, tampering,
amendment or viruses or any consequence thereof.
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] dll works with Wireshark0.99.6a but not with Wireshark0.99.7

2008-02-27 Thread A Verma 
Hi,
We had a custom packet dissector plugin (dll) that worked with wireshark.

It works fine till version Wireshark0.99.6a but not with Wireshark0.99.7.
What could be the reason?

I get errors like:
1. [Malformed Packet: Protocol name xxx]
2. [Dissector Bug: Protocol name xxx: proto.c:1646: failed assertion
hfinfo-type == FT_IPv4 ]
3. Or no error is displayed but packet dissection does not happen for that
protocol.As in complete output does  not get displayed.

I suspected the reason to be due to the differences mentioned in '5. Update
old style plugin' of README.plugins in the doc folder.
But there is no difference as regards to this between Wireshark0.99.6a 
Wireshark0.99.7.

Can someone pls point me to what could be a probable cause or how may I
start investigating it.

Thanks!

regards,
Ash
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] Query related to versions in moduleinfo.h and moduleinfo.nmake

2008-02-27 Thread A Verma 
Hi,
I have a query. I am making a dll called yyy.dll.

Now in the folder c:\wireshark\plugins\yyy there are 2 files:
1. moduleinfo.h
2. moduleinfo.nmake

Is there any relation between the version in
#define VERSION 0.6.5 in moduleinfo.h
and between

# The version
MODULE_VERSION_MAJOR=0
MODULE_VERSION_MINOR=6
MODULE_VERSION_MICRO=5
MODULE_VERSION_EXTRA=0 in moduleinfo.nmake?

I have tried to keep them the same. I am doing correctly?

Or should i have done:
# The version
MODULE_VERSION_MAJOR=0
MODULE_VERSION_MINOR=0
MODULE_VERSION_MICRO=6
MODULE_VERSION_EXTRA=5 ?

Pls suggest me. Thanks so much!
regards,
Ash
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] dll works with Wireshark0.99.6a but not with Wireshark0.99.7

2008-02-27 Thread Stephen Fisher 
On Thu, Feb 28, 2008 at 09:32:34AM +0530, A Verma wrote:

 We had a custom packet dissector plugin (dll) that worked with 
 wireshark.
 
 It works fine till version Wireshark0.99.6a but not with 
 Wireshark0.99.7. What could be the reason?

Did you recompile the plug-in agaist Wireshark 0.99.7 or try to use the 
same file from the compilation against 0.99.6 (this often won't work)?


Steve

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Error compiling a custom dll pluginforWireshark0.99.7

2008-02-27 Thread Maynard, Chris 
Or if you're not using SVN sources but only released sources, you might as well 
get the 0.99.8 sources as it was just released today.  Running nmake -f 
Makefile.nmake setup with that version's sources will be sure to update your 
libraries to what you need.  Here's the link to the download page: 
http://www.wireshark.org/download.html.
 
- Chris



From: [EMAIL PROTECTED] on behalf of Maynard, Chris
Sent: Wed 2/27/2008 10:47 PM
To: Developer support list for Wireshark
Subject: RE: [Wireshark-dev] Error compiling a custom dll 
pluginforWireshark0.99.7


Run svn update first, then try again.



[snip]
 

-
This email may contain confidential and privileged material for the
sole use of the intended recipient(s). Any review, use, retention,
distribution or disclosure by others is strictly prohibited. If you
are not the intended recipient (or authorized to receive for the
recipient), please contact the sender by reply email and delete all
copies of this message. Also, email is susceptible to data
corruption, interception, tampering, unauthorized amendment and
viruses. We only send and receive emails on the basis that we are
not liable for any such corruption, interception, tampering,
amendment or viruses or any consequence thereof.
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] dll works with Wireshark0.99.6a but not with Wireshark0.99.7

2008-02-27 Thread A Verma 
Hi,
I installed both the wireshark versions one by one and used the dll by
putting it in the plugins folder.
It worked with Wireshark0.99.6a but not with Wireshark0.99.7.

I am trying to recompile the dll with Wireshark0.99.7.

I am on the right path? Pls advice.

Thanks!
regards,
Ashna


On 2/28/08, Stephen Fisher [EMAIL PROTECTED] wrote:

 On Thu, Feb 28, 2008 at 09:32:34AM +0530, A Verma wrote:

  We had a custom packet dissector plugin (dll) that worked with
  wireshark.
 
  It works fine till version Wireshark0.99.6a but not with
  Wireshark0.99.7. What could be the reason?

 Did you recompile the plug-in agaist Wireshark 0.99.7 or try to use the
 same file from the compilation against 0.99.6 (this often won't work)?


 Steve

 ___
 Wireshark-dev mailing list
 Wireshark-dev@wireshark.org
 http://www.wireshark.org/mailman/listinfo/wireshark-dev

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Problems in building wireshark

2008-02-27 Thread chandra.kotikalapudi 


Hi Graham,

This are the final few lines of the output(nmake -f Makefile.nmake all)

.
Generating code ...
Compiling code ...
...

...
Generating code..
Compiling 
Stats_tree_stat.c
Scsi_stat.c
Sctp_assoc_analyse.c
Sctp_chunk_stat_dlg.c
Sctp_chunk_stat.c
Sctp_stat_dlg.c
Sip_stat.c
Smb_stat.c
Smb2_stat.c
T38_analysis.c
Tcp_graph.c
Voip_calls_dlg.c
Wsp_stat.c
Generating code ...
NMAKE:fatal errorU1077: 'C:\Program files\microsoft visual
studio\VC98\Bin\cl.exe  ':   return code '0X2'
Stop
NMAKE:fatal error U1077 :' C:\Program files\microsoft visual 
 studio\VC98\Bin\nmake.exe ':return code '0X2'
Stop

Regards,
Chandra.



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Graham Bloice
Sent: Wednesday, February 27, 2008 4:38 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Problems in building wireshark

[EMAIL PROTECTED] wrote:

 Hi,

  

 When I was trying to build wirehark 0.99.7 on windows 2000 
 professional , I got the following errors(nmake -f Makefile all).

  

 1)  NMAKE:fatal error U1077 : C:\Program files\microsoft visual 
 studio\VC98\Bin\cl.exe return code '0X2'

  

 Stop.

  

 2) NMAKE:fatal error U1077 : C:\Program files\microsoft visual 
 studio\VC98\Bin\nmake.exe return code '0X2'

  

 Stop.

  

  

 I am using Microsoft visual studio 6.0.

  

 Some one please help me.

  

To allow us to help you, you'll need to provide us with the lines of 
output leading up to the error.

-- 
Regards,

Graham Bloice

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

The information contained in this electronic message and any attachments to 
this message are intended for the exclusive use of the addressee(s) and may 
contain proprietary, confidential or privileged information. If you are not the 
intended recipient, you should not disseminate, distribute or copy this e-mail. 
Please notify the sender immediately and destroy all copies of this message and 
any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should 
check this email and any attachments for the presence of viruses. The company 
accepts no liability for any damage caused by any virus transmitted by this 
email.

www.wipro.com

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Error compiling a custom dll pluginforWireshark0.99.7

2008-02-27 Thread A Verma 
Hi,
Thanks it did help.
Now I am gettinng the follwoing errors:

plugin.c
Generating Code...
   ...
   Creating library ciscosm.lib and object ciscosm.exp
cd ..
cd xxx
C:\Program Files\Microsoft Visual Studio 8\VC\BIN\nmake.exe /
  -f Makefile.nmake

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762
Copyright (C) Microsoft Corporation.  All rights reserved.

Making plugin.c (using python)
*sed -e **s/@PLUGIN_NAME@/xxx/* s/@PLUGIN_NAME@/xxx/*  -e **
s/@RC_MODULE_VERSION@/0,6,5,0/* s/@RC_MODULE_VERSION@/0,6,5,0/*  -e **
s/@RC* s/@RC
*_VERSION@/0,99,9,0/**  -e
**s/@MODULE_VERSION@/0.6.5.0/*s/@MODULE_VERSION@/0.6.5.0/
*  -e **s/@PACKAGE@/xxx/* s/@PACKAGE@/xxx/*  -e s/@
**VERSION@/0.99.9-xxx-yyy-01/**  -e
**s/@MSVC_VARIANT@/MSVC2005EE/*s/@MSVC_VARIANT@/MSVC2005EE/
*   plugin.rc.in *
 xxx.rc
rc  /r xxx.rc

*xxx.rc(5) : error RC2167 : unrecognized VERSIONINFO field;  BEGIN or comma
expected*
*NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\rc.EXE' : return code '0x2'
Stop.
NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\nmake.exe' : return code '0x2'
Stop.
NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\nmake.exe' : return code '0x2'
Stop.
NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\nmake.exe' : return code '0x2'
Stop.*

What mismatch is there between versions? Pls help me.

Thanks!

regards,

Ash



On 2/28/08, Maynard, Chris [EMAIL PROTECTED] wrote:

 Or if you're not using SVN sources but only released sources, you might as
 well get the 0.99.8 sources as it was just released today.  Running nmake
 -f Makefile.nmake setup with that version's sources will be sure to
 update your libraries to what you need.  Here's the link to the download
 page: http://www.wireshark.org/download.html.

 - Chris

 

 From: [EMAIL PROTECTED] on behalf of Maynard, Chris
 Sent: Wed 2/27/2008 10:47 PM
 To: Developer support list for Wireshark
 Subject: RE: [Wireshark-dev] Error compiling a custom dll
 pluginforWireshark0.99.7


 Run svn update first, then try again.

 

 [snip]


 -
 This email may contain confidential and privileged material for the
 sole use of the intended recipient(s). Any review, use, retention,
 distribution or disclosure by others is strictly prohibited. If you
 are not the intended recipient (or authorized to receive for the
 recipient), please contact the sender by reply email and delete all
 copies of this message. Also, email is susceptible to data
 corruption, interception, tampering, unauthorized amendment and
 viruses. We only send and receive emails on the basis that we are
 not liable for any such corruption, interception, tampering,
 amendment or viruses or any consequence thereof.
 ___
 Wireshark-dev mailing list
 Wireshark-dev@wireshark.org
 http://www.wireshark.org/mailman/listinfo/wireshark-dev

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] dll works with Wireshark0.99.6a but not with Wireshark0.99.7

2008-02-27 Thread Stephen Fisher 

On Thu, Feb 28, 2008 at 10:06:23AM +0530, A Verma wrote:

 I installed both the wireshark versions one by one and used the dll by 
 putting it in the plugins folder. It worked with Wireshark0.99.6a but 
 not with Wireshark0.99.7.
 
 I am trying to recompile the dll with Wireshark0.99.7.
 
 I am on the right path? Pls advice.

Yes, it needs to be compiled with each version you intend to use it 
with.  So compile it with 0.99.7 sources for use in 0.99.7.


Steve
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] dll works with Wireshark0.99.6a but not with Wireshark0.99.7

2008-02-27 Thread A Verma 
Thanks Stephen!
I did that but I am getting the following errors(My dll is called xxx.dll):
 plugin.c
Generating Code...
   ...
   Creating library ciscosm.lib and object ciscosm.exp
cd ..
cd xxx
C:\Program Files\Microsoft Visual Studio 8\VC\BIN\nmake.exe /
  -f Makefile.nmake

Microsoft (R) Program Maintenance Utility Version 8.00.50727.762
Copyright (C) Microsoft Corporation.  All rights reserved.

Making plugin.c (using python)
*sed -e **s/@PLUGIN_NAME@/xxx/* s/@PLUGIN_NAME@/xxx/*  -e **
s/@RC_MODULE_VERSION@/0,6,5,0/* s/@RC_MODULE_VERSION@/0,6,5,0/*  -e **
s/@RC* s/@RC
*_VERSION@/0,99,9,0/**  -e
**s/@MODULE_VERSION@/0.6.5.0/*s/@MODULE_VERSION@/0.6.5.0/
*  -e **s/@PACKAGE@/xxx/* s/@PACKAGE@/xxx/*  -e s/@
**VERSION@/0.99.9-xxx-yyy-01/**  -e
**s/@MSVC_VARIANT@/MSVC2005EE/*s/@MSVC_VARIANT@/MSVC2005EE/
*   plugin.rc.in *
 xxx.rc
rc  /r xxx.rc

*xxx.rc(5) : error RC2167 : unrecognized VERSIONINFO field;  BEGIN or comma
expected*
*NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\rc.EXE' : return code '0x2'
Stop.
NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\nmake.exe' : return code '0x2'
Stop.
NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\nmake.exe' : return code '0x2'
Stop.
NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
8\VC\BIN\nmake.exe' : return code '0x2'
Stop.*

What mismatch is there between versions? Pls help me.

Thanks!

regards,

Ash


On 2/28/08, Stephen Fisher [EMAIL PROTECTED] wrote:


 On Thu, Feb 28, 2008 at 10:06:23AM +0530, A Verma wrote:

  I installed both the wireshark versions one by one and used the dll by
  putting it in the plugins folder. It worked with Wireshark0.99.6a but
  not with Wireshark0.99.7.
 
  I am trying to recompile the dll with Wireshark0.99.7.
 
  I am on the right path? Pls advice.

 Yes, it needs to be compiled with each version you intend to use it
 with.  So compile it with 0.99.7 sources for use in 0.99.7.


 Steve

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Query related to versions in moduleinfo.h and moduleinfo.nmake

2008-02-27 Thread Jaap Keuter 
Hi,

These two files are related. They both convey version information
to the user. The contents of moduleinfo.h is expressed through the
Wireshark about dialog, on the plugins tab, while the contents of
moduleinfo.nmake is expressed through the Windows resource mechanism.

The format is MAJOR.MINOR.MICRO.EXTRA.

Since the VERSION string is a string EXTRA can be void.

MODULE_VERSION_* is an unsigned integer so has to be set to a value.
therefore MODULE_VERSION_EXTRA is normally set to 0. They way you set
them is correct.

You should keep them synchronized manually, since we have not devised
a way to do this automatically.

Thanx,
Jaap

A Verma wrote:
 Hi,
 I have a query. I am making a dll called yyy.dll.
  
 Now in the folder c:\wireshark\plugins\yyy there are 2 files:
 1. moduleinfo.h
 2. moduleinfo.nmake
  
 Is there any relation between the version in
 #define VERSION 0.6.5 in moduleinfo.h
 and between
  
 # The version
 MODULE_VERSION_MAJOR=0
 MODULE_VERSION_MINOR=6
 MODULE_VERSION_MICRO=5
 MODULE_VERSION_EXTRA=0 in moduleinfo.nmake?
  
 I have tried to keep them the same. I am doing correctly?
  
 Or should i have done:
 # The version
 MODULE_VERSION_MAJOR=0
 MODULE_VERSION_MINOR=0
 MODULE_VERSION_MICRO=6
 MODULE_VERSION_EXTRA=5 ?
  
 Pls suggest me. Thanks so much!
 regards,
 Ash
  

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Query related to versions in moduleinfo.h and moduleinfo.nmake

2008-02-27 Thread A Verma 
Hi,
Thanks Jaap!

2 things:
1. If I am doing everything correctly why do I get these errors: :-(
2. I tried doing a make all after I gave nothing againts the
MODULE_VERSION_EXTRA, like this:
MODULE_VERSION_EXTRA=
I got 2 errors then.

Can you pls let me know how to correct point 1.

Thanks!
regards,
Ashna

On 2/28/08, Jaap Keuter [EMAIL PROTECTED] wrote:

 Hi,

 These two files are related. They both convey version information
 to the user. The contents of moduleinfo.h is expressed through the
 Wireshark about dialog, on the plugins tab, while the contents of
 moduleinfo.nmake is expressed through the Windows resource mechanism.

 The format is MAJOR.MINOR.MICRO.EXTRA.

 Since the VERSION string is a string EXTRA can be void.

 MODULE_VERSION_* is an unsigned integer so has to be set to a value.
 therefore MODULE_VERSION_EXTRA is normally set to 0. They way you set
 them is correct.

 You should keep them synchronized manually, since we have not devised
 a way to do this automatically.

 Thanx,
 Jaap

 A Verma wrote:
  Hi,
  I have a query. I am making a dll called yyy.dll.
 
  Now in the folder c:\wireshark\plugins\yyy there are 2 files:
  1. moduleinfo.h
  2. moduleinfo.nmake
 
  Is there any relation between the version in
  #define VERSION 0.6.5 in moduleinfo.h
  and between
 
  # The version
  MODULE_VERSION_MAJOR=0
  MODULE_VERSION_MINOR=6
  MODULE_VERSION_MICRO=5
  MODULE_VERSION_EXTRA=0 in moduleinfo.nmake?
 
  I have tried to keep them the same. I am doing correctly?
 
  Or should i have done:
  # The version
  MODULE_VERSION_MAJOR=0
  MODULE_VERSION_MINOR=0
  MODULE_VERSION_MICRO=6
  MODULE_VERSION_EXTRA=5 ?
 
  Pls suggest me. Thanks so much!
  regards,
  Ash
 

 ___
 Wireshark-dev mailing list
 Wireshark-dev@wireshark.org
 http://www.wireshark.org/mailman/listinfo/wireshark-dev

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev