Re: [Wireshark-dev] time
Yikes! Sorry about that! On Thu, Apr 10, 2008 at 7:39 PM, Sake Blok [EMAIL PROTECTED] wrote: On Thu, Apr 10, 2008 at 04:31:57PM +0200, Maria de Fatima Requena wrote: The website itself http://www.wireshark.org/docs/wsug_html_chunked/ChWorkTimeFormatsSect this page doesn???t work for me That's probably because the URL should be: http://www.wireshark.org/docs/wsug_html_chunked/ChWorkTimeFormatsSection.html :-) ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] buildbot failure in Ubuntu-7.01-x86-64
The Buildbot has detected a new failure of Ubuntu-7.01-x86-64. Full details are available at: http://buildbot.wireshark.org/trunk/Ubuntu-7.01-x86-64/builds/3089 Buildbot URL: http://buildbot.wireshark.org/trunk/ Build Reason: Build Source Stamp: HEAD Blamelist: sfisher BUILD FAILED: failed shell_8 sincerely, -The Buildbot ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] (no subject)
hi guys, i need ur help regarding a problem in wireshark. i need to append some bits(all 0 in fact) to a bit string of type tvbuff_t* , how can i do it, in fact in function tvbuff_t * new_octet_aligned_subset_bits they have done some kind of padding(line 182)to which u can refer to. will b very thankful if u plz help me. regards, prakash - Unlimited freedom, unlimited storage. Get it now___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] how to append zeroes to a bit string?
hi guys, i need ur help regarding a problem in wireshark. i need to append some bits(all 0 in fact) to a bit string of type tvbuff_t* , how can i do it, in fact in function tvbuff_t * new_octet_aligned_subset_bits they have done some kind of padding(line 182)to which u can refer to. will b very thankful if u plz help me. regards, prakash - Meet people who discuss and share your passions. Join them now.___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] what tvb_get_ntohs() does?
hi, what the function tvb_get_ntohs() does, can u plz give clear idea including syntax and argument? regards prakash - Meet people who discuss and share your passions. Join them now.___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Report a Windows Crash
Good day. I'm reporting a crash because I think that you are doing an awesome job with the opensource project and let me just take this time to say, thanks guys! You're really doing an awesome job! My WireShark (downloaded from sourceforge under the impression that you changed the name of the program), while trying to do a capture in windows with the following filter crashes every now and again. It's the standard windows crash report that comes through: Wireshark has encountered a problem and needs to close. We are sorry for the inconvenience. Here are the version details of my version of WireShark: wireshark 1.0.0 Copyright 1998-2008 Gerald Combs [EMAIL PROTECTED] and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled with GTK+ 2.12.8, with GLib 2.14.6, with WinPcap (version unknown), with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.5, with ADNS, with Lua 5.1, with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT Kerberos, with PortAudio V19-devel, with AirPcap. Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0.2 (packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, without AirPcap. Built using Microsoft Visual C++ 6.0 build 8804 Here's some system information if it will help: Microsoft Windows XP Professional Version 2002 Service Pack 2 Computer: Intel (R) Pentium(R) 4 CPU 3.00GHz 2.99GHz, 2.00 GB of RAM Will send more information if neccesary. Thanks alot and keep up the great work! -Neall Adams (Appel) PS: opensource FTW!!! ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Wireshark decoding error- protocol DNS - section Flags for AD and CD bits information
Hi,
Thanks for the detailed report and traces (traces are always very appreciated).
You better open a bug in http://bugs.wireshark.org that way we do keep
track of this. Or else we risk just loosing track of it.
Thanks,
Luis
On Fri, Apr 11, 2008 at 12:29 PM, März, Frank [EMAIL PROTECTED] wrote:
Hello Wireshark Expert,
I think I have found a problem within Wireshark while decoding two bits
within the DNS protocol. The problem can be seen in all Wireshark version I
tried up to 1.0.0 on several OS. Wireshark fails to decode the Flags section
for the bit AD and CD.
Details are in:
RFC2535 - 6.1 The AD and CD Header Bits
1 1 1 1 1 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| ID |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
|QR| Opcode |AA|TC|RD|RA| Z|AD|CD| RCODE |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
|QDCOUNT|
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
|ANCOUNT|
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
|NSCOUNT|
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
|ARCOUNT|
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
This is the trace in text format:
No. TimeSourceDestination Protocol
Info
50 41.833438 193.254.142.169 213.162.74.3 DNS
Standard query A web.mnc007.mcc232.gprs
Frame 50 (93 bytes on wire, 93 bytes captured)
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst:
69:31:65:74:68:34 (69:31:65:74:68:34)
Internet Protocol, Src: 193.254.142.169 (193.254.142.169), Dst: 213.162.74.3
(213.162.74.3)
User Datagram Protocol, Src Port: 35211 (35211), Dst Port: domain (53)
Domain Name System (query)
[Response In: 59]
Transaction ID: 0xcf13
Flags: 0x0110 (Standard query)
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
..X. = AD: missing
...1 = CD: Non-authenticated data OK:
Non-authenticated data is acceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
Additional records
69 31 65 74 68 34 00 00 00 00 00 00 08 00 45 00 i1eth4E.
0010 00 4f e4 a8 40 00 fd 11 28 a7 c1 fe 8e a9 d5 a2 [EMAIL
PROTECTED](...
0020 4a 03 89 8b 00 35 00 3b db 2f cf 13 01 10 00 01 J5.;./..
0030 00 00 00 00 00 01 03 77 65 62 06 6d 6e 63 30 30 ...web.mnc00
0040 37 06 6d 63 63 32 33 32 04 67 70 72 73 00 00 01 7.mcc232.gprs...
0050 00 01 00 00 29 10 00 00 00 80 00 00 00)
No. TimeSourceDestination Protocol
Info
57 41.854500 213.162.74.3 193.254.142.169 DNS
Standard query response A 213.162.74.125 A 213.162.74.126
Frame 57 (167 bytes on wire, 167 bytes captured)
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst:
69:31:65:74:68:31 (69:31:65:74:68:31)
Internet Protocol, Src: 213.162.74.3 (213.162.74.3), Dst: 193.254.142.169
(193.254.142.169)
User Datagram Protocol, Src Port: domain (53), Dst Port: 35211 (35211)
Domain Name System (response)
[Request In: 53]
[Time: 0.021033000 seconds]
Transaction ID: 0xcf13
Flags: 0x8590 (Standard query response, No error)
1... = Response: Message is a response
.000 0... = Opcode: Standard query (0)
.1.. = Authoritative: Server is an authority for
domain
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
1... = Recursion available: Server can do recursive
queries
.0.. = Z: reserved (0)
..0. = AD: missing
...1 = CD: Answer authenticated: Answer/authority
portion was not authenticated by the server
= Reply code: No error (0)
Questions: 1
Answer RRs: 2
Authority RRs: 1
Additional RRs: 2
Queries
Answers
Authoritative nameservers
Additional records
69 31 65 74 68 31 00 00 00 00 00 00 08 00 45 00 i1eth1E.
0010 00 99 d5 6c 40 00 f9 11 3b 99 d5 a2 4a 03 c1 fe
Re: [Wireshark-dev] Report a Windows Crash
Hi, What's the filter? What's the interface you're capturing on? Thanx, Jaap Neall Preston Adams wrote: Good day. I'm reporting a crash because I think that you are doing an awesome job with the opensource project and let me just take this time to say, thanks guys! You're really doing an awesome job! My WireShark (downloaded from sourceforge under the impression that you changed the name of the program), while trying to do a capture in windows with the following filter crashes every now and again. It's the standard windows crash report that comes through: Wireshark has encountered a problem and needs to close. We are sorry for the inconvenience. Here are the version details of my version of WireShark: wireshark 1.0.0 Copyright 1998-2008 Gerald Combs [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled with GTK+ 2.12.8, with GLib 2.14.6, with WinPcap (version unknown), with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.5, with ADNS, with Lua 5.1, with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT Kerberos, with PortAudio V19-devel, with AirPcap. Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0.2 (packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, without AirPcap. Built using Microsoft Visual C++ 6.0 build 8804 Here's some system information if it will help: Microsoft Windows XP Professional Version 2002 Service Pack 2 Computer: Intel (R) Pentium(R) 4 CPU 3.00GHz 2.99GHz, 2.00 GB of RAM Will send more information if neccesary. Thanks alot and keep up the great work! -Neall Adams (Appel) PS: opensource FTW!!! ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] what tvb_get_ntohs() does?
On Fri, Apr 11, 2008 at 02:12:57PM +0100, prakash chowbey wrote: what the function tvb_get_ntohs() does, can u plz give clear idea including syntax and argument? It works similar to the way ntohs() works, but does this with data from a tvbuff. ntohs() converts a network byte order short (16-bit) to a host byte order short. From doc/README.developer: Network-to-host-order accessors for 16-bit integers (guint16), 24-bit integers, 32-bit integers (guint32), and 64-bit integers (guint64): guint16 tvb_get_ntohs(tvbuff_t*, gint offset); Steve ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] GTK1: code cleanup status and some open points
Stephen Fisher wrote: On Thu, Apr 10, 2008 at 01:33:03AM +0200, Ulf Lamping wrote: Lot's of stuff already done for the GTK1 cleanup, but we could still need a helping hand ... OPEN: gtk/STATUS.gtk2: very old content (remove items marked as Done - or remove the whole file?) Let's just get rid of that old file :). The most commonly used macros need to change as follows: OBJECT_SET_DATA(widget, key, data); to: g_object_set_data(G_OBJECT(widget), key, data); Done !! OBJECT_GET_DATA(widget, key); to: g_object_get_data(G_OBJECT(widget), key); Done !! SIGNAL_CONNECT(widget, name, callback, arg); to: g_signal_connect(widget, name, G_CALLBACK(callback), arg); (depending on the type of arg, it may need to be cast to a gpointer) Indeed:). I think the next step is to get rid of GTK1 features that have been deprecated in GTK2, such as the CList (which should be possible for all instances except the packet list). Of course, this will take plenty of work to port the code to the new APIs. ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] (was: no subject) KNX support
Hi, This protocol specification is sold by the industry association. So if someone is willing to publish the specification, there's nothing much going to happen :/ Thanx, Jaap ander rosa anguiano wrote: Hello: I have made a domotic instalation in my home using KNX(EIB) and i have a knx tcp/ip adapter in my home net. The protocol is called EIBNET/IP (multicasting UDP 3671)and there is not a specific disector for this protocol implemented in WIRESHARK...soo i can see that a message has been sniff by the shark but i can not see the disection tree(details). Could someone develop?Not only for me because i think that many other people will be in the same situation like mebecause KNX is growing and growing... Thank you soo much for your good job friends!!keep on ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Wireshark decoding error- protocol DNS - section Flags for AD and CD bits information
Hi, Thank you for the report. Since bugzilla is down for maintenance I'll answer here. RFC2535 - 6.1 The AD and CD Header Bits Two previously unused bits are allocated out of the DNS query/response format header. The AD (authentic data) bit indicates in a response that all the data included in the answer and authority portion of the response has been authenticated by the server according to the policies of that server. The CD (checking disabled) bit indicates in a query that Pending (non-authenticated) data is acceptable to the resolver sending the query. I fail to see the problem here. CD is relevant only in query, AD is relevant only in reply. That is what is decoded. Thanx, Jaap ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] (was: no subject) KNX support
I have some KNX hardware and some expensive commercial software for it. I bought this when we renovated our house and installed everything on that system, replacing a 75 year old wiring. Since then I never had time to go too much further with it but there was a Linux implementation of some tools which allowed you to use the bus. they all used some conversion hardware which is in every switch (some kind of bus driver). So it should be fairly easy to get the information out of that linux source. As far as I remember it was a simple serial port protocol. Now EIBNET/IP most probably is oriented very much on the same protocol. So it shouldn't be hard to reverse engineer if necessary. I don't think the specs are sold but just hidden somewhere. On 11.04.2008, at 20:59, Jaap Keuter wrote: Hi, This protocol specification is sold by the industry association. So if someone is willing to publish the specification, there's nothing much going to happen :/ Thanx, Jaap ander rosa anguiano wrote: Hello: I have made a domotic instalation in my home using KNX(EIB) and i have a knx tcp/ip adapter in my home net. The protocol is called EIBNET/IP (multicasting UDP 3671)and there is not a specific disector for this protocol implemented in WIRESHARK...soo i can see that a message has been sniff by the shark but i can not see the disection tree(details). Could someone develop?Not only for me because i think that many other people will be in the same situation like mebecause KNX is growing and growing... Thank you soo much for your good job friends!!keep on ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] buildbot failure in OSX-10.4-PPC
The Buildbot has detected a new failure of OSX-10.4-PPC. Full details are available at: http://buildbot.wireshark.org/trunk/OSX-10.4-PPC/builds/2366 Buildbot URL: http://buildbot.wireshark.org/trunk/ Build Reason: Build Source Stamp: HEAD Blamelist: ulfl BUILD FAILED: failed compile sincerely, -The Buildbot ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] buildbot failure in Solaris-8-SPARC
The Buildbot has detected a new failure of Solaris-8-SPARC. Full details are available at: http://buildbot.wireshark.org/trunk/Solaris-8-SPARC/builds/2575 Buildbot URL: http://buildbot.wireshark.org/trunk/ Build Reason: Build Source Stamp: HEAD Blamelist: ulfl BUILD FAILED: failed compile sincerely, -The Buildbot ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] buildbot failure in Ubuntu-7.01-x86-64
The Buildbot has detected a new failure of Ubuntu-7.01-x86-64. Full details are available at: http://buildbot.wireshark.org/trunk/Ubuntu-7.01-x86-64/builds/3091 Buildbot URL: http://buildbot.wireshark.org/trunk/ Build Reason: Build Source Stamp: HEAD Blamelist: grahamb,guy,sahlberg,sfisher,ulfl,wmeier BUILD FAILED: failed compile sincerely, -The Buildbot ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] buildbot failure in OSX-10.4-PPC
The Buildbot has detected a new failure of OSX-10.4-PPC. Full details are available at: http://buildbot.wireshark.org/trunk/OSX-10.4-PPC/builds/2374 Buildbot URL: http://buildbot.wireshark.org/trunk/ Build Reason: Build Source Stamp: HEAD Blamelist: ulfl BUILD FAILED: failed compile sincerely, -The Buildbot ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] Regarding development of network management interface between support software and wireshark
On Fri, Apr 11, 2008 at 04:58:18PM +0530, Aashika Gupta wrote: I want to find out the places in wireshark code where we can put up the code for this interface's support ( Connection Establishment , Keepalive functionality,Shutown functionality). What is the support software that the document refers to? What is the purpose of this connection into Wireshark? Steve ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
