Re: [Wireshark-dev] How to access the Arrival time which is displayed in the Frame tree

On 06/29/2011 07:21 AM, sagar sg wrote: Hi Team, I writing a dissector, in which I need to compare the time stamp in application level with the arrival time stamp which has been displayed under frame tree of wireshark. How can I access this arrival time from dissector? Thanks in Advance

Re: [Wireshark-dev] [Wireshark-commits] rev 37826: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-rpcap.c

On Wed, Jun 29, 2011 at 7:21 AM, g...@wireshark.org wrote:  Don't return an offset that you won't later use.  The length fields in a pcap_pkthdr are unsigned, so presumably the  equivalent fields in the rpcap protocol are also unsigned.  Make sure the captured data length isn't bigger than

Re: [Wireshark-dev] How to access the Arrival time which is displayed in the Frame tree

thank you i found it already, thanks. it was there in packet_info structure. On Wed, Jun 29, 2011 at 12:22 PM, Jaap Keuter jaap.keu...@xs4all.nl wrote: On 06/29/2011 07:21 AM, sagar sg wrote: Hi Team, I writing a dissector, in which I need to compare the time stamp in application level

Re: [Wireshark-dev] [Wireshark-commits] rev 37826: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-rpcap.c

On Jun 29, 2011, at 12:04 AM, Stig Bjørlykke wrote: I have strengthened the heuristics in revision 37828, which seems to really fix the problem. Well, it fixes the problem with that *particular* capture. The underlying problem is that proto_tree_add_item() might not end up doing anything

Re: [Wireshark-dev] [Wireshark-commits] rev 37826: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-rpcap.c

On Wed, Jun 29, 2011 at 9:47 AM, Guy Harris g...@alum.mit.edu wrote: On Jun 29, 2011, at 12:04 AM, Stig Bjørlykke wrote: I have strengthened the heuristics in revision 37828, which seems to really fix the problem. Well, it fixes the problem with that *particular* capture. Sure, but it does

Re: [Wireshark-dev] [Wireshark-commits] rev 37826: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-rpcap.c

On Wed, Jun 29, 2011 at 10:20:50AM +0200, Stig Bj?rlykke wrote: I have a long term project, which depends on whether libpcap will support rpcap :) Btw. is there any specification of rpcap? Or we have only our code and patch for libpcap (from winpcap project)? I've found sf project of

Re: [Wireshark-dev] UTF8 vs. locale in error messages (bug 5715)

On 28/06/2011 18:27, Guy Harris wrote: On Jun 28, 2011, at 6:10 AM, Stig Bjørlykke wrote: On Tue, Jun 28, 2011 at 2:58 AM, Guy Harris g...@alum.mit.edu wrote: 1) UN*Xes where LANG etc. aren't set to a locale with UTF-8 as the encoding (are you seeing the issue with Norwegian

Re: [Wireshark-dev] [Wireshark-commits] rev 37826: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-rpcap.c

On Wed, Jun 29, 2011 at 11:34 AM, Jakub Zawadzki darkjames...@darkjames.pl wrote: Btw. is there any specification of rpcap? Or we have only our code and patch for libpcap (from winpcap project)? WinPcap sources includes this code. The rpcap dissector was written using this sources, namely

Re: [Wireshark-dev] UTF8 vs. locale in error messages (bug 5715)

On Jun 29, 2011, at 2:37 AM, Graham Bloice wrote: For reference, here's the test executable output on Win7, using the SDK 7.0 build environment (a cmd.prompt): Not surprisingly, it doesn't work. Microsoft introduced Unicode support when they introduced Win32; as they were introducing a new

Re: [Wireshark-dev] [Wireshark-commits] rev 37826: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-rpcap.c

On Jun 29, 2011, at 1:20 AM, Stig Bjørlykke wrote: On Wed, Jun 29, 2011 at 9:47 AM, Guy Harris g...@alum.mit.edu wrote: Well, it fixes the problem with that *particular* capture. Sure, but it does the exact check as in dissect_rpcap_packet() and discards the message before it's

[Wireshark-dev] buildbot failure in Wireshark (development) on Visual-Studio-Code-Analysis

The Buildbot has detected a new failure of Visual-Studio-Code-Analysis on Wireshark (development). Full details are available at: http://buildbot.wireshark.org/trunk/builders/Visual-Studio-Code-Analysis/builds/1142 Buildbot URL: http://buildbot.wireshark.org/trunk/ Buildslave for this Build:

[Wireshark-dev] buildbot failure in Wireshark (development) on Windows-7-x64

The Buildbot has detected a new failure of Windows-7-x64 on Wireshark (development). Full details are available at: http://buildbot.wireshark.org/trunk/builders/Windows-7-x64/builds/2230 Buildbot URL: http://buildbot.wireshark.org/trunk/ Buildslave for this Build: windows-7-x64 Build Reason:

Re: [Wireshark-dev] UTF8 vs. locale in error messages (bug 5715)

On Tue, Jun 28, 2011 at 7:01 PM, Guy Harris g...@alum.mit.edu wrote: In any case, that means that using strerror() is probably not going to be sufficient to fix the problem.  What we might want to do is use UTF-8 everywhere we can, and, for non-GUI output, convert to the appropriate

Re: [Wireshark-dev] UTF8 vs. locale in error messages (bug 5715)

On Jun 29, 2011, at 1:45 PM, Stig Bjørlykke wrote: Ok, what about trying to convert back to locale when output error messages from tshark? Something like the attached patch, maybe? Something like that, but with a g_free() of string afterwards. :-)

Re: [Wireshark-dev] [PATCH] Tweaked NFSv4 packet dissectors for wireshark

Hello Steve, Thanks for your patch, but this is probably going to get lost/forgotten unless it's filed as a bug report here: https://bugs.wireshark.org/bugzilla/. - Chris -Original Message- From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev- boun...@wireshark.org] On