Gerald Combs schrieb:
The patch looks good to me too. Joerg, can you check it in? I'm going
to get 0.99.7pre1 out tomorrow.
I've checked in Joergs patch with some minor wording changes from me.
While it's better than what we currently had before, I'm still *pretty
unhappy* with it.
2007/11/20, Didier [EMAIL PROTECTED]:
Can you share a small capture?
http://wiki.wireshark.org/SampleCaptures?action=AttachFiledo=gettarget=dmp-examples.pcap.gz
Add port 24209 in the preferences.
If register_init_routine() is called I don't see how flags.visited could be
false. cf file.c
It seems that we have reached critical number of protocols.
I have met collision of built in p7 protoco with my private nu
protocol. They both have the same g_str_hash() value.
Does it make sence to create hash from the protocol filter name which
has usually 2-4 characters?
BTW the
Hi all
I am working on a dissector for the MPA protocol (RFC 5044) which
runs on top of TCP. In some configurations, this protocol inserts so
called Markers (each 4 bytes long) every 512th octet relative to the
TCP sequence number of the first MPA FPDU.
I would like to remove these Markers
Thanks Guy for your very quick and informative response - comments below.
1) Inline with the realtime capture support currently offered on Windows
by other device types,
Realtime capture support in what sense? Update list of packets in
real time?
I just mean capturing/displaying in realtime
On Tue, Nov 20, 2007 at 10:28:15AM +0100, Ulf Lamping wrote:
I've checked in Joergs patch with some minor wording changes from me.
While it's better than what we currently had before, I'm still *pretty
unhappy* with it.
Maybe what we actually need are different license files for the source
--- Guy Harris [EMAIL PROTECTED] wrote:
Stephen Fisher wrote:
My bad, it does work as I had intended. It highlights the field (with
the function highlight_field()) whenever you do a hex or string search,
but not when you do a filter search. Should we add filter search
matches too?
--- Stephen Fisher [EMAIL PROTECTED] wrote:
On Mon, Nov 19, 2007 at 02:43:13PM -0700, Stephen Fisher wrote:
On Mon, Nov 19, 2007 at 10:29:12PM +0100, Stig Bj?rlykke wrote:
Does wireshark have any functionality like this? I know we have Find
Packet, but this does not display the
Hi,
I have to create a dissector for a (not that well designed)
proprietary ASN.1 defined protocol. It uses BER for encoding.
It is defined with AUTOMATIC TAGS which means that the components of
all constructed types (e.g. SEQUENCEs) are automatically tagged as
CONTEXT-SPECIFIC starting from 0
Hi,
unfortunately the asn2wrs does not support AUTOMATIC TAGS now.
The mentioned example is a PER example where tags are not importatnt, i.e.
missing AUTOMATIC TAGS support is not a problem.
I am going to implement it but I am not sure when.
The only way how it can be solved now is to put
A naive attempt (see attached patch to Makefile.nmake), resulted in:
...
libpcap.c
C:\Program Files\Microsoft Visual Studio 9.0\VC\INCLUDE\stdio.h(358) : error
C31
63: '_vsnprintf': attributes inconsistent with previous declaration
C:\Program Files\Microsoft Visual Studio
Joerg Mayer schrieb:
Maybe what we actually need are different license files for the source
and the binary distribution. The binary distribution contains less files
(notably pidl) then the source.
I guess it will be a bit confusing to have two different licenses - so I
would like to avoid
The attached change to libpcap.c (re-order the #include statements) seems to
solve it.
There are other places it is required (capture-wpcap.c, for example), and
this simple change didn't work as nicely.
There's a similar problem with inet_pton() and inet_ntop() in various other
files:
capture.c
On Tue, Nov 20, 2007 at 06:35:44PM +, [EMAIL PROTECTED] wrote:
Log:
Add relative start time, duration, and average data rate (bps) columns
to the conversation lists.
Nice feature! It was on my todo-list but you beat me to it :-)
Cheers,
Sake
Hi all
I have several protocols running on top of each other: TCP MPA (RFC
5044) [DDP (RFC 5042) | RDMAP (RFC 5040)].
Currently, I am calling my DDP/RDMAP dissector as a subdissector from
my MPA dissector. Because my DDP/RDMAP dissector could also be used
on top of SCTP (replacing TCP
Will Barker wrote:
Thanks Guy for your very quick and informative response - comments below.
1) Inline with the realtime capture support currently offered on Windows
by other device types,
Realtime capture support in what sense? Update list of packets in
real time?
I just mean
Yves Geissbühler wrote:
I have several protocols running on top of each other: TCP MPA (RFC
5044) [DDP (RFC 5042) | RDMAP (RFC 5040)].
Currently, I am calling my DDP/RDMAP dissector as a subdissector from
my MPA dissector. Because my DDP/RDMAP dissector could also be used
on top of
Kukosa, Tomas wrote:
It seems that we have reached critical number of protocols.
I have met collision of built in p7 protoco with my private nu
protocol. They both have the same g_str_hash() value.
Does it make sence to create hash from the protocol filter name
which has usually 2-4
Yves Geissbühler wrote:
I am working on a dissector for the MPA protocol (RFC 5044) which
runs on top of TCP. In some configurations, this protocol inserts so
called Markers (each 4 bytes long) every 512th octet relative to the
TCP sequence number of the first MPA FPDU.
I would like
On Tue, 2007-11-20 at 12:49 -0800, Guy Harris wrote:
Will Barker wrote:
What are the capture attributes you need?
The kind of thing I'm referring to here is configuration for our card, for
example,
a) selecting the type of line encoding for sync lines e.g. NRZ, NRZI, FM0
etc.
If the DDP dissector registers for a specific SCTP port or PPI, you
would call
dissector_add(sctp.port, {port number}, {handle for DDP
dissector});
or
dissector_add(sctp.ppi, {PPI number}, {handle for DDP
dissector});
in proto_reg_handoff_ddp().
From
On Tue, Nov 20, 2007 at 09:44:52AM -0800, Andrew Feren wrote:
On Mon, Nov 19, 2007 at 02:43:13PM -0700, Stephen Fisher wrote:
My bad, it does work as I had intended. It highlights the field (with
the function highlight_field()) whenever you do a hex or string search,
but not when you
Instead of creating a hash and store it in a hashtable
wouldnt it be better/faster to just store the names as the strings as
is in a se-tree instead.
That should be much faster.
On Nov 21, 2007 8:13 AM, Guy Harris [EMAIL PROTECTED] wrote:
Kukosa, Tomas wrote:
It seems that we have reached
or rather a pe-tree
On Nov 21, 2007 9:45 AM, ronnie sahlberg [EMAIL PROTECTED] wrote:
Instead of creating a hash and store it in a hashtable
wouldnt it be better/faster to just store the names as the strings as
is in a se-tree instead.
That should be much faster.
On Nov 21, 2007 8:13 AM,
On Tue, Nov 20, 2007 at 08:41:09PM +0100, Stig Bj?rlykke wrote:
I know it's possible to search in the preferences for a given
protocol, but when the Protocol entry is default collapsed the search
does not work until I expand it. And it does not work with sub
entries like the OSI protocols.
[UTF-8?]On Tue, 20 Nov 2007 11:42:12 +0100, Stig Bjørlykke wrote
2007/11/20, Didier [EMAIL PROTECTED]:
Can you share a small capture?
http://wiki.wireshark.org/SampleCaptures?action=AttachFiledo=gettarget=dmp-examples.pcap.gz
Add port 24209 in the preferences.
Thanks.
My problem is
Hi,
Google helped me find this very old posting on the Ethereal site about
checking in some Turnstone MIBs
http://www.ethereal.com/lists/ethereal-cvs/29/msg00019.html
Would anyone know if the archive has survived and whether I could get a
copy of the mibs?
Thanks.
Guy Harris wrote:
Kukosa, Tomas wrote:
It seems that we have reached critical number of protocols.
I have met collision of built in p7 protoco with my private nu
protocol. They both have the same g_str_hash() value.
Does it make sence to create hash from the protocol filter name
which
On Fri, Nov 16, 2007 at 01:36:05PM +0900, Kenichi Okuyama wrote:
Being honest, I usually first filter the cap file so it only contains
the packet type I needed, ouput them in text mode, then compare them.
So for myself, currently I only need feature to ignore capture time
and sequence.
I am
Is it just my machine, or are others getting library not loaded errors
when running capinfos on Unix from the build directory -without- having
Wireshark installed at all? I just noticed it is displaying messages
like this for each of the plugins before displaying the help message:
[EMAIL
30 matches
Mail list logo
