RE: Ethereal AJP13 dissector? [Ethereal patch attached]
Thanks Chris, I'm a long time user of ethereal and provide rpm for ethereal. So a big +1 for ajp13 disector (something I planned but never done) - Henri Gomez ___[_] EMAIL : [EMAIL PROTECTED](. .) PGP KEY : 697ECEDD...oOOo..(_)..oOOo... PGP Fingerprint : 9DF8 1EA8 ED53 2F39 DC9B 904A 364F 80E6 -Original Message- From: Christopher K. St. John [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 7:09 PM To: [EMAIL PROTECTED] Subject: Re: Ethereal AJP13 dissector? [Ethereal patch attached] jean-frederic clere wrote: I am rewritting the Ajp protocol documentation. A protocol analyser would help me. The analyzer was written using the existing docs, so if there are problems in the docs the analyzer will be wrong as well. So please send it. (Even if it is not run and not clean). Some of the code is a bit iffy, and it's definitely a work in progress, but it runs. I did some cleanup and put in some comments. I've attached a patch to Ethereal 0.9.4, which you can get at: http://www.ethereal.com/ Make sure you have a recent version of libpcap. If you want to hack on it, there are Ethereal developer docs in docs/README.developer, but they are very out of date. Notes: It autodetects 8009 as AJP traffic. It doesn't decode FORWARD_REQUEST attributes (the optional stuff at the end). There are problems with the protocol hierarchy display. There are probably memory leaks. The protocol display could be easier to read. You need ethereal-0.9.4, I'm confident it won't work with earlier versions, and I haven't tested against CVS. There are lots of compiler warnings, many of them legitimate. Install: download and untar a clean copy of ethereal-0.9.4.tgz $ cd $PATH_TO_ETHEREAL/ethereal-0.9.4 $ patch $PATH_TO_PATCH/eth-ajp13.patch patching file Makefile.am patching file Makefile.nmake patching file packet-ajp13.c patching file packet-ajp13.h patching file register-static.c $ ./configure $ make many compiler warnings $ su # ./ethereal make sure that Edit - Preferences - Protocols - TCP Allow subdissectors to desegment TCP streams is set to true Capture - Start - Ok # try update packets in real time Surf Giggle like an anime schoolgirl as you watch the capture -- Christopher St. John [EMAIL PROTECTED] DistribuTopia http://www.distributopia.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Ethereal AJP13 dissector? [Ethereal patch attached]
jean-frederic clere wrote: I am rewritting the Ajp protocol documentation. A protocol analyser would help me. The analyzer was written using the existing docs, so if there are problems in the docs the analyzer will be wrong as well. So please send it. (Even if it is not run and not clean). Some of the code is a bit iffy, and it's definitely a work in progress, but it runs. I did some cleanup and put in some comments. I've attached a patch to Ethereal 0.9.4, which you can get at: http://www.ethereal.com/ Make sure you have a recent version of libpcap. If you want to hack on it, there are Ethereal developer docs in docs/README.developer, but they are very out of date. Notes: It autodetects 8009 as AJP traffic. It doesn't decode FORWARD_REQUEST attributes (the optional stuff at the end). There are problems with the protocol hierarchy display. There are probably memory leaks. The protocol display could be easier to read. You need ethereal-0.9.4, I'm confident it won't work with earlier versions, and I haven't tested against CVS. There are lots of compiler warnings, many of them legitimate. Install: download and untar a clean copy of ethereal-0.9.4.tgz $ cd $PATH_TO_ETHEREAL/ethereal-0.9.4 $ patch $PATH_TO_PATCH/eth-ajp13.patch patching file Makefile.am patching file Makefile.nmake patching file packet-ajp13.c patching file packet-ajp13.h patching file register-static.c $ ./configure $ make many compiler warnings $ su # ./ethereal make sure that Edit - Preferences - Protocols - TCP Allow subdissectors to desegment TCP streams is set to true Capture - Start - Ok # try update packets in real time Surf Giggle like an anime schoolgirl as you watch the capture -- Christopher St. John [EMAIL PROTECTED] DistribuTopia http://www.distributopia.com eth-ajp13.patch.gz Description: Binary data -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Ethereal AJP13 dissector? [Ethereal patch attached]
Cool... :-) Costin On Fri, 31 May 2002, Christopher K. St. John wrote: jean-frederic clere wrote: I am rewritting the Ajp protocol documentation. A protocol analyser would help me. The analyzer was written using the existing docs, so if there are problems in the docs the analyzer will be wrong as well. So please send it. (Even if it is not run and not clean). Some of the code is a bit iffy, and it's definitely a work in progress, but it runs. I did some cleanup and put in some comments. I've attached a patch to Ethereal 0.9.4, which you can get at: http://www.ethereal.com/ Make sure you have a recent version of libpcap. If you want to hack on it, there are Ethereal developer docs in docs/README.developer, but they are very out of date. Notes: It autodetects 8009 as AJP traffic. It doesn't decode FORWARD_REQUEST attributes (the optional stuff at the end). There are problems with the protocol hierarchy display. There are probably memory leaks. The protocol display could be easier to read. You need ethereal-0.9.4, I'm confident it won't work with earlier versions, and I haven't tested against CVS. There are lots of compiler warnings, many of them legitimate. Install: download and untar a clean copy of ethereal-0.9.4.tgz $ cd $PATH_TO_ETHEREAL/ethereal-0.9.4 $ patch $PATH_TO_PATCH/eth-ajp13.patch patching file Makefile.am patching file Makefile.nmake patching file packet-ajp13.c patching file packet-ajp13.h patching file register-static.c $ ./configure $ make many compiler warnings $ su # ./ethereal make sure that Edit - Preferences - Protocols - TCP Allow subdissectors to desegment TCP streams is set to true Capture - Start - Ok # try update packets in real time Surf Giggle like an anime schoolgirl as you watch the capture -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]