Hi,
I want to see an expert item to report when wireshark can see that more than
one endpoint is configured with the same IP address.
The approach this (not-fully-tested-yet) patch takes is to pick IP/MAC pairs
out of ARP requests/reponses and maintain an IP-MAC hash table. Should
this work -
Hi,
it seems that it was implemented by me (rev 17530, March 2006) but I do not
remember why.
I will fix it.
Tomas
Od: [EMAIL PROTECTED] za uživatele Anders Broman
Odesláno: po 17.12.2007 20:36
Komu: 'Developer support list for Wireshark'
Předmět: Re:
Is anyone aware of an ITU specification using enumerated
values not in the root besides T.38? This code change is
in a generic prototcol handler, and could have unintended
consequences. I am willing to believe I am wrong, I am
just looking for an ITU document which clarifies whether
the
Joerg Mayer wrote:
In case packet-erf.c is in 0.99.7 this patch should be applied.
It is. I've copied the change over and restarted the build. 0.99.7 will have to
be released tomorrow.
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
Mike,
First, thanks for the response. Like I said below though, I don't think
any of the other dissectors work that way. UDP, for example, makes a
call to tvb_new_subset() to pass the payload of the UDP packet to the
registered heuristic dissectors, so those dissectors only get the
payload
Chris,
Orignal poster wanted a way to select the frames
based on MAC signature - that was a way to do that.
Yes, I agree with you that it passed the whole
eth frame instead of just the payload like other
dissectors do. Just the way it works now in eth
dissector.
It should be easy to change it
Hi,
Patience my friend, patience. With over 250 bug reports and 75 patches
pending it will take some time before anyone gets to it. Especially
since your dissector is not small and very atypical, someone has to a
liking to it and invest the time to verify it. That will take some time.
Thanx,
Hi,
Found this on the GTK mailing list:
http://mail.gnome.org/archives/gtk-devel-list/2007-December/msg00113.html
I humbly suggest that the versioning recommendation for the GTK+ stack
and GNOME in general is amended for the third micro part of the
version numbers to match the convention used in
Chris,
I spoke too soon. I went back to see what was
implemented in the custom dissector (been a while) and
the data being dissected with the code, and found that
the proposed change would not work for me.
The packets I'm dissecting are actually non-Ethernet packets
inside Ethernet framing. I
