Cool... :-)
Costin On Fri, 31 May 2002, Christopher K. St. John wrote: > jean-frederic clere wrote: > > > > I am rewritting the Ajp protocol documentation. A protocol > > analyser would help me. > > > > The analyzer was written using the existing docs, so > if there are problems in the docs the analyzer will > be wrong as well. > > > > So please send it. (Even if it is not run and not clean). > > > > Some of the code is a bit iffy, and it's definitely a > work in progress, but it runs. I did some cleanup and put > in some comments. I've attached a patch to Ethereal 0.9.4, > which you can get at: > > http://www.ethereal.com/ > > Make sure you have a recent version of libpcap. If you > want to hack on it, there are Ethereal developer docs in > docs/README.developer, but they are very out of date. > > Notes: > > It autodetects 8009 as AJP traffic. It doesn't decode FORWARD_REQUEST > attributes (the optional stuff at the end). There are problems with > the protocol hierarchy display. There are probably memory leaks. The > protocol display could be easier to read. You need ethereal-0.9.4, > I'm confident it won't work with earlier versions, and I haven't > tested against CVS. There are lots of compiler warnings, many of them > legitimate. > > Install: > > <download and untar a clean copy of ethereal-0.9.4.tgz> > $ cd $PATH_TO_ETHEREAL/ethereal-0.9.4 > $ patch < $PATH_TO_PATCH/eth-ajp13.patch > patching file Makefile.am > patching file Makefile.nmake > patching file packet-ajp13.c > patching file packet-ajp13.h > patching file register-static.c > $ ./configure > $ make > <many compiler warnings> > $ su > # ./ethereal > < make sure that Edit -> Preferences -> Protocols -> TCP > "Allow subdissectors to desegment TCP streams" is set > to true > > <Capture -> Start -> Ok> # try "update packets in real time" > <Surf> > <Giggle like an anime schoolgirl as you watch the capture> > > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
