packet-ipx.c \
packet-ipx.h \
packet-isakmp.c\
+ packet-lapb.c \
packet-llc.c \
packet-lpd.c \
packet-nbipx.c \
packet-udp.c \
packet-vines.c \
packet-vines.h \
+ packet-x25.c \
packet.c \
packet.h \
prefs.c \
/* file.c
* File I/O routines
*
- * $Id: file.c,v 1.52 1999/07/28 20:53:40 deniel Exp $
+ * $Id: file.c,v 1.53 1999/08/02 02:04:25 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
cf->filename = g_strdup( fname );
/* Next, find out what type of file we're dealing with */
- cf->cd_t = WTAP_FILE_UNKNOWN;
- cf->count = 0;
- cf->drops = 0;
- cf->esec = 0;
- cf->eusec = 0;
- cf->snap = 0;
+ cf->cd_t = WTAP_FILE_UNKNOWN;
+ cf->cd_t_desc = "unknown";
+ cf->count = 0;
+ cf->drops = 0;
+ cf->esec = 0;
+ cf->eusec = 0;
+ cf->snap = 0;
firstsec = 0, firstusec = 0;
lastsec = 0, lastusec = 0;
cf->fh = wtap_file(cf->wth);
cf->cd_t = wtap_file_type(cf->wth);
+ cf->cd_t_desc = wtap_file_type_string(cf->wth);
cf->snap = wtap_snapshot_length(cf->wth);
return (0);
}
fdata->lnk_t = phdr->pkt_encap;
fdata->abs_secs = phdr->ts.tv_sec;
fdata->abs_usecs = phdr->ts.tv_usec;
+ fdata->flags = phdr->flags;
fdata->cinfo = NULL;
add_packet_to_packet_list(fdata, cf, buf);
/* file.h
* Definitions for file structures and routines
*
- * $Id: file.h,v 1.23 1999/07/24 03:22:50 guy Exp $
+ * $Id: file.h,v 1.24 1999/08/02 02:04:25 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
gchar *filename; /* filename */
long f_len; /* File length */
guint16 cd_t; /* Capture data type */
+ const gchar *cd_t_desc;/* Description of that data type */
guint32 vers; /* Version. For tcpdump minor is appended to major */
guint32 count; /* Packet count */
guint32 drops; /* Dropped packets */
/* menu.c
* Menu routines
*
- * $Id: menu.c,v 1.31 1999/07/28 03:33:34 guy Exp $
+ * $Id: menu.c,v 1.32 1999/08/02 02:04:26 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
{"/_Tools", NULL, NULL, 0, "<Branch>" },
{"/Tools/_Follow TCP Stream", NULL, GTK_MENU_FUNC(follow_stream_cb), 0, NULL},
/* {"/Tools/Graph", NULL, NULL, 0, NULL}, future use */
- {"/Tools/Summary", NULL, GTK_MENU_FUNC(summary_prep_cb), 0, NULL},
+ {"/Tools/_Summary", NULL, GTK_MENU_FUNC(summary_prep_cb), 0, NULL},
{"/_Help", NULL, NULL, 0, "<LastBranch>" },
{"/Help/_About Ethereal...", NULL, GTK_MENU_FUNC(about_ethereal), 0, NULL}
};
/* packet.c
* Routines for packet disassembly
*
- * $Id: packet.c,v 1.33 1999/07/28 23:16:33 guy Exp $
+ * $Id: packet.c,v 1.34 1999/08/02 02:04:26 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
case WTAP_ENCAP_PPP :
dissect_ppp(pd, fd, tree);
break;
+ case WTAP_ENCAP_LAPB :
+ dissect_lapb(pd, fd, tree);
+ break;
case WTAP_ENCAP_RAW_IP :
dissect_raw(pd, fd, tree);
break;
/* packet.h
* Definitions for packet disassembly structures and routines
*
- * $Id: packet.h,v 1.77 1999/07/31 18:18:43 guy Exp $
+ * $Id: packet.h,v 1.78 1999/08/02 02:04:26 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
column_info *cinfo; /* Column formatting information */
int lnk_t; /* Per-packet encapsulation/data-link type */
gboolean passed_dfilter; /* TRUE = display, FALSE = no display */
+ guint8 flags; /* for ENCAP_LAPB : 1st bit means From DCE */
} frame_data;
typedef struct _packet_info {
ETT_SDP,
ETT_RADIUS,
ETT_RADIUS_AVP,
+ ETT_LAPB,
+ ETT_X25,
NUM_TREE_TYPES /* last item number plus one */
};
void dissect_clip(const u_char *, frame_data *, proto_tree *);
void dissect_eth(const u_char *, frame_data *, proto_tree *);
void dissect_fddi(const u_char *, frame_data *, proto_tree *);
+void dissect_lapb(const u_char *, frame_data *, proto_tree *);
void dissect_null(const u_char *, frame_data *, proto_tree *);
void dissect_ppp(const u_char *, frame_data *, proto_tree *);
void dissect_raw(const u_char *, frame_data *, proto_tree *);
void dissect_arp(const u_char *, int, frame_data *, proto_tree *);
void dissect_bootp(const u_char *, int, frame_data *, proto_tree *);
void dissect_cdp(const u_char *, int, frame_data *, proto_tree *);
+void dissect_cotp(const u_char *, int, frame_data *, proto_tree *);
void dissect_data(const u_char *, int, frame_data *, proto_tree *);
void dissect_ddp(const u_char *, int, frame_data *, proto_tree *);
void dissect_dns(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_rtp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_spp(const u_char *, int, frame_data *, proto_tree *);
void dissect_payload_ppp(const u_char *, int, frame_data *, proto_tree *);
+void dissect_x25(const u_char *, int, frame_data *, proto_tree *);
void dissect_ftp(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_ftpdata(const u_char *, int, frame_data *, proto_tree *, int);
void dissect_gre(const u_char *, int, frame_data *, proto_tree *);
void init_dissect_udp(void);
+void init_dissect_x25(void);
/* These functions are in ethertype.c */
void capture_ethertype(guint16 etype, int offset,
/* proto.c
* Routines for protocol tree
*
- * $Id: proto.c,v 1.7 1999/08/01 04:28:09 gram Exp $
+ * $Id: proto.c,v 1.8 1999/08/02 02:04:27 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
void proto_register_ipv6(void);
void proto_register_ipx(void);
void proto_register_isakmp(void);
+void proto_register_lapb(void);
void proto_register_llc(void);
void proto_register_nbipx(void);
void proto_register_nbt(void);
void proto_register_tr(void);
void proto_register_trmac(void);
void proto_register_udp(void);
+void proto_register_x25(void);
/* special-case header field used within proto.c */
int hf_text_only = 1;
proto_register_ipv6();
proto_register_ipx();
proto_register_isakmp();
+ proto_register_lapb();
proto_register_llc();
proto_register_nbipx();
proto_register_nbt();
proto_register_tr();
proto_register_trmac();
proto_register_udp();
+ proto_register_x25();
/* Register one special-case FT_TEXT_ONLY field for use when
converting ethereal to new-style proto_tree. These fields
/* summary.c
* Routines for capture file summary window
*
- * $Id: summary.c,v 1.6 1999/07/13 03:08:06 gram Exp $
+ * $Id: summary.c,v 1.7 1999/08/02 02:04:27 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
/* Summary filter key */
#define E_SUM_FILT_TE_KEY "sum_filt_te"
-char * string_for_format(guint16 cd_t){
- switch (cd_t) {
- case WTAP_FILE_WTAP:
- return "wiretap";
- case WTAP_FILE_PCAP:
- return "pcap";
- case WTAP_FILE_LANALYZER:
- return "LanAlyzer";
- case WTAP_FILE_NGSNIFFER:
- return "Sniffer";
- case WTAP_FILE_SNOOP:
- return "snoop";
- case WTAP_FILE_IPTRACE:
- return "iptrace";
- case WTAP_FILE_NETMON:
- return "Network Monitor";
- case WTAP_FILE_NETXRAY:
- return "NetXray/Sniffer Pro";
- default:
- return "unknown";
- }
-}
-
double
secs_usecs( guint32 s, guint32 us) {
return (us / 1000000.0) + (double)s;
add_string_to_box(string_buff, file_box);
/* format */
- snprintf(string_buff, SUM_STR_MAX, "Format: %s",
-string_for_format(cf.cd_t));
+ snprintf(string_buff, SUM_STR_MAX, "Format: %s", cf.cd_t_desc);
+ add_string_to_box(string_buff, file_box);
+
+ /* snapshot length */
+ snprintf(string_buff, SUM_STR_MAX, "Snapshot length: %u", cf.snap);
add_string_to_box(string_buff, file_box);
/* Data frame */
netxray.h \
ngsniffer.c \
ngsniffer.h \
+ radcom.c \
+ radcom.h \
snoop.c \
snoop.h \
wtap.c \
/* file.c
*
- * $Id: file.c,v 1.11 1999/07/13 02:53:23 gram Exp $
+ * $Id: file.c,v 1.12 1999/08/02 02:04:37 guy Exp $
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
#include "buffer.h"
#include "lanalyzer.h"
#include "ngsniffer.h"
+#include "radcom.h"
#include "libpcap.h"
#include "snoop.h"
#include "iptrace.h"
if ((wth->file_type = ngsniffer_open(wth)) != WTAP_FILE_UNKNOWN) {
goto success;
}
+ /* WTAP_FILE_RADCOM */
+ if ((wth->file_type = radcom_open(wth)) != WTAP_FILE_UNKNOWN) {
+ goto success;
+ }
/* WTAP_FILE_LANALYZER */
if ((wth->file_type = lanalyzer_open(wth)) != WTAP_FILE_UNKNOWN) {
goto success;
/* ngsniffer.c
*
- * $Id: ngsniffer.c,v 1.13 1999/07/13 02:53:25 gram Exp $
+ * $Id: ngsniffer.c,v 1.14 1999/08/02 02:04:37 guy Exp $
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
WTAP_ENCAP_NONE, /* PC Network broadband */
WTAP_ENCAP_NONE, /* LocalTalk */
WTAP_ENCAP_NONE, /* Znet */
- WTAP_ENCAP_NONE, /* Internetwork analyzer */
+ WTAP_ENCAP_LAPB, /* Internetwork analyzer */
WTAP_ENCAP_NONE, /* type 8 not defined in Sniffer */
WTAP_ENCAP_FDDI,
WTAP_ENCAP_NONE /* ATM */
t = (double)time_low+(double)(time_med)*65536.0 +
(double)time_high*4294967296.0;
+ wth->phdr.flags = frame2.fs & 0x80;
+
goto found;
case REC_FRAME4:
/* wtap.c
*
- * $Id: wtap.c,v 1.11 1999/07/28 20:17:24 deniel Exp $
+ * $Id: wtap.c,v 1.12 1999/08/02 02:04:38 guy Exp $
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
return wth->file_type;
}
-
int wtap_snapshot_length(wtap *wth)
{
return wth->snapshot_length;
}
+const char *wtap_file_type_string(wtap *wth)
+{
+ switch (wth->file_type) {
+ case WTAP_FILE_WTAP:
+ return "wiretap";
+
+ case WTAP_FILE_PCAP:
+ return "pcap";
+
+ case WTAP_FILE_LANALYZER:
+ return "Novell LANalyzer";
+
+ case WTAP_FILE_NGSNIFFER:
+ return "Network Associates Sniffer (DOS-based)";
+
+ case WTAP_FILE_SNOOP:
+ return "snoop";
+
+ case WTAP_FILE_IPTRACE:
+ return "iptrace";
+
+ case WTAP_FILE_NETMON:
+ return "Microsoft Network Monitor";
+
+ case WTAP_FILE_NETXRAY:
+ return "Cinco Networks NetXRay/Network Associates Sniffer (Windows-based)";
+
+ case WTAP_FILE_RADCOM:
+ return "RADCOM WAN/LAN analyzer";
+
+ default:
+ g_error("Unknown capture file type %d", wth->file_type);
+ return NULL;
+ }
+}
+
void wtap_close(wtap *wth)
{
/* free up memory. If any capture structure ever allocates
/* wtap.h
*
- * $Id: wtap.h,v 1.21 1999/07/28 23:16:42 guy Exp $
+ * $Id: wtap.h,v 1.22 1999/08/02 02:04:38 guy Exp $
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
#define WTAP_ENCAP_ARCNET 7
#define WTAP_ENCAP_ATM_RFC1483 8
#define WTAP_ENCAP_LINUX_ATM_CLIP 9
+#define WTAP_ENCAP_LAPB 10
/* last WTAP_ENCAP_ value + 1 */
-#define WTAP_NUM_ENCAP_TYPES 10
+#define WTAP_NUM_ENCAP_TYPES 11
/* File types that can be read by wiretap */
#define WTAP_FILE_UNKNOWN 0
#define WTAP_FILE_IPTRACE 7
#define WTAP_FILE_NETMON 8
#define WTAP_FILE_NETXRAY 9
+#define WTAP_FILE_RADCOM 10
/* Filter types that wiretap can create. An 'offline' filter is really
* a BPF filter, but it is treated specially because wiretap might not know
int is_atm;
} ngsniffer_t;
+typedef struct {
+ time_t start;
+} radcom_t;
+
typedef struct {
guint16 pkt_len;
guint32 totpktt;
guint32 caplen;
guint32 len;
int pkt_encap;
+ guint8 flags; /* ENCAP_LAPB : 1st bit means From DCE */
};
typedef void (*wtap_handler)(u_char*, const struct wtap_pkthdr*,
libpcap_t *pcap;
lanalyzer_t *lanalyzer;
ngsniffer_t *ngsniffer;
+ radcom_t *radcom;
netmon_t *netmon;
netxray_t *netxray;
} capture;
FILE* wtap_file(wtap *wth);
int wtap_snapshot_length(wtap *wth); /* per file */
int wtap_file_type(wtap *wth);
+const char *wtap_file_type_string(wtap *wth);
void wtap_close(wtap *wth);