Re: [Wireshark-dev] Generated items in frame dissector

Ulf Lamping wrote: > Stephen Fisher schrieb: ... >> Frame Number >> > Is derived from the read sequence, you may argue it's generated. ...or that it's implicitly in the capture file, in that the Nth packet in the capture file has a frame number of N. ___

Re: [Wireshark-dev] Console error on startup: Diameter Dictionary: NoVendor: 3GPP

Hi, Is this still true on the latest SVN version? Regards Anders -Ursprungligt meddelande- Från: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] För Stephen Fisher Skickat: den 15 november 2007 06:17 Till: wireshark-dev@wireshark.org Ämne: [Wireshark-dev] Console error on startup: Diameter Dic

[Wireshark-dev] Console error on startup: Diameter Dictionary: No Vendor: 3GPP

Recently, I started getting these console errors when starting Wireshark on Unix: Diameter Dictionary: No Vendor: 3GPPDiameter Dictionary: No Vendor: 3GPP Could someone familiar with that part of Wireshark take a look? Thanks. Steve ___ Wireshark-

[Wireshark-dev] Generated items in frame dissector

Shouldn't everything in the frame dissector tree be marked as generated (with [ and ] brackets around it)? I was teaching a group about Wireshark this evening and noticed that while most items have brackets, a few don't: Arrival Time Frame Number Frame Length Capture Length Steve

Re: [Wireshark-dev] The COPYING file (our license) is a mess!

On Wed, Nov 14, 2007 at 10:20:12PM +0100, Jaap Keuter wrote: > So even though I'm not happy with this stuff it seems to be needed to > keep *stupid* people of our lists. I obviously think so too, but that doesn't mean we shouldn't add some explanations around our additions. Also, the disambuguiti

[Wireshark-dev] proto_tree_add_bytes

hi Can someone tell me how I use the function,:   proto_tree_add_bytes_format_value() and what do the individual variable.   khalid www.jubii.fr c'est une seule interface pour communiquer. Email, téléphone gratuit, messagerie instantanée, 10 Go d'espace de stockage. Avec www.jubii.fr simplifie

Re: [Wireshark-dev] Use of EXTERNALt

>Anders: Is someone looking at doing something similar for ACSE (which still >uses an EXTERNALt)? Not in the near future...and I don't know that protocol that well. Regards Anders ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www

Re: [Wireshark-dev] Use of EXTERNALt

On 14. nov.. 2007, at 22.24, Graeme Lunt wrote: > Stig: Can you check I haven't broken your x411 captures? Seems to work correctly for my captures. >> The EXTERNAL handling in packet-ber.c does not decode octet-aligned >> encoding according to the direct-reference, like acse did (from >> r223

Re: [Wireshark-dev] lenght

Hi On Wed, 14 Nov 2007 17:49:06 +, khalid habibi wrote > i m a beginner. > I have the following output: >   > DATA: 005F000103E5 > I will spend it in HEX also 0x. > Because it has an variable length, I do not know how to do this? >   > proto_tree_add_item(application_tree, hf_data_nbyte, tv

Re: [Wireshark-dev] Use of EXTERNALt

Anders, Tomas, Stig, > > RTSE should be changed to use EXTERNAL and put the callback > > in the asnctx. I have now checked in a change so that RTSE uses the packet-ber EXTERNAL decoding. (http://anonsvn.wireshark.org/viewvc/viewvc.py?view=rev&revision=23450) Tomas: I had to make some minor chan

Re: [Wireshark-dev] The COPYING file (our license) is a mess!

Hi, Looking at the history the main part was added by Gerald in revision 21806. Yes, it should be clear to anyone what the GPLv2 means but in real life you get some *stupid* questions on it. (I'm all for the view that there are no stupid questions, only stupid answers, but here I make the exce

Re: [Wireshark-dev] displaying tree values > 32 bits

Hi, The largest integer we handle at this moment is 64 bit. Thanx, Jaap Kevin Arruda wrote: > Hello, > > I was having some trouble finding the answer to this: > > I would like to add an entry to my dissection table which handles a 128 > bit value. For values > 32 bits, must I forego the tabl

Re: [Wireshark-dev] what are the steps needed to add a plugin

Hi, See it as a tradeoff. Option 1 is to add your dissector build in. This means that you'll have to rebuild register.c and relink libwireshark every time you change your dissector. With a ton of dissectors this takes a while. Option 2 is to add your dissector as a plugin. This takes some work

[Wireshark-dev] lenght

i m a beginner. I have the following output:   DATA: 005F000103E5 I will spend it in HEX also 0x. Because it has an variable length, I do not know how to do this?   proto_tree_add_item(application_tree, hf_data_nbyte, tvb, offset, -1, pdu_ackd);   { &hf_data_nbyte,   { "DATA",  "lon.datum",

Re: [Wireshark-dev] Is there a good way of handling bitfields withdifferent bitmask offsets ?

I used the not-long-since-added proto_tree_add_bits_ret_val() in packet-umts_fp.c. There is also proto_tree_add_bits_item() which doesn't extract the value for you. Are these functions not suitable for your purpose? It certainly simplified the part of the code I needed it for. Martin On Nov 14,

Re: [Wireshark-dev] Is there a good way of handling bitfields withdifferent bitmask offsets ?

> -Original Message- > [mailto:[EMAIL PROTECTED] On Behalf Of > ronnie sahlberg > Not tested! > grab the hfinfo structure and modify the fields at runtime : > > header_field_info *hfinfo; > > hfinfo = proto_registrar_get_nth(hf_index); > hfinfo->bitmask = new bitmask > hfinfo->bitshi

Re: [Wireshark-dev] Global configuration files are overwritten by Debian package

Hi, I think these questions are better asked to the Debian package maintainer, Frederic Peters ([EMAIL PROTECTED]). Thanx, Jaap Martin André wrote: > Hello, > > I'm wondering if it is currently possible to keep global configuration > file set for the whole system, for example custom system-wid

Re: [Wireshark-dev] no interface listed using wireshark, vista home premium 32

Hi, do you start Wireshark with the needed capture privileges? Regards, Martin On Nov 14, 2007 5:20 PM, Yngve Edvardsen <[EMAIL PROTECTED]> wrote: > > > > > Hi, > > > > Wireshark is not able to list any interfaces on my Dell XPS 1330m

[Wireshark-dev] no interface listed using wireshark, vista home premium 32

Hi, Wireshark is not able to list any interfaces on my Dell XPS 1330m laptop. I have windows vista homepremium installed and windump are showing all my interfaces. windump.exe -D 1.\Device\NPF_{4F96DAAA-FF0C-4B61-8D83-9959FF22CB6C} (b57nd60x4 Broadcom NetXtre me Gigabit Ethernet Driver) 2.\Devic

Re: [Wireshark-dev] Capturing to something else than files or humans

[EMAIL PROTECTED] wrote: > e.g. to push out a constant stream of network protocol information for > another systems to look at instead of people? If XML will do, take a look at TShark's -T & -V options. -- Regards, Marco. __

[Wireshark-dev] Capturing to something else than files or humans

Hi WireShark developpers, I only recently came in touch with this awesome piece of software. I was wondering whether or not it is possible to make that the results of the capturing (after filtering, analysis) is being pushed out to another server instead of the current file saving or human user i

Re: [Wireshark-dev] Is there a good way of handling "per pdu" info ?

Didier wrote: >Not an expert either but if you use the same table for >both directions you may >have duplicate if TCP relative sequence number is set. >cf bug: >http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1392 Thanks. I didn't go into that level of detail but I do maintain a different tabl

Re: [Wireshark-dev] [Wireshark-commits] rev 23446: /trunk/gtk/ /trunk/gtk/: summary_dlg.c

2007/11/14, Ulf Lamping <[EMAIL PROTECTED]>: > Maybe this line needs *more* parentheses and not *less* ;-) I was looking at this, and found the same construction for the filtered bytes avg. which seems to work correctly. > Now this line might work, but I actually have no real idea what the line

Re: [Wireshark-dev] [Wireshark-commits] rev 23446: /trunk/gtk/ /trunk/gtk/: summary_dlg.c

[EMAIL PROTECTED] schrieb: > http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=23446 > > User: stig > Date: 2007/11/14 09:37 AM > > Log: > From Shiang-Ming Huang: > Removed unnecessary parentheses that make the average packets size > calculated as an integer instead of a float. >