On Sun, Feb 24, 2008 at 03:37:19PM -0700, Stephen Fisher wrote:
> On Fri, Feb 22, 2008 at 11:41:31PM +0100, Stig Bjørlykke wrote:
>
> > When having a custom column the "Apply as Filter" and "Prepare a
> > Filter" does not work as expected in the Packet List. Sometimes
> > nothing is selected,
OK, I guess because our toolchains differ slightly the output was a bit
different and I was led astray. Sorry about that; my stupid error. The
last problem you had was probably due to something with your version
naming, but regardless, I think I've found the root cause of your
problem. You need
I have had a similar issue with my plugin. What I see is the following
behavior:
. my dissector is called at the beginning of the PDU
. my dissector calls tcp_dissect_pdus(). The length retrieval function
yields the correct value for the PDU length, which exceeds the size of the
current packet.
Jeff Morriss wrote:
> Any chance to get dynamic glib-1.2 libraries?
A while ago, I tried building shared GLib 1.2 for OS X, without success.
I don't remember what the problems were.
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://ww
Michael Tuexen wrote:
> Just a correction of my earlier mail...
>
> The current svn version does not compile, but an old version did.
>
> However, the buildslave can not get the sources in time to start
> the compile phase.
It seems to be failing to compile/link it with glib-1.2:
> gcc -bundl
Bill Meier wrote:
> Stig Bjørlykke wrote:
>>> Log:
>>> Ensure tshark/wireshark always get good err msgs from dumpcap:
>> It looks like I'm getting the pipe header in my error message. Is
>> this intended?
>>
>
> Nope: I'm working on a fix...
>
I've committed a fix (SVN #24507) which has been
Just a correction of my earlier mail...
The current svn version does not compile, but an old version did.
However, the buildslave can not get the sources in time to start
the compile phase.
Best regards
Michael
On Feb 29, 2008, at 2:58 AM, [EMAIL PROTECTED] wrote:
> The Buildbot has detected a
Dear all,
I have been looking into the failures of the Mac OS X buildbot
failures...
Until 4 hour ago they were cause by the fact that the buildbot did not
have glib-1.2.10 and gtk-1.2.10 installed, I have fixed this.
I can build manually on that machine the svn repository with the --
disable
I experienced a similar problem when corporate pushed Wireshark 0.99.7.
All I needed to do was update my Wireshark build environment for 0.99.7
(including the tool set), then rebuild my DLL and on MS Windows XP, copy
the DLL(s) to the C:\Program Files\Wireshark\plugins\0.99.7 directory.
Tim
___
The Buildbot has detected a new failure of OSX-10.4-PPC.
Full details are available at:
http://buildbot.wireshark.org/trunk/OSX-10.4-PPC/builds/2103
Buildbot URL: http://buildbot.wireshark.org/trunk/
Build Reason:
Build Source Stamp: HEAD
Blamelist: wmeier
BUILD FAILED: failed failed slave los
I ran a test with and without options on a 600Mo capture file: the
result is the same, tshark takes 400Mo of memory. Is it normal ?
On Fri, Feb 29, 2008 at 12:31 PM, Edouard Funke <[EMAIL PROTECTED]> wrote:
> Thanks for all the information, i will try these options and see if
> there is no more m
On 29.02.2008, at 10:31, Guy Harris wrote:
Andreas Fink wrote:
Apparently its possible on some platforms to capture on all
interfaces
(tcpdump on linux does this).
under MacOS X, however only the first interface is used. This means
running tcpdump or dumpcap twice and merging the files later
I see a new feature request here.
It is a pain in the a** to capture on constantly state changing
interfaces like ppp if something is wrong. And that is the point when I
usually use wireshark, tracing problems.
Maybe it would be possible to make wireshark capture on a not active
(not linked) interf
Thanks for all the information, i will try these options and see if
there is no more memory problem.
For now our plugins do not use reassembly but it is feature that we
might want to implement soon. We might face the same problems then, a
quick fix would be to split capture files but as we are try
Edouard Funke wrote:
> The same issue happens with "normal" tcp trafic without any custom
> plugin activated.
> How can i deactivate reassembly in this case ?
Try adding the command line flag
-o tcp.desegment_tcp_streams:false
which will turn off reassembly for protocols running over TCP
The same issue happens with "normal" tcp trafic without any custom
plugin activated.
How can i deactivate reassembly in this case ? How different would be
my output ?
On Fri, Feb 29, 2008 at 11:19 AM, Guy Harris <[EMAIL PROTECTED]> wrote:
> Edouard Funke wrote:
> > The exact command i am using is
Edouard Funke wrote:
> The exact command i am using is :
> tshark -r my_big_capture_file -T pdml -V | myprogram
>
> It is tshark who is running out of memory (monitored). Could the pipe
> have something to do with it ?
No - TShark has no idea that its standard output is being piped to
another pr
Hi,
I tried to add one sub-dissector table for private IEs, but the problem is that for private IEs the Protocol-IE-Id is a choice (having a local ID and a global ID) instead of string or integer.
So how to go about registering a new sub-dissector table??
static int dissect_PrivateIEFieldValue(
Andreas Fink wrote:
> Apparently its possible on some platforms to capture on all interfaces
> (tcpdump on linux does this).
> under MacOS X, however only the first interface is used. This means
> running tcpdump or dumpcap twice and merging the files later together if
> you want to capture dual
The exact command i am using is :
tshark -r my_big_capture_file -T pdml -V | myprogram
It is tshark who is running out of memory (monitored). Could the pipe
have something to do with it ?
On Thu, Feb 28, 2008 at 7:12 PM, Guy Harris <[EMAIL PROTECTED]> wrote:
> Edouard Funke wrote:
>
> > We are c
Apparently its possible on some platforms to capture on all interfaces
(tcpdump on linux does this).
under MacOS X, however only the first interface is used. This means
running tcpdump or dumpcap twice and merging the files later together
if you want to capture dualhomed traffic (like SCTP).
21 matches
Mail list logo
