Re: [Wireshark-dev] Tshark closing unexpectedly due to failure reading from file

2020-11-20 Thread Alastair Scott
Thanks Guy! I tested your fix myself and it solved my problem. Regards, Alastair On Fri, Nov 20, 2020 at 12:37 AM Guy Harris wrote: > On Nov 19, 2020, at 9:07 PM, Alastair Scott wrote: > > > Do you know where in the code base I could look for a potential remedy > to this issue

Re: [Wireshark-dev] Tshark closing unexpectedly due to failure reading from file

2020-11-19 Thread Alastair Scott
Hi John, Do you know where in the code base I could look for a potential remedy to this issue? I'm trying to find a place to add a delay to ensure the read does not come early. Regards, Alastair On Thu, Nov 19, 2020 at 6:15 PM John Sullivan wrote: > > [gitlab page updated with details] > > On

[Wireshark-dev] Tshark closing unexpectedly due to failure reading from file

2020-11-16 Thread Alastair Scott
Hi all, I'm experiencing an issue where tshark is stopping unexpectedly. I have a process streaming pcapng data over a TCP socket to tshark and using tshark's TCP@ interface type on the command line. Most of the time everything will be fine but every now and then tshark will stop right away and pr

Re: [Wireshark-dev] license for Wireshark (formerly Ethereal)'s mergecap.c/merge.c

2013-01-15 Thread Scott Renfro
Yes, GPLv2+ is fine with me. On Jan 14, 2013, at 7:28 PM, Jeff Morriss wrote: > Hi Scott, > > Several years ago you wrote a "mergecap" utility for Ethereal (now > Wireshark); this work (according to the comments at the top of the > file--which is now "mer

Re: [Wireshark-dev] composite tvbuffs

2010-09-27 Thread Scott Mueller
ges, like Message 1 and Message 2 above. I then copy out the payload into an allocated memory space so that I can dissect the payload as a tvbuff. Best regards, M. Scott Mueller -Original Message- From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behal

Re: [Wireshark-dev] composite tvbuffs

2010-09-27 Thread Scott Mueller
unded like a good way to deal with this. If they don't work, I'll have to bite the bullet and do the work. Thanks again, Best regards, M. Scott Mueller -Original Message- From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Step

Re: [Wireshark-dev] composite tvbuffs

2010-09-24 Thread Scott Mueller
a, so I'm just trying to avoid allocating everything in a very large contiguous block. Thanks again, M. Scott Mueller -Original Message- From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Stephen Fisher Sent: Friday, September 24, 20

[Wireshark-dev] composite tvbuffs

2010-09-24 Thread Scott Mueller
;t complete, what is needed to make this happen? Any help at all would be appreciated. If what I've said here isn't clear, let me know that too. Thanks! Best regards, M. Scott Mueller ___ Sent via

Re: [Wireshark-dev] Sub_dissectors assertion failed

2010-05-25 Thread Scott
> Is the packet in question the first fragment of an IP datagram? Nope. The problem had to do with the code in packet-ip.c between lines 2375 and 2394. If I left it as -1 it equated to 65,535 and the next dissector in line didn't like that I suppose. Something with what ip_checksum retur

Re: [Wireshark-dev] Sub_dissectors assertion failed

2010-05-24 Thread Scott
d in: http://img80.imageshack.us/img80/5582/malformed.gif by hardcoding a value into the reported_length parameter of tvb_new_subset() instead of using -1. This is obviously not a long term solution, so what I need to get at is the IP header's

Re: [Wireshark-dev] Sub_dissectors assertion failed

2010-05-24 Thread Scott
anually to get the protocols to match correctly with the ip_dissector_table. Before that I tried casting it to a guint8 but that didn't work. It now works with the code I showed before, but I am getting this problem now: http://img80.imageshack.us/img80/5582/malformed.gif -Scott

Re: [Wireshark-dev] Sub_dissectors assertion failed

2010-05-21 Thread Scott
dummy proto length], -1, -1); dissector_try_port(ip_dissector_table, hf_[*it* field that is a copy of ip.proto's], next_tvb, pinfo, tree); But I assume nothing is matching because no protocols show up after the dummy protocol in the packet details window. -Scott _

Re: [Wireshark-dev] Sub_dissectors assertion failed

2010-05-21 Thread Scott
_dissector_handle() and new_create_dissector_handle()? Quite a number of questions? Yes. I feel like README.developer is good but it doesn't explain all. Guidance from you and any other developers is much appreciated. -Scott __

[Wireshark-dev] Sub_dissectors assertion failed

2010-05-20 Thread Scott
R:packet.c:709:dissector_add: assertion failed: (sub_dissectors) Help will be appreciated. -Scott ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wir

Re: [Wireshark-dev] Dissector Recognition

2010-05-20 Thread Scott
Ah! That's what I was looking for. It shows up now. Thanks Bill! Scott On Thu, May 20, 2010 at 1:21 PM, Bill Meier wrote: > Scott wrote: > > Devs, > > > > How does Wireshark know which dissector(s) to call while dissecting a > > packet? I've

[Wireshark-dev] Dissector Recognition

2010-05-20 Thread Scott
I don't know where in my dissector code that ID should go. I believe I correctly add items to the protocol tree. I've read most of README.developer up until section 2 (Advanced dissector topics) so I feel like I

Re: [Wireshark-dev] "Extending Wireshark with Python" deprecated?

2010-05-19 Thread Scott
Ah. Thank you! On Wed, May 19, 2010 at 8:49 AM, Jeff Morriss wrote: > Scott wrote: > > This post is in reference to http://wiki.wireshark.org/Python. > > > > Using the 1.0.0 and 1.2.2 source I get the following warning: > > configure: WARNING: unrecognized options:

[Wireshark-dev] "Extending Wireshark with Python" deprecated?

2010-05-19 Thread Scott
This post is in reference to http://wiki.wireshark.org/Python. Using the 1.0.0 and 1.2.2 source I get the following warning: configure: WARNING: unrecognized options: --with-python after running these two commands in Ubuntu 9.10: ./autogen.sh ./configure --with-python Is this not in the source a

[Wireshark-dev] DOCSIS is not one of the DLTs supported by this device).

2009-12-05 Thread Scott and Germaine James
DOCSIS is not one of the DLTs supported by this device). what is this about ___ Sent via:Wireshark-dev mailing list Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscr

Re: [Wireshark-dev] [Winpcap-bugs] Windows 2008 Server

2009-07-24 Thread Gilmour, Scott
How can I verify which I am running? I know I am running windows 20008 Server Enterprise Edition. Thanks Scott Ps. I will try to get WinPCap 4.0.2 From: Gianluca Varenni [mailto:gianluca.vare...@cacetech.com] Sent: Friday, July 24, 2009 2:04 PM To: Gilmour, Scott; Developer support list for

Re: [Wireshark-dev] Windows 2008 Server

2009-07-24 Thread Gilmour, Scott
Hi GV, I tried that and no information was in the minidumps folder. Should I try a different version of WinPcap. Thanks Scott From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Gianluca Varenni Sent: Friday, July 24, 2009 12:46 PM To: Developer

Re: [Wireshark-dev] Windows 2008 Server

2009-07-24 Thread Gilmour, Scott
GV, The folder c:\windows\minidump is empty. What should I do next? Thanks Scott From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Gianluca Varenni Sent: Friday, July 24, 2009 11:16 AM To: Developer support list for Wireshark Subject: Re

Re: [Wireshark-dev] Windows 2008 Server

2009-07-22 Thread Gilmour, Scott
Graham, I had a copy of the crash message. This happens when I attempt to start up Wireshark. I will try to reinstall Wireshark this afternoon after I get the product license for windows 2008 server. Since I just received the message to activate windows. Thanks Scott From: wireshark-dev-boun

Re: [Wireshark-dev] Windows 2008 Server

2009-07-22 Thread Gilmour, Scott
I will reinstall Wireshark and send you the information. Thanks Scott From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Gianluca Varenni Sent: Wednesday, July 22, 2009 11:27 AM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev

Re: [Wireshark-dev] Windows 2008 Server

2009-07-22 Thread Gilmour, Scott
Graham, 3555 sounds different since as soon as I double click on the Wireshark desktop icon my Windows 2008 Server on VMWare crashes. Therefore I cannot even get to the interface to select an Ethernet connection. This works fine on my Windows 2003 Server R2. Thanks Scott From: wireshark-dev

Re: [Wireshark-dev] Windows 2008 Server

2009-07-22 Thread Gilmour, Scott
Graham, Yes I tried Wireshark 1.2.1 with winpcap 4.1 beta 5 Thanks Scott From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Graham Bloice Sent: Wednesday, July 22, 2009 10:00 AM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev

[Wireshark-dev] Windows 2008 Server

2009-07-22 Thread Gilmour, Scott
was. I then tried to start Wireshark and it crashed everytime I went to startup Wireshark. Is there already a Bug open up on this issue or is there a workaround to this issue. Thanks Scott ___ Sent via:Wireshark-dev

Re: [Wireshark-dev] New toplevel Telephone menu item

2009-02-02 Thread Paul Scott
2009/1/31 Jaap Keuter : > > It all depends of your point of view. For networking guys everything slightly > related to real time communications is quickly called Telephony, while > telephony > guys look at it as purely voice communications[2]. Telecom on the other hand > casts a net over all real

Re: [Wireshark-dev] Using external DTD

2008-10-02 Thread scott . harman
Hi Anders Thanks for that - yes it is for the MOS protocol - We're trying to find out the machine which did the capture - will test in house tomorrow. Is it not possible to write an XML dissector? I was really hoping it was going to be as easy as writing a full DTD ;) Thanks again

Re: [Wireshark-dev] Deploying 'default' properties with installation

2008-08-13 Thread scott . harman
from - or is it generated on first run? Cheers Scott "Abhik Sarkar" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 13/08/2008 08:25 Please respond to Developer support list for Wireshark To "Developer support list for Wireshark" cc Subject Re: [Wireshark

[Wireshark-dev] Deploying 'default' properties with installation

2008-08-13 Thread scott . harman
Hi guysI'm wondering what my options are in terms of preconfiguring an installation for a specific environment.We have our own custom dissector which is a stub of GIOP, and I'd like to disable PARLAY, TANGO and DNP 3 which can cause problems with our dissector.There are a couple of other tweaks to

[Wireshark-dev] Getting Lua dissector to work with the display filter

2007-02-02 Thread Scott Robinson
ears to have been deprecated (it's not in the *wslua.hfiles now) , so I tried to manually populate the Proto.field with a Lua table of the fields. Not sure if this is correct. Any pointers would be appreciated. Thanks. -Scott ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] Using Lua to parse TCP encapsulated IP protocol

2007-01-29 Thread Scott Robinson
so for the tip on the sub range creation. I thought that might work, but when the program was crashing, I was a bit leery about going beyond the example code I found. Thanks again for the help. -Scott Date: Tue, 23 Jan 2007 21:42:32 +0100 From: "Luis Ontanon" <[EMAIL PROTECTED]> Subject:

[Wireshark-dev] Using Lua to parse TCP encapsulated IP protocol

2007-01-21 Thread Scott Robinson
nal buffer to the ip dissector, wireshark doesn't crash (although it doesn't decode like I need it too) Thanks. -Scott -- Define our protocol my_proto = Proto("myproto", "MINE", "My Protocol") -- Create a function to dissect my_proto function my_proto