Ethereal-dev: [Ethereal-dev] DBS Ethertrace Wiretap module
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Marc Milgram <mmilgram@xxxxxxxxxxxx>
Date: Fri, 19 Oct 2001 09:34:21 -0400
Hello,This is an implementation of a DBS Ethertrace wiretap module. It only reads text mode output from Ethertrace. It is based on one Ethertrace log that I received, but it looks like its format is
similar to the toshiba format, with different syntactic sugar. -Marc Milgram <mmilgram[AT]arrayinc.com
Index: AUTHORS
===================================================================
RCS file: /cvsroot/ethereal/AUTHORS,v
retrieving revision 1.338
diff -u -r1.338 AUTHORS
--- AUTHORS 2001/10/19 09:12:53 1.338
+++ AUTHORS 2001/10/19 13:28:53
@@ -831,7 +831,8 @@
}
Marc Milgram <mmilgram[AT]arrayinc.com> {
- VMS TCPIPtrace wiretap module
+ VMS TCPIPtrace wiretap module
+ DBS Etherwatch wiretap module
}
Alain Magloire <alainm[AT]rcsm.ece.mcgill.ca> was kind enough to
Index: doc/editcap.pod
===================================================================
RCS file: /cvsroot/ethereal/doc/editcap.pod,v
retrieving revision 1.11
diff -u -r1.11 doc/editcap.pod
--- doc/editcap.pod 2001/10/18 20:29:55 1.11
+++ doc/editcap.pod 2001/10/19 13:28:53
@@ -30,12 +30,13 @@
B<nettl>, the dump output from B<Toshiba's> ISDN routers, the output
from B<i4btrace> from the ISDN4BSD project, the output in B<IPLog>
format from the Cisco Secure Intrusion Detection System, B<pppd logs>
-(pppdump format), and the output from VMS's B<TCPIPtrace> utility.
-There is no need to tell B<Editcap> what type of file you are reading;
-it will determine the file type by itself. B<Editcap> is also capable
-of reading any of these file formats if they are compressed using gzip.
-B<Editcap> recognizes this directly from the file; the '.gz' extension
-is not required for this purpose.
+(pppdump format), the output from VMS's B<TCPIPtrace> utility, and the
+text output from the B<DBS Etherwatch> VMS utility. There is no need to
+tell B<Editcap> what type of file you are reading; it will determine the
+file type by itself. B<Editcap> is also capable of reading any of these
+file formats if they are compressed using gzip. B<Editcap> recognizes
+this directly from the file; the '.gz' extension is not required for this
+purpose.
By default, it writes the capture file in B<libpcap> format, and writes
all of the packets in the capture file to the output file. The B<-F>
Index: doc/ethereal.pod.template
===================================================================
RCS file: /cvsroot/ethereal/doc/ethereal.pod.template,v
retrieving revision 1.217
diff -u -r1.217 doc/ethereal.pod.template
--- doc/ethereal.pod.template 2001/10/18 20:29:55 1.217
+++ doc/ethereal.pod.template 2001/10/19 13:28:53
@@ -42,12 +42,13 @@
router debug output, HP-UX's B<nettl>, the dump output from B<Toshiba's>
ISDN routers, the output from B<i4btrace> from the ISDN4BSD project, the
output in B<IPLog> format from the Cisco Secure Intrusion Detection
-System, B<pppd logs> (pppdump format), and the output from VMS's
-B<TCPIPtrace> utility. There is no need to tell B<Ethereal> what type
-of file you are reading; it will determine the file type by itself.
-B<Ethereal> is also capable of reading any of these file formats if they
-are compressed using gzip. B<Ethereal> recognizes this directly from
-the file; the '.gz' extension is not required for this purpose.
+System, B<pppd logs> (pppdump format), the output from VMS's
+B<TCPIPtrace> utility, and the text output from the B<DBS Etherwatch>
+VMS utility. There is no need to tell B<Ethereal> what type of file you
+are reading; it will determine the file type by itself. B<Ethereal> is
+also capable of reading any of these file formats if they are compressed
+using gzip. B<Ethereal> recognizes this directly from the file; the
+'.gz' extension is not required for this purpose.
Like other protocol analyzers, B<Ethereal>'s main window shows 3 views
of a packet. It shows a summary line, briefly describing what the
Index: doc/mergecap.pod
===================================================================
RCS file: /cvsroot/ethereal/doc/mergecap.pod,v
retrieving revision 1.4
diff -u -r1.4 doc/mergecap.pod
--- doc/mergecap.pod 2001/10/18 20:29:55 1.4
+++ doc/mergecap.pod 2001/10/19 13:28:54
@@ -26,13 +26,13 @@
B<Lucent/Ascend> router debug output, HP-UX's B<nettl>, the dump output
from B<Toshiba's> ISDN routers, the output from B<i4btrace> from the
ISDN4BSD project, the output in B<IPLog> format from the Cisco Secure
-Intrusion Detection System, B<pppd logs> (pppdump format), and the
-output from VMS's B<TCPIPtrace> utility. There is no need to tell
-B<Mergecap> what type of file you are reading; it will determine the
-file type by itself. B<Mergecap> is also capable of reading any of
-these file formats if they are compressed using gzip. B<Mergecap>
-recognizes this directly from the file; the '.gz' extension is not
-required for this purpose.
+Intrusion Detection System, B<pppd logs> (pppdump format), the output
+from VMS's B<TCPIPtrace> utility, and the text output from the
+B<DBS Etherwatch> VMS utility. There is no need to tell B<Mergecap> what
+type of file you are reading; it will determine the file type by itself.
+B<Mergecap> is also capable of reading any of these file formats if they
+are compressed using gzip. B<Mergecap> recognizes this directly from the
+file; the '.gz' extension is not required for this purpose.
By default, it writes the capture file in B<libpcap> format, and writes
all of the packets in both input capture files to the output file. The
Index: doc/tethereal.pod.template
===================================================================
RCS file: /cvsroot/ethereal/doc/tethereal.pod.template,v
retrieving revision 1.33
diff -u -r1.33 doc/tethereal.pod.template
--- doc/tethereal.pod.template 2001/10/18 20:29:55 1.33
+++ doc/tethereal.pod.template 2001/10/19 13:28:54
@@ -41,13 +41,14 @@
B<Lucent/Ascend> router debug output, HP-UX's B<nettl>, the dump output
from B<Toshiba's> ISDN routers, the output from B<i4btrace> from the
ISDN4BSD project, the output in B<IPLog> format from the Cisco Secure
-Intrusion Detection System, B<pppd logs> (pppdump format), and the
-output from VMS's B<TCPIPtrace> utility. There is no need to tell
-B<Tethereal> what type of file you are reading; it will determine the
-file type by itself. B<Tethereal> is also capable of reading any of
-these file formats if they are compressed using gzip. B<Tethereal>
-recognizes this directly from the file; the '.gz' extension is not
-required for this purpose.
+Intrusion Detection System, B<pppd logs> (pppdump format), the output
+from VMS's B<TCPIPtrace> utility, and the text output from the
+B<DBS Etherwatch> VMS utility. There is no need to tell B<Tethereal>
+what type of file you are reading; it will determine the file type by
+itself. B<Tethereal> is also capable of reading any of these file
+formats if they are compressed using gzip. B<Tethereal> recognizes this
+directly from the file; the '.gz' extension is not required for this
+purpose.
If the B<-w> flag is not specified, B<Tethereal> prints a decoded form
of the packets it captures or reads; otherwise, it writes those packets
Index: wiretap/AUTHORS
===================================================================
RCS file: /cvsroot/ethereal/wiretap/AUTHORS,v
retrieving revision 1.15
diff -u -r1.15 wiretap/AUTHORS
--- wiretap/AUTHORS 2001/10/18 20:29:56 1.15
+++ wiretap/AUTHORS 2001/10/19 13:28:54
@@ -10,4 +10,4 @@
Mike Hall <mlh[AT]io.com>
Daniel Thompson <daniel.thompson[AT]st.com>
Chris Jepeway <thai-dragon[AT]eleven29.com>
-Marc Milgram <mmilgram[AT]arrayinc.cmo>
+Marc Milgram <mmilgram[AT]arrayinc.com>
Index: wiretap/Makefile.am
===================================================================
RCS file: /cvsroot/ethereal/wiretap/Makefile.am,v
retrieving revision 1.34
diff -u -r1.34 wiretap/Makefile.am
--- wiretap/Makefile.am 2001/10/18 20:29:56 1.34
+++ wiretap/Makefile.am 2001/10/19 13:28:54
@@ -42,6 +42,8 @@
buffer.h \
csids.c \
csids.h \
+ dbs-etherwatch.c \
+ dbs-etherwatch.h \
etherpeek.c \
etherpeek.h \
file.c \
Index: wiretap/Makefile.nmake
===================================================================
RCS file: /cvsroot/ethereal/wiretap/Makefile.nmake,v
retrieving revision 1.21
diff -u -r1.21 wiretap/Makefile.nmake
--- wiretap/Makefile.nmake 2001/10/18 20:29:56 1.21
+++ wiretap/Makefile.nmake 2001/10/19 13:28:54
@@ -17,6 +17,7 @@
ascend.obj \
buffer.obj \
csids.obj \
+ dbs-etherwatch.obj \
etherpeek.obj \
file.obj \
file_wrappers.obj \
Index: wiretap/README
===================================================================
RCS file: /cvsroot/ethereal/wiretap/README,v
retrieving revision 1.27
diff -u -r1.27 wiretap/README
--- wiretap/README 2001/10/18 20:29:56 1.27
+++ wiretap/README 2001/10/19 13:28:54
@@ -151,6 +151,11 @@
TCPTRACE produces an ascii text based format, that has changed slightly over
time.
+DBS Etherwatch (text format)
+----------------------------
+Text output from DBS Etherwatch is supported. DBS Etherwatch is available
+from: http://www.users.bigpond.com/dbsneddon/software.htm.
+
Gilbert Ramirez <gram@xxxxxxxxxx>
Guy Harris <guy@xxxxxxxxxxxx>
Index: wiretap/file.c
===================================================================
RCS file: /cvsroot/ethereal/wiretap/file.c,v
retrieving revision 1.70
diff -u -r1.70 wiretap/file.c
--- wiretap/file.c 2001/10/18 20:29:56 1.70
+++ wiretap/file.c 2001/10/19 13:28:54
@@ -61,6 +61,7 @@
#include "pppdump.h"
#include "etherpeek.h"
#include "vms.h"
+#include "dbs-etherwatch.h"
/* The open_file_* routines should return:
*
@@ -109,6 +110,7 @@
i4btrace_open,
csids_open,
vms_open,
+ dbs_etherwatch_open,
};
#define N_FILE_TYPES (sizeof open_routines / sizeof open_routines[0])
@@ -370,6 +372,10 @@
/* WTAP_FILE_VMS */
{ "TCPIPtrace (VMS)", NULL,
+ NULL, NULL},
+
+ /* WTAP_FILE_DBS_ETHERWATCH */
+ { "DBS Etherwatch (VMS)", NULL,
NULL, NULL},
};
Index: wiretap/wtap.h
===================================================================
RCS file: /cvsroot/ethereal/wiretap/wtap.h,v
retrieving revision 1.90
diff -u -r1.90 wiretap/wtap.h
--- wiretap/wtap.h 2001/10/18 20:29:56 1.90
+++ wiretap/wtap.h 2001/10/19 13:28:54
@@ -133,9 +133,10 @@
#define WTAP_FILE_ETHERPEEK_MAC_V56 25
#define WTAP_FILE_ETHERPEEK_MAC_V7 26
#define WTAP_FILE_VMS 27
+#define WTAP_FILE_DBS_ETHERWATCH 28
/* last WTAP_FILE_ value + 1 */
-#define WTAP_NUM_FILE_TYPES 28
+#define WTAP_NUM_FILE_TYPES 29
/*
* Maximum packet size we'll support.
/* dbs-etherwatch.c
*
* $Id$
*
* Wiretap Library
* Copyright (c) 2001 by Marc Milgram <mmilgram@xxxxxxxxxxxx>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include "wtap-int.h"
#include "buffer.h"
#include "dbs-etherwatch.h"
#include "file_wrappers.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
/* This module reads the text output of the 'DBS-ETHERTRACE' command in VMS
* It was initially based on vms.c.
*/
/*
Example 'TCPIPTRACE' output data:
ETHERWATCH X5-008
42 names and addresses were loaded
Reading recorded data from PERSISTENCE
------------------------------------------------------------------------------
>From 00-D0-C0-D2-4D-60 [MF1] to AA-00-04-00-FC-94 [PSERVB]
Protocol 08-00 00 00-00-00-00-00, 60 byte buffer at 10-OCT-2001 10:20:45.16
[E..<8.....�.....]- 0-[45 00 00 3C 38 93 00 00 1D 06 D2 12 80 93 11 1A]
[...�.�...(�.....]- 16-[80 93 80 D6 02 D2 02 03 00 28 A4 90 00 00 00 00]
[.....�.....�....]- 32-[A0 02 FF FF 95 BD 00 00 02 04 05 B4 03 03 04 01]
[......�..... ]- 48-[01 01 08 0A 90 90 E5 14 00 00 00 00]
------------------------------------------------------------------------------
>From 00-D0-C0-D2-4D-60 [MF1] to AA-00-04-00-FC-94 [PSERVB]
Protocol 08-00 00 00-00-00-00-00, 50 byte buffer at 10-OCT-2001 10:20:45.17
[E..(8.....�%....]- 0-[45 00 00 28 38 94 00 00 1D 06 D2 25 80 93 11 1A]
[...�.�...(�.Z.4w]- 16-[80 93 80 D6 02 D2 02 03 00 28 A4 91 5A 1C 34 77]
[P.#(�s.....�....]- 32-[50 10 23 28 C1 73 00 00 02 04 05 B4 03 03 00 00]
[.. ]- 48-[02 04]
*/
/* Magic text to check for DBS-ETHERWATCH-ness of file */
static const char dbs_etherwatch_hdr_magic[] =
{ 'E', 'T', 'H', 'E', 'R', 'W', 'A', 'T', 'C', 'H', ' ', ' '};
#define DBS_ETHERWATCH_HDR_MAGIC_SIZE \
(sizeof dbs_etherwatch_hdr_magic / sizeof dbs_etherwatch_hdr_magic[0])
/* Magic text for start of packet */
static const char dbs_etherwatch_rec_magic[] =
{'F', 'r', 'o', 'm', ' '};
#define DBS_ETHERWATCH_REC_MAGIC_SIZE \
(sizeof dbs_etherwatch_rec_magic / sizeof dbs_etherwatch_rec_magic[0])
static gboolean dbs_etherwatch_read(wtap *wth, int *err, long *data_offset);
static int dbs_etherwatch_seek_read(wtap *wth, long seek_off,
union wtap_pseudo_header *pseudo_header, guint8 *pd, int len);
static gboolean parse_single_hex_dump_line(char* rec, guint8 *buf, long byte_offset);
static int parse_dbs_etherwatch_hex_dump(FILE_T fh, int pkt_len, guint8* buf, int *err);
static int parse_dbs_etherwatch_rec_hdr(wtap *wth, FILE_T fh, int *err);
/* Seeks to the beginning of the next packet, and returns the
byte offset. Returns -1 on failure. */
/* XXX - Handle I/O errors. */
static long dbs_etherwatch_seek_next_packet(wtap *wth)
{
int byte;
unsigned int level = 0;
while ((byte = file_getc(wth->fh)) != EOF) {
if (byte == dbs_etherwatch_rec_magic[level]) {
level++;
if (level >= DBS_ETHERWATCH_REC_MAGIC_SIZE) {
/* note: we're leaving file pointer right after the magic characters */
return file_tell(wth->fh) + 1;
}
} else {
level = 0;
}
}
return -1;
}
#define DBS_ETHERWATCH_HEADER_LINES_TO_CHECK 200
#define DBS_ETHERWATCH_LINE_LENGTH 240
/* Look through the first part of a file to see if this is
* a DBS Ethertrace text trace file.
*
* Returns TRUE if it is, FALSE if it isn't.
*/
static gboolean dbs_etherwatch_check_file_type(wtap *wth)
{
char buf[DBS_ETHERWATCH_LINE_LENGTH];
int line, byte;
unsigned int reclen, i, level;
buf[DBS_ETHERWATCH_LINE_LENGTH-1] = 0;
for (line = 0; line < DBS_ETHERWATCH_HEADER_LINES_TO_CHECK; line++) {
if (file_gets(buf, DBS_ETHERWATCH_LINE_LENGTH, wth->fh)!=NULL){
reclen = strlen(buf);
if (reclen < DBS_ETHERWATCH_HDR_MAGIC_SIZE)
continue;
level = 0;
for (i = 0; i < reclen; i++) {
byte = buf[i];
if (byte == dbs_etherwatch_hdr_magic[level]) {
level++;
if (level >=
DBS_ETHERWATCH_HDR_MAGIC_SIZE) {
return TRUE;
}
}
else
level = 0;
}
}
else
return FALSE;
}
return FALSE;
}
/* XXX - return -1 on I/O error and actually do something with 'err'. */
int dbs_etherwatch_open(wtap *wth, int *err)
{
/* Look for DBS ETHERWATCH header */
if (!dbs_etherwatch_check_file_type(wth)) {
return 0;
}
wth->data_offset = 0;
wth->file_encap = WTAP_ENCAP_PER_PACKET;
wth->file_type = WTAP_FILE_DBS_ETHERWATCH;
wth->snapshot_length = 16384; /* just guessing */
wth->subtype_read = dbs_etherwatch_read;
wth->subtype_seek_read = dbs_etherwatch_seek_read;
return 1;
}
/* Find the next packet and parse it; called from wtap_loop(). */
static gboolean dbs_etherwatch_read(wtap *wth, int *err, long *data_offset)
{
long offset = 0;
guint8 *buf;
int pkt_len;
/* Find the next packet */
offset = dbs_etherwatch_seek_next_packet(wth);
if (offset < 1) {
*err = 0; /* XXX - assume, for now, that it's an EOF */
return FALSE;
}
/* Parse the header */
pkt_len = parse_dbs_etherwatch_rec_hdr(wth, wth->fh, err);
/* Make sure we have enough room for the packet */
buffer_assure_space(wth->frame_buffer, wth->snapshot_length);
buf = buffer_start_ptr(wth->frame_buffer);
/* Convert the ASCII hex dump to binary data */
parse_dbs_etherwatch_hex_dump(wth->fh, pkt_len, buf, err);
wth->data_offset = offset;
*data_offset = offset;
return TRUE;
}
/* Used to read packets in random-access fashion */
static int
dbs_etherwatch_seek_read (wtap *wth, long seek_off,
union wtap_pseudo_header *pseudo_header,
guint8 *pd, int len)
{
int pkt_len;
int err;
file_seek(wth->random_fh, seek_off - 1, SEEK_SET);
pkt_len = parse_dbs_etherwatch_rec_hdr(NULL, wth->random_fh, &err);
if (pkt_len != len) {
return -1;
}
parse_dbs_etherwatch_hex_dump(wth->random_fh, pkt_len, pd, &err);
return 0;
}
/* Parses a packet record header. */
static int
parse_dbs_etherwatch_rec_hdr(wtap *wth, FILE_T fh, int *err)
{
char line[DBS_ETHERWATCH_LINE_LENGTH];
int num_items_scanned;
int pkt_len, csec;
struct tm time;
char mon[4];
guchar *p;
static guchar months[] = "JANFEBMARAPRMAYJUNJULAUGSEPOCTNOVDEC";
pkt_len = 0;
/* Our file pointer should be on the first line containing the
* summary information for a packet. Read in that line and
* extract the useful information
*/
if (file_gets(line, DBS_ETHERWATCH_LINE_LENGTH, fh) == NULL) {
*err = file_error(fh);
if (*err == 0) {
*err = WTAP_ERR_SHORT_READ;
}
return -1;
}
/* But that line only contains the mac addresses, so we will ignore
that line for now. Read the next line */
if (file_gets(line, DBS_ETHERWATCH_LINE_LENGTH, fh) == NULL) {
*err = file_error(fh);
if (*err == 0) {
*err = WTAP_ERR_SHORT_READ;
}
return -1;
}
num_items_scanned = sscanf(line+33, "%d byte buffer at %d-%3s-%d %d:%d:%d.%d",
&pkt_len,
&time.tm_mday, mon,
&time.tm_year, &time.tm_hour, &time.tm_min,
&time.tm_sec, &csec);
if (num_items_scanned != 8) {
*err = WTAP_ERR_BAD_RECORD;
return -1;
}
if (wth) {
p = strstr(months, mon);
if (p)
time.tm_mon = (p - months) / 3;
time.tm_year -= 1900;
wth->phdr.ts.tv_sec = mktime(&time);
wth->phdr.ts.tv_usec = csec * 10000;
wth->phdr.caplen = pkt_len;
wth->phdr.len = pkt_len;
wth->phdr.pkt_encap = WTAP_ENCAP_RAW_IP;
}
return pkt_len;
}
/* Converts ASCII hex dump to binary data */
static int
parse_dbs_etherwatch_hex_dump(FILE_T fh, int pkt_len, guint8* buf, int *err)
{
guchar line[DBS_ETHERWATCH_LINE_LENGTH];
int i, hex_lines;
/* Calculate the number of hex dump lines, each
* containing 16 bytes of data */
hex_lines = pkt_len / 16 + ((pkt_len % 16) ? 1 : 0);
for (i = 0; i < hex_lines; i++) {
if (file_gets(line, DBS_ETHERWATCH_LINE_LENGTH, fh) == NULL) {
*err = file_error(fh);
if (*err == 0) {
*err = WTAP_ERR_SHORT_READ;
}
return -1;
}
if (!parse_single_hex_dump_line(line, buf, i * 16)) {
*err = WTAP_ERR_BAD_RECORD;
return -1;
}
}
return 0;
}
/*
1 2 3 4
0123456789012345678901234567890123456789012345
[E..(8.....�.....]- 0-[45 00 00 28 38 9B 00 00 1D 06 D2 1E 80 93 11 1A]
[...�.�...(��Z.4y]- 16-[80 93 80 D6 02 D2 02 03 00 28 A4 BF 5A 1C 34 79]
[P.#(�C...00000..]- 32-[50 10 23 28 C1 43 00 00 03 30 30 30 30 30 00 00]
[.0 ]- 48-[03 30]
*/
#define START_POS 28
#define HEX_LENGTH ((16 * 2) + 15) /* sixteen clumps of 2 bytes with 15 inner spaces */
/* Take a string representing one line from a hex dump and converts the
* text to binary data. We check the printed offset with the offset
* we are passed to validate the record. We place the bytes in the buffer
* at the specified offset.
*
* In the process, we're going to write all over the string.
*
* Returns TRUE if good hex dump, FALSE if bad.
*/
static gboolean
parse_single_hex_dump_line(char* rec, guint8 *buf, long byte_offset) {
int pos, i;
char *s;
long value;
/* Get the byte_offset directly from the record */
rec[26] = '\0';
s = rec + 21;
value = strtol(s, NULL, 10);
if (value != byte_offset) {
return FALSE;
}
/* Go through the substring representing the values and:
* 1. Replace any spaces with '0's
* 2. Place \0's every 3 bytes (to terminate the string)
*
* Then read the eight sets of hex bytes
*/
for (pos = START_POS; pos < START_POS + HEX_LENGTH; pos++) {
if (rec[pos] == ' ') {
rec[pos] = '0';
}
}
pos = START_POS;
for (i = 0; i < 16; i++) {
rec[pos+2] = '\0';
buf[byte_offset + i] = (guint8) strtoul(&rec[pos], NULL, 16);
pos += 3;
}
return TRUE;
}
/* toshiba.h * * $Id$ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@xxxxxxxxxx> * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * */ #ifndef __W_DBS_ETHERWATCH_H__ #define __W_DBS_ETHERWATCH_H__ int dbs_etherwatch_open(wtap *wth, int *err); #endif
- Follow-Ups:
- Re: [Ethereal-dev] DBS Ethertrace Wiretap module
- From: Guy Harris
- Re: [Ethereal-dev] DBS Ethertrace Wiretap module
- Prev by Date: [Ethereal-dev] C&C: TS/RA2 protocol
- Next by Date: Re: [Ethereal-dev] UCP Dissector bugfixes
- Previous by thread: [Ethereal-dev] C&C: TS/RA2 protocol
- Next by thread: Re: [Ethereal-dev] DBS Ethertrace Wiretap module
- Index(es):
- Get Wireshark
- Download
- Code of Conduct