ronnie sahlberg wrote:
Using my slightly modified version of Didiers patch :
I did another quick test now using Ethereal and only having the
Ethernet, IP and TCP protocls enabled and all other protocols
disabled.
All 500k + packets in the trace were TCP packets.
The trace was 500MByte in size.
I had full TCP analysis enabled (which i know is not optimally tweaked
for performance yet)
I also had the color filter "tcp.analysis.flags" enabled.
Original version of ethereal took 140 seconds on average to read the
capture file and apply the color filter.
With the patch applied the same operation took on average 79 seconds.
Pretty significant increase in filtering speed.
Unless someone objects or rises concerns or can show a regression with
this patch I intend to check it in in a day or two so that colleagues
can test the buildbot version on windows.
I have one :(
** ERROR **: file ../../../ethereal/epan/ftypes/ftypes.c: line 455
(fvalue_get_integer): assertion failed: (fv->ftype->get_value_integer)
aborting...
#5 0x40217d67 in fvalue_get_integer (fv=0x851dcc4) at
../../../ethereal/epan/ftypes/ftypes.c:455
#6 0x40592338 in get_item_value (item=0x851af78) at packet-ncp2222.inc:918
#7 0x40592b81 in _process_ptvc_record (ptvc=0x8561f20, rec=0x40ba4220,
req_cond_results=0x0,
really_decode=1, ncp_rec=0x40bad344) at packet-ncp2222.inc:1304
#8 0x40592db1 in process_ptvc_record (ptvc=0x8561f20, rec=0x40ba4220,
req_cond_results=0x0,
really_decode=1, ncp_rec=0x40bad344) at packet-ncp2222.inc:1372
#9 0x4059ddeb in dissect_ncp_request (tvb=0x87a77f8, pinfo=0x841e018,
nw_connection=88,
sequence=185 '�', type=8738, ncp_tree=0x851af78) at
packet-ncp2222.inc:4557
#10 0x40591523 in dissect_ncp_common (tvb=0x87a7728, pinfo=0x841e018,
tree=0x851b0f8, is_tcp=1)
at ../../../ethereal/epan/dissectors/packet-ncp.c:760
#11 0x4059199c in dissect_ncp_tcp_pdu (tvb=0x87a7728, pinfo=0x841e018,
tree=0x851b0f8)
at ../../../ethereal/epan/dissectors/packet-ncp.c:894
#12 0x40715b7d in tcp_dissect_pdus (tvb=0x87a77c4, pinfo=0x841e018,
tree=0x851b0f8, proto_desegment=1,
fixed_len=8, get_pdu_len=0x405918ff <get_ncp_pdu_len>,
dissect_pdu=0x40591975 <dissect_ncp_tcp_pdu>)
at ../../../ethereal/epan/dissectors/packet-tcp.c:2188
#13 0x405919ef in dissect_ncp_tcp (tvb=0x87a77c4, pinfo=0x841e018,
tree=0x851b0f8)
at ../../../ethereal/epan/dissectors/packet-ncp.c:900
#14 0x401e669d in call_dissector_through_handle (handle=0x82d77e8,
tvb=0x87a77c4, pinfo=0x841e018,
tree=0x851b0f8) at ../../ethereal/epan/packet.c:384
#15 0x401e6b00 in call_dissector_work (handle=0x82d77e8, tvb=0x87a77c4,
pinfo_arg=0x841e018,
tree=0x851b0f8) at ../../ethereal/epan/packet.c:559
#16 0x401e7010 in dissector_try_port (sub_dissectors=0x82bcd70,
port=524, tvb=0x87a77c4,
pinfo=0x841e018, tree=0x851b0f8) at ../../ethereal/epan/packet.c:834
#17 0x407165d5 in decode_tcp_ports (tvb=0x87a7790, offset=20,
pinfo=0x841e018, tree=0x851b0f8,
src_port=1038, dst_port=524) at
../../../ethereal/epan/dissectors/packet-tcp.c:2526
#18 0x40716842 in process_tcp_payload (tvb=0x87a7790, offset=20,
pinfo=0x841e018, tree=0x851b0f8,
....
Load with a color rule for tcp (tcp.len == 0) works.
the following filter:
tcp
dumps core.
Please test it.
Please send me any capture files where this patch makes ethereal crash.
It's not a capture from here, we don't use netware . I'm trying to
figure out where it's coming from and if I can mail it, not easy it's an
old one :(
Didier
