Wireshark-dev: [Wireshark-dev] catapult_pcap
From: "SOLTANI FATEN" <Faten.Soltani@xxxxxxxxxxxxxxxxxx>
Date: Mon, 23 Mar 2009 16:33:35 +0100
Hi everybody
As you know, Wireshark is able to read a catapult format (DCT2000),
I want to know HOW? By conversion from DCT200 format to pcap format, or there is some modification which were made in Wireshark library to make it able to read this format?
I'm asking this question because I have a similer problem: I have to decode files issue from a local simulator. Bellow you find a sample of data that I have to decode with Wireshark.
Thanks for any help
Regards
Total Call Attempt = 0000000001
==> 3600 Calls/hour
BL04 Faults = 00000001 Calls = 00000001 --> 3600 Calls/hour
BL05 Faults = 00000001 Calls = 00000001 --> 3600 Calls/hour
PR
HEURE SENS LG IT MNEMO. INFO.
#08000000
0050F425 << 21 06 MIAI 01400685 01020000 0A010000 07090200 54329083
0A010006 33138307 00000333 00000000
#0A000001
0050F426 >> 21 06 MIAI 01400685 01020000 0A010000 07090200 54329083
0A010006 33138307 00000333 00000000
#0A000000
0050F426 << 0D 07 LIBI 01800585 0C020000 80020002 00000081
#08000002
0050F427 >> 0D 07 LIBI 01800585 0C020000 80020002 00000081
#08000000
0050F427 << 09 06 LITI 01400685 10020000 00000000
#0A000000
0050F427 >> 09 06 LITI 01400685 10020000 00000000
-----Message d'origine-----
De : wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] De la part de wireshark-dev-request@xxxxxxxxxxxxx
Envoyé : dimanche 22 mars 2009 23:49
À : wireshark-dev@xxxxxxxxxxxxx
Objet : Wireshark-dev Digest, Vol 34, Issue 54
Send Wireshark-dev mailing list submissions to
wireshark-dev@xxxxxxxxxxxxx
To subscribe or unsubscribe via the World Wide Web, visit
https://wireshark.org/mailman/listinfo/wireshark-dev
or, via email, send a message with subject or body 'help' to
wireshark-dev-request@xxxxxxxxxxxxx
You can reach the person managing the list at
wireshark-dev-owner@xxxxxxxxxxxxx
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Wireshark-dev digest..."
Today's Topics:
1. Re: g_snprintf() and sizeof (Jakub Zawadzki)
2. Re: Unable to Display Simple Protocol Tree (Dix, Steven E)
3. Re: one possible way to speed up filtering (didier)
4. Re: complie fail on WinXP 32bit (Bill Meier)
----------------------------------------------------------------------
Message: 1
Date: Sun, 22 Mar 2009 21:19:39 +0100
From: Jakub Zawadzki <darkjames@xxxxxxxxxxxxxxxx>
Subject: Re: [Wireshark-dev] g_snprintf() and sizeof
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Message-ID: <20090322201939.GA23701@xxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-2"
On Thu, Mar 19, 2009 at 08:06:55PM +0100, Jakub Zawadzki wrote:
> On Thu, Mar 19, 2009 at 11:12:03AM -0700, Guy Harris wrote:
> > Warning: g_snprintf()'s function signature has an annoying botch in it
> > - the size argument is a gulong, not a gsize.
> >
> > Not a problem in the UN*X and Windows ILP32 environment and in the
> > UN*X LP64 environment, but it causes the Microsoft compiler to
> > (correctly) warn about a conversion from a 64-bit integer to a 32-bit
> > integer in the Windows LLP64 environment.
> > Cast sizeof - or any other size_t value - to (gulong) before passing it
> > as the length argument to g_snprintf().
>
> What do you think about creating ws_snprintf() & ws_vsnprintf() macros,
> which would care about casting size to (gulong) ?
In attachment possible fixup, (I've also changed some g_snprintf() to g_strlcat())
Could you review?
Cheers
-------------- next part --------------
Index: wsutil/str_util.h
===================================================================
--- wsutil/str_util.h (wersja 27821)
+++ wsutil/str_util.h (kopia robocza)
@@ -25,6 +25,8 @@
#ifndef __STR_UTIL_H__
#define __STR_UTIL_H__
+#define ws_sncatprintf(str, size, ...) g_snprintf(str+strlen(str), (gulong) size-strlen(str), __VA_ARGS__)
+
/** Convert all upper-case ASCII letters to their ASCII lower-case
* equivalents, in place, with a simple non-locale-dependent
* ASCII mapping (A-Z -> a-z).
Index: epan/dissectors/packet-rtps.c
===================================================================
--- epan/dissectors/packet-rtps.c (wersja 27821)
+++ epan/dissectors/packet-rtps.c (kopia robocza)
@@ -60,6 +60,7 @@
#include <glib.h>
#include <epan/packet.h>
#include <epan/addr_resolv.h>
+#include <wsutil/str_util.h>
#include "packet-rtps.h"
@@ -2624,8 +2625,7 @@
dim_str[0] = '\0';
for (i = 0; i < MAX_ARRAY_DIMENSION; ++i) {
if (arr_dimension[i] != 0) {
- g_snprintf(dim_str+strlen(dim_str),
- 40-strlen(dim_str),
+ ws_sncatprintf(dim_str, sizeof(dim_str),
"[%d]", arr_dimension[i]);
} else {
break;
@@ -4239,8 +4239,7 @@
buffer[0] = '\0';
while (param_length >= 4) {
manager_key = NEXT_guint32(tvb, offset, little_endian);
- g_snprintf(buffer+strlen(buffer),
- MAX_PARAM_SIZE-strlen(buffer),
+ ws_sncatprintf(buffer, MAX_PARAM_SIZE,
"%c 0x%08x",
sep,
manager_key);
@@ -5915,8 +5914,7 @@
}
/*
if (smcr_ptr->counter > 1) {
- g_snprintf(info_buf+strlen(info_buf),
- MAX_SUMMARY_SIZE-strlen(info_buf),
+ ws_sncatprintf(info_buf, MAX_SUMMARY_SIZE,
"%s(%d)",
val_to_str(smcr_ptr->id,
submessage_id_vals,
@@ -5924,17 +5922,14 @@
smcr_ptr->counter);
} else {
*/
- g_snprintf(info_buf+strlen(info_buf),
- MAX_SUMMARY_SIZE-strlen(info_buf),
+ ws_sncatprintf(info_buf, MAX_SUMMARY_SIZE,
"%s%s",
val_to_str(smcr_ptr->id,
submessage_id_vals,
"Unknown[%02x]"),
smcr_ptr->extra ? smcr_ptr->extra : "");
if (strlen(info_buf) > (MAX_SUMMARY_SIZE - 20)) {
- g_snprintf(info_buf+strlen(info_buf),
- MAX_SUMMARY_SIZE-strlen(info_buf),
- "...");
+ g_strlcat(info_buf, "...", MAX_SUMMARY_SIZE);
break;
}
/*
Index: epan/dissectors/packet-enttec.c
===================================================================
--- epan/dissectors/packet-enttec.c (wersja 27821)
+++ epan/dissectors/packet-enttec.c (kopia robocza)
@@ -39,6 +39,7 @@
#include <epan/addr_resolv.h>
#include <epan/prefs.h>
#include <epan/strutil.h>
+#include <wsutil/str_util.h>
/*
* See
@@ -204,7 +205,6 @@
guint16 length,r,c,row_count;
guint8 v,type,count;
guint16 ci,ui,i,start_offset,end_offset;
- char* ptr;
proto_tree_add_item(tree, hf_enttec_dmx_data_universe, tvb,
offset, 1, FALSE);
@@ -279,29 +279,23 @@
si = proto_item_add_subtree(hi, ett_enttec);
row_count = (ui/global_disp_col_count) + ((ui%global_disp_col_count) == 0 ? 0 : 1);
- ptr = string;
- /* XX: In theory the g_snprintf statements below could store '\0' bytes off the end of the */
- /* 'string' buffer'. This is so since g_snprint returns the number of characters which */
- /* "would have been written" (whether or not there was room) and since ptr is always */
- /* incremented by this amount. In practice the string buffer is large enough such that the */
- /* string buffer size is not exceeded even with the maximum number of columns which might */
- /* be displayed. */
- /* ToDo: consider recoding slightly ... */
for (r=0; r < row_count;r++) {
+ string[0] = '\0';
+
for (c=0;(c < global_disp_col_count) && (((r*global_disp_col_count)+c) < ui);c++) {
if ((c % (global_disp_col_count/2)) == 0) {
- ptr += g_snprintf(ptr, sizeof string - strlen(string), " ");
+ g_strlcat(string, " ", sizeof(string));
}
v = dmx_data[(r*global_disp_col_count)+c];
if (global_disp_chan_val_type == 0) {
v = (v * 100) / 255;
if (v == 100) {
- ptr += g_snprintf(ptr, sizeof string - strlen(string), "FL ");
+ g_strlcat(string, "FL ", sizeof(string));
} else {
- ptr += g_snprintf(ptr, sizeof string - strlen(string), chan_format[global_disp_chan_val_type], v);
+ ws_sncatprintf(string, sizeof(string), chan_format[global_disp_chan_val_type], v);
}
} else {
- ptr += g_snprintf(ptr, sizeof string - strlen(string), chan_format[global_disp_chan_val_type], v);
+ ws_sncatprintf(string, sizeof(string), chan_format[global_disp_chan_val_type], v);
}
}
@@ -312,7 +306,6 @@
offset+start_offset,
end_offset-start_offset,
string_format[global_disp_chan_nr_type], (r*global_disp_col_count)+1, string);
- ptr = string;
}
item = proto_tree_add_item(si, hf_enttec_dmx_data_data_filter, tvb,
Index: epan/dissectors/packet-rtps2.c
===================================================================
--- epan/dissectors/packet-rtps2.c (wersja 27821)
+++ epan/dissectors/packet-rtps2.c (kopia robocza)
@@ -56,6 +56,7 @@
#include <epan/packet.h>
#include <epan/addr_resolv.h>
#include <epan/prefs.h>
+#include <wsutil/str_util.h>
#include "packet-rtps2.h"
@@ -2898,8 +2899,7 @@
dim_str[0] = '\0';
for (i = 0; i < MAX_ARRAY_DIMENSION; ++i) {
if (arr_dimension[i] != 0) {
- g_snprintf(dim_str+strlen(dim_str),
- 40-strlen(dim_str),
+ ws_sncatprintf(dim_str, sizeof(dim_str),
"[%d]", arr_dimension[i]);
} else {
break;
@@ -3698,10 +3698,10 @@
ett_rtps_entity,
"guidSuffix",
NULL);
- memset(buffer, 0, MAX_PARAM_SIZE);
+ buffer[0] = '\0';
for (i = 0; i < 16; ++i) {
guidPart = tvb_get_guint8(tvb, offset+i);
- g_snprintf(buffer+strlen(buffer), MAX_PARAM_SIZE-strlen(buffer),
+ ws_sncatprintf(buffer, MAX_PARAM_SIZE,
"%02x", guidPart);
if (i == 3 || i == 7 || i == 11) g_strlcat(buffer, ":", MAX_PARAM_SIZE);
}
@@ -3730,7 +3730,7 @@
g_strlcat(buffer, "guid: ", MAX_PARAM_SIZE);
for (i = 0; i < param_length; ++i) {
guidPart = tvb_get_guint8(tvb, offset+i);
- g_snprintf(buffer+strlen(buffer), MAX_PARAM_SIZE-strlen(buffer),
+ ws_sncatprintf(buffer, MAX_PARAM_SIZE,
"%02x", guidPart);
if (( ((i+1) % 4) == 0 ) && (i != param_length-1) )
g_strlcat(buffer, ":", MAX_PARAM_SIZE);
@@ -5115,8 +5115,7 @@
buffer[0] = '\0';
while (param_length >= 4) {
manager_key = NEXT_guint32(tvb, offset, little_endian);
- g_snprintf(buffer+strlen(buffer),
- MAX_PARAM_SIZE-strlen(buffer),
+ ws_sncatprintf(buffer, MAX_PARAM_SIZE,
"%c 0x%08x",
sep,
manager_key);
Index: epan/dissectors/packet-pim.c
===================================================================
--- epan/dissectors/packet-pim.c (wersja 27821)
+++ epan/dissectors/packet-pim.c (kopia robocza)
@@ -36,6 +36,8 @@
#include <epan/afn.h>
#include "packet-ipv6.h"
#include <epan/in_cksum.h>
+#include <wsutil/str_util.h>
+
#include "packet-pim.h"
#define PIM_TYPE(x) ((x) & 0x0f)
@@ -77,7 +79,7 @@
flags_masklen & 0x0040 ? "R" : "");
} else
buf[0] = '\0';
- g_snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "%s/%u",
+ ws_sncatprintf(buf, sizeof(buf), "%s/%u",
ip_to_str(tvb_get_ptr(tvb, offset + 2, 4)), flags_masklen & 0x3f);
return buf;
@@ -566,7 +568,7 @@
break;
}
if (flags) {
- g_snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf),
+ ws_sncatprintf(buf, sizeof(buf),
" (%s%s%s)",
flags & 0x04 ? "S" : "",
flags & 0x02 ? "W" : "",
Index: epan/dissectors/packet-iec104.c
===================================================================
--- epan/dissectors/packet-iec104.c (wersja 27821)
+++ epan/dissectors/packet-iec104.c (kopia robocza)
@@ -37,6 +37,7 @@
#include <epan/packet.h>
#include <epan/dissectors/packet-tcp.h>
#include <epan/emem.h>
+#include <wsutil/str_util.h>
/* IEC-104 comment: Fields are little endian. */
@@ -474,11 +475,11 @@
Bytex = val_to_strlen(asduh->TNCause & F_CAUSE, causetx_types);
for (Ind=Bytex; Ind< 7; Ind++) g_strlcat(res, " ", MAXS);
}
- g_snprintf(res+strlen(res), MAXS-strlen(res), " IOA=%d", asduh->IOA);
+ ws_sncatprintf(res, MAXS, " IOA=%d", asduh->IOA);
if (asduh->NumIx > 1) {
- if (asduh->SQ == F_SQ) g_snprintf(res+strlen(res), MAXS-strlen(res), "-%d", asduh->IOA+ asduh->NumIx- 1);
+ if (asduh->SQ == F_SQ) ws_sncatprintf(res, MAXS, "-%d", asduh->IOA+ asduh->NumIx- 1);
else g_strlcat(res, ",...", MAXS);
- g_snprintf(res+strlen(res), MAXS-strlen(res), " (%u)", asduh->NumIx);
+ ws_sncatprintf(res, MAXS, " (%u)", asduh->NumIx);
}
}
else {
@@ -587,24 +588,25 @@
if (Brossa != TcpLen) {
if (apcih->ApduLen <= APDU_MAX_LEN) {
/* APCI in 'Paquet List' */
- g_snprintf(res+strlen(res), MAXS-strlen(res), "%s%s(", pinfo->srcport == iec104port ? "->" : "<-", val_to_str(apcih->Type, apci_types, "<ERR>"));
+ ws_sncatprintf(res, MAXS, "%s%s(", pinfo->srcport == iec104port ? "->" : "<-", val_to_str(apcih->Type, apci_types, "<ERR>"));
switch(apcih->Type) { /* APCI in 'Packet List' */
case I_TYPE:
- g_snprintf(res+strlen(res), MAXS-strlen(res), "%d,", apcih->Tx);
+ ws_sncatprintf(res, MAXS, "%d,", apcih->Tx);
case S_TYPE:
- g_snprintf(res+strlen(res), MAXS-strlen(res), "%d)", apcih->Rx);
+ ws_sncatprintf(res, MAXS, "%d)", apcih->Rx);
/* Align first packets */
if (apcih->Tx < 10) g_strlcat(res, " ", MAXS);
if (apcih->Rx < 10) g_strlcat(res, " ", MAXS);
break;
case U_TYPE:
- g_snprintf(res+strlen(res), MAXS-strlen(res), "%s)", val_to_str(apcih->UType >> 2, u_types, "<ERR>"));
+ ws_sncatprintf(res, MAXS, "%s)", val_to_str(apcih->UType >> 2, u_types, "<ERR>"));
break;
}
- if (apcih->Type != I_TYPE && apcih->ApduLen > APDU_MIN_LEN) g_snprintf(res+strlen(res), MAXS-strlen(res), "<ERR %u bytes> ", apcih->ApduLen- APDU_MIN_LEN);
+ if (apcih->Type != I_TYPE && apcih->ApduLen > APDU_MIN_LEN)
+ ws_sncatprintf(res, MAXS, "<ERR %u bytes> ", apcih->ApduLen- APDU_MIN_LEN);
}
else {
- g_snprintf(res+strlen(res), MAXS-strlen(res), "<ERR ApduLen=%u bytes> ", apcih->ApduLen);
+ ws_sncatprintf(res, MAXS, "<ERR ApduLen=%u bytes> ", apcih->ApduLen);
}
}
g_strlcat(res, " ", MAXS); /* We add an space to separate possible APCIs/ASDUs in the same packet */
Index: epan/dissectors/packet-artnet.c
===================================================================
--- epan/dissectors/packet-artnet.c (wersja 27821)
+++ epan/dissectors/packet-artnet.c (kopia robocza)
@@ -39,6 +39,7 @@
#include <epan/addr_resolv.h>
#include <epan/prefs.h>
#include <epan/strutil.h>
+#include <wsutil/str_util.h>
/*
* See
@@ -757,7 +758,6 @@
guint16 length,r,c,row_count;
guint8 v;
static char string[255];
- char* ptr;
const char* chan_format[] = {
"%2u ",
"%02x ",
@@ -795,37 +795,31 @@
si = proto_item_add_subtree(hi, ett_artnet);
row_count = (length/global_disp_col_count) + ((length%global_disp_col_count) == 0 ? 0 : 1);
- ptr = string;
- /* XX: In theory the g_snprintf statements below could store '\0' bytes off the end of the */
- /* 'string' buffer'. This is so since g_snprint returns the number of characters which */
- /* "would have been written" (whether or not there was room) and since ptr is always */
- /* incremented by this amount. In practice the string buffer is large enough such that the */
- /* string buffer size is not exceeded even with the maximum number of columns which might */
- /* be displayed. */
- /* ToDo: consider recoding slightly ... */
+
for (r=0; r < row_count;r++) {
+ string[0] = '\0';
+
for (c=0;(c < global_disp_col_count) && (((r*global_disp_col_count)+c) < length);c++) {
if ((c % (global_disp_col_count/2)) == 0) {
- ptr += g_snprintf(ptr, (gulong)(sizeof string - strlen(string)), " ");
+ g_strlcat(string, " ", sizeof(string));
}
v = tvb_get_guint8(tvb, (offset+(r*global_disp_col_count)+c));
if (global_disp_chan_val_type == 0) {
v = (v * 100) / 255;
if (v == 100) {
- ptr += g_snprintf(ptr, (gulong)(sizeof string - strlen(string)), "FL ");
+ g_strlcat(string, "FL ", sizeof(string));
} else {
- ptr += g_snprintf(ptr, (gulong)(sizeof string - strlen(string)), chan_format[global_disp_chan_val_type], v);
+ ws_sncatprintf(string, sizeof(string), chan_format[global_disp_chan_val_type], v);
}
} else {
- ptr += g_snprintf(ptr, (gulong)(sizeof string - strlen(string)), chan_format[global_disp_chan_val_type], v);
+ ws_sncatprintf(string, sizeof(string), chan_format[global_disp_chan_val_type], v);
}
}
proto_tree_add_none_format(si,hf_artnet_output_dmx_data, tvb,
offset+(r*global_disp_col_count), c,
string_format[global_disp_chan_nr_type], (r*global_disp_col_count)+1, string);
- ptr = string;
}
/* Add the real type hidden */
------------------------------
Message: 2
Date: Sun, 22 Mar 2009 16:09:41 -0500
From: "Dix, Steven E" <Steven.E.Dix@xxxxxxxxxx>
Subject: Re: [Wireshark-dev] Unable to Display Simple Protocol Tree
To: "Developer support list for Wireshark"
<wireshark-dev@xxxxxxxxxxxxx>
Message-ID:
<F6BB3B342C96DA45AD84E963B72E751803A55C49@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"
1) I think it is. Within my proto_register_x2d routine, I call as follows to register:
if (-1 == proto_x2d)
{
proto_x2d = proto_register_protocol ("X2D Protocol", "X2D", "x2d");
}
Variable proto_x2d is a static int, initialized to -1. After the proto_register_protocol call its value is 78246 with the AMIN macro #defined and with it #undef-ed.
2) Desperation. I tried it both ways (static & non-). The change to static was in case there was some pointer set to the x2d_item somewhere within the macro-hidden part of the Wireshark code. I didn't want the variable to go out of scope if that were true. It appeared to make no difference.
3) Good suggestion. The two legs are close to identical right now. I'll try this and post afterwards.
Thanks for the quick response on this.
Steve
-----Original Message-----
From: wsgd [mailto:wsgd@xxxxxxx]
Sent: Sunday, March 22, 2009 9:32 AM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Unable to Display Simple Protocol Tree
1) is proto_x2d well initialized ?
2) why use static for your variables ?
3) take the AMIN example and modify it step by step, you will find the problem
4) I have no idea
Olivier
Dix, Steven E a ?crit :
> I've been trying to get dissector plugin that I'm coding to display
> subtree information that it has parsed. I can get it to look through
> the tvb buffer and extract the data, but I can't get it to display even
> the top level protocol name beneath the UDP line. As a debugging aid, I
> dropped in code lifted and slightly modified from the AMIN protocol
> CodeProject web article (link:
> http://www.codeproject.com/KB/IP/custom_dissector.aspx).
>
> I macroed the code so that if macro AMIN is defined, the AMIN code runs.
> Otherwise, my dissector runs. The AMIN code does display the protocol
> name. With what looks like an identical proto_tree_add_item call, my
> dissector won't display the protocol name.
>
> I don't understand why the code doesn't work. I've stepped through it
> in the debugger, and verified that the structure pointed to by the tree
> has a new last_child as a result of the proto_tree_add_item call, and
> its finfo element has reasonable looking contents that match what I
> expected for this protocol. The tree's last_child appears to be changed
> identically for the AMIN dissector (which works) and for my dissector
> (which doesn't) when I flip the #define AMIN macro to #undef AMIN and
> rebuild the plugin.
>
> I've included a code snippet from the dissector below.
>
> #ifndef AMIN
> static void
> dissect_x2d(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
> {
> static guint32 packetCounter = 0;
> static proto_item* x2d_item = NULL;
> proto_item* x2d_sub_item = NULL;
> static proto_tree* x2d_tree = NULL;
> static proto_tree* x2d_header_tree = NULL;
> ParserNode* topClonePtr = 0;
>
> ParseInfo* regPtr; /* To retain the result of the parse
> operation */
>
> guint32 ofst = 0; /* Tracks through tvb */
> /* Debug only */
> #ifdef DBG
> if (bailoutPacket <= ++packetCounter)
> {
> return;
> }
> #endif
> /* Debug only */
>
> if (check_col(pinfo->cinfo, COL_PROTOCOL))
> {
> col_set_str(pinfo->cinfo, COL_PROTOCOL, "x2d");
> }
> /* Clear out stuff in the info column */
> if (check_col(pinfo->cinfo,COL_INFO))
> {
> col_clear(pinfo->cinfo,COL_INFO);
> }
>
> if (tree)
> {
> x2d_item = proto_tree_add_item(tree, proto_x2d, tvb, 0,
> -1, FALSE);
> return;
> }
>
> I'd appreciate any help possible on this.
>
>
>
> Steve Dix
> 407-399-5578, Fax 407-249-3599
> steven.e.dix@xxxxxxxxxx
>
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
>
--
Wireshark Generic Dissector http://wsgd.free.fr
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
------------------------------
Message: 3
Date: Sun, 22 Mar 2009 22:24:55 +0100
From: didier <dgautheron@xxxxxxxx>
Subject: Re: [Wireshark-dev] one possible way to speed up filtering
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Message-ID: <1237757095.6088.11072.camel@server>
Content-Type: text/plain; charset="ISO-8859-15"
Hi,
Le dimanche 22 mars 2009 ? 02:13 +0800, yami a ?crit :
> Hi Didier,
>
> Thank you for trying the patch :) and all the good comments given.
>
> I've attached a new patch to the wiki. Please see my detailed reply
> below.
>
> - If compiled without NDEBUG defined I get a failed assert:
> epan/dfilter/wslimmat.c :1680 : fix_variables: "v->assignment
> == v"
> It seems like a 'bug' of gcc optimization. We can simply remove this
> assertion, see explanations below.
Possible but unlikely.
I'm not 100% sure, but for me fix_pointer() needs -fno-strict-aliasing.
> Really? I've thought BSD license is looser than GPL (can you give me
> more details?).
http://www.gnu.org/licenses/license-list.html#GPLIncompatibleLicenses
search for Original BSD license
>
> On the other hand, I find Wireshark code has already contains similar
> licenses (am I right?), for example,
> Menu -> Help -> About Wireshark -> License -> Part III has metioned
> some.
Yes but only two and three clauses BSD, not the original.
> However using a SAT solver (even if it is a simple one) is the most
> generalized way, which requires no special handling. And it is also a
> good example of how math is applied in real life :)
I'll try to merge it with
http://wiki.wireshark.org/Development/Optimization , this version is
already able to find 2000 DNS packets inside 7 millions packets in 1
second.
>
> Cons are
> 1. SAT solvers are complicated. (But we may use a simple algorithm)
> 2. Public available SAT solvers are mainly wrote by researchers, which may not have time to maintain the software.
>
Didier
------------------------------
Message: 4
Date: Sun, 22 Mar 2009 18:48:30 -0400
From: Bill Meier <wmeier@xxxxxxxxxxx>
Subject: Re: [Wireshark-dev] complie fail on WinXP 32bit
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Message-ID: <49C6C03E.8020302@xxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Andreas Heise wrote:
> Hi Bill,
>
> thanks for your reply, if I called directly from cygwin bash it's OK...
>
> $ bash -o igncr
> $ grep '^register_tap_listener_[a-z_0-9A-Z]* *(' \tap-rtp.c 2>/dev/null | \
> > grep -v ';' | \
> > sed -e 's/(.*//'
> register_tap_listener_rtp_streams
> $
>
> any other idea? Seems to be a problem of variables $... ?!
>
I'm not sure what you mean by "a problem of variables $... ".
Is there something that leads you to that ?
In any case, continuing the debugging, maybe some information as to the
issue can be gotten by trying (from the dos command line):
bash -o igncr make-tapreg-dotc xyz.c . tap-rtp.c
and then checking the contents of xyz.c
This runs the complete script which creates the tshark-tap-register.c
file (but just for 1 input file and with a different output file).
------------------------------
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-dev
End of Wireshark-dev Digest, Vol 34, Issue 54
*********************************************
- Follow-Ups:
- Re: [Wireshark-dev] catapult_pcap
- From: Guy Harris
- Re: [Wireshark-dev] catapult_pcap
- Prev by Date: [Wireshark-dev] Applying bug 3103
- Next by Date: Re: [Wireshark-dev] catapult_pcap
- Previous by thread: [Wireshark-dev] Applying bug 3103
- Next by thread: Re: [Wireshark-dev] catapult_pcap
- Index(es):
- Get Wireshark
- Download
- Code of Conduct