headers
Michael Lum | 1 Nov 2006 01:06

Re: How can a TAP refer to external data ?

That was the problem!

Thanks very much Anders.

--
Michael Lum                  Principal Software Engineer
4600 Jacombs Road            +1.604.276.0055
Richmond, B.C.
Canada V6V 3B1
UTStarcom Canada, Inc.
CDMA Division

-----Original Message-----
From: wireshark-dev-bounces <at> wireshark.org
[mailto:wireshark-dev-bounces <at> wireshark.org] On Behalf Of Anders Broman
Sent: October 31, 2006 2:18 PM
To: 'Developer support list for Wireshark'
Subject: Re: [Wireshark-dev] How can a TAP refer to external data ?

Have you added the corresponding lines to /epan/libwireshark.def ?
BR
Anders

-----Ursprungligt meddelande-----
Från: wireshark-dev-bounces <at> wireshark.org
[mailto:wireshark-dev-bounces <at> wireshark.org] För Michael Lum
Skickat: den 31 oktober 2006 20:12
Till: 'Developer support list for Wireshark'
Ämne: [Wireshark-dev] How can a TAP refer to external data ?
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jeff Morriss | 1 Nov 2006 03:43
Favicon

Re: Source code for ACN (Was: (no subject))


Bill Florac wrote:
> Sorry for the duplicate posting, I guess there was a problems with the
> attachments on the last issue if this. I hope this goes better.

Still no luck.

Try turning off Rich Text Format.  Or see one of these URLs:

http://support.microsoft.com/kb/138053
http://www.gpc.edu/~jbenson/resource/winmail.htm
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 2 comments |
headers
Jeff Morriss | 1 Nov 2006 04:17
Favicon

Re: R: R: 0.99.4pre2 taking a really long time in init dissectors?


Problem's still there in 0.99.4 (final).

I downgraded to 0.99.3 and the problem's not there (startup time is 4-5 
seconds instead of 30+).

If I get around to building a Unix version I'll troubleshoot further 
[wouldn't know where to begin on Windoze], but it's unlikely I'll have time.

Davide Schiera wrote:
> Sorry Jeff, you're right.
> I was trying the latest build found on
> http://www.wireshark.org/download/automated/win32/ (SVN-19748) and actually
> that version is quicker that 0.99.4pre2 (it takes 3 or 4 seconds to start
> up, while the prerelease takes at least -on my laptop- 15 seconds).
> 
> Ciao,
> 
> 
> Davide 
> 
> DS> -----Messaggio originale-----
> DS> Da: wireshark-dev-bounces <at> wireshark.org 
> DS> [mailto:wireshark-dev-bounces <at> wireshark.org] Per conto di 
> DS> Davide Schiera
> DS> Inviato: martedì 31 ottobre 2006 10.03
> DS> A: 'Developer support list for Wireshark'
> DS> Oggetto: [Wireshark-dev] R: 0.99.4pre2 taking a really long 
> DS> time ininitdissectors?
> DS>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Bill Florac | 1 Nov 2006 05:13
Favicon

Re: Source code for ACN (Was: (no subject))

Hmmm... Done all of that... First time was sent using the Outlook Web
client and was sent HTML so I can understand. But the second time, I
sent it with outlook as "Plain Text". It should have worked. I tested
this by sending a copy to some of my other non-work accounts and it came
is as plain text without the winmail.dat file.  What mail client are you
(all) using so I can test this without bothering everyone.

Bill

-----Original Message-----
From: wireshark-dev-bounces <at> wireshark.org
[mailto:wireshark-dev-bounces <at> wireshark.org] On Behalf Of Jeff Morriss
Sent: Tuesday, October 31, 2006 8:44 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Source code for ACN (Was: (no subject))

Bill Florac wrote:
> Sorry for the duplicate posting, I guess there was a problems with the

> attachments on the last issue if this. I hope this goes better.

Still no luck.

Try turning off Rich Text Format.  Or see one of these URLs:

http://support.microsoft.com/kb/138053
http://www.gpc.edu/~jbenson/resource/winmail.htm
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
(Continue reading)

Permalink | Reply | 1 comment |
headers
Jeff Morriss | 1 Nov 2006 05:26
Favicon

Re: Source code for ACN (Was: (no subject))


Bill Florac wrote:
> Hmmm... Done all of that... First time was sent using the Outlook Web
> client and was sent HTML so I can understand. But the second time, I
> sent it with outlook as "Plain Text". It should have worked. I tested
> this by sending a copy to some of my other non-work accounts and it came
> is as plain text without the winmail.dat file.  What mail client are you
> (all) using so I can test this without bothering everyone.

Any non-MS client should see the issue (unless it's a client that has 
added support for that format, of course ;-)).

Personally, I am using Thunderbird.  Looking at the headers of Joerg's 
email, it appears he uses Mutt.

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 0 comments |
headers
Bill Florac | 1 Nov 2006 06:08
Favicon

ACN Source code

Sorry for the now triplicate posting, I guess there was a problems with
the attachments on the last two times I tried to post this. Let's hope
the third time is a charm..

Ok, I think I have this right now.  This is a dissector for ACN.  It
will replace the ACN plug-in.

Changes:
- Created a Wiki page for the protocol
- Created a sample capture
- Removed all the // style comment
- Got rid of tvb_get_string+gfree..
- Added -U_ to unused parameters
- Added some type casing to remove warnings
- Removed unused variables
- Moved proto_register_acn() and proto_reg_handoff_acn() to bottom of
source Protocol is ONLY heuristic
- so I modified proto_reg_handoff_acn() correctly (I think) 
- Some other misc. clean up and tested under Linux
- Provided patch to AUTHORS (attached)

Bill Florac
Senior Technical Product Specialist
bill.florac@...
Electronic Theatre Controls, Inc.
3031 Pleasant View Rd .
Middleton, WI 53562
608-831-4116 (corp. phone)
(Continue reading)

Permalink | Reply | 11 comments |
headers
Andrew.Martin | 1 Nov 2006 09:49
Favicon

Re: OMG Still it doesn't compile!

Nope, no joy doing that either, still the same problem with the netsnmp.lib file.

Apart from the ftp on wireshark where else can I get a copy of net-snmp-5.3.1? 

-----Original Message-----
From: wireshark-dev-bounces <at> wireshark.org [mailto:wireshark-dev-bounces <at> wireshark.org] On
Behalf Of Anders Broman
Sent: 31 October 2006 22:15
To: 'Developer support list for Wireshark'
Subject: Re: [Wireshark-dev] OMG Still it doesn't compile!

Hi,
Thats realy weird. Have you tried to do:

Nmake -f makefile.nmake clean_setup
Nmake -f makefile.nmake setup

Then check:
C:\wireshark-win32-libs\net-snmp-5.3.1\win32\lib\release\
For netsnmp.lib

It's there on my system...

BR
Anders

-----Ursprungligt meddelande-----
Från: wireshark-dev-bounces <at> wireshark.org
[mailto:wireshark-dev-bounces <at> wireshark.org] För Andrew.Martin <at> generaldynamics.uk.com
Skickat: den 31 oktober 2006 14:48
(Continue reading)

Permalink | Reply | 2 comments |
headers
Anders Broman (AL/EAB | 1 Nov 2006 10:19
Picon
Favicon

Re: OMG Still it doesn't compile!

Hi,
Downloading net-snmp-5.3.1.zip from:
http://anonsvn.wireshark.org/wireshark-win32-libs/trunk/packages/ and unzipping it I have
the C:\wireshark-win32-libs\net-snmp-5.3.1\win32\lib\release\ netsnmp.lib ??????
Brg
Anders

________________________________

Från: wireshark-dev-bounces@... genom Andrew.Martin@...
Skickat: on 2006-11-01 09:49
Till: wireshark-dev@...
Ämne: Re: [Wireshark-dev] OMG Still it doesn't compile!

Nope, no joy doing that either, still the same problem with the netsnmp.lib file.

Apart from the ftp on wireshark where else can I get a copy of net-snmp-5.3.1?

-----Original Message-----
From: wireshark-dev-bounces@...
[mailto:wireshark-dev-bounces@...] On Behalf Of Anders Broman
Sent: 31 October 2006 22:15
To: 'Developer support list for Wireshark'
Subject: Re: [Wireshark-dev] OMG Still it doesn't compile!

Hi,
Thats realy weird. Have you tried to do:

Nmake -f makefile.nmake clean_setup
Nmake -f makefile.nmake setup
(Continue reading)

Permalink | Reply | 1 comment |
headers
phanivenkata.krishna | 1 Nov 2006 15:37

Plugin for Lawful Interception of SSL/TLS messages ...

Hi,

 

I’m doing a study project on Voip security using TLS. We can send H.323 messages in an encrypted TLS tunnel. To debug these messages we need a plug-in in Wireshark which actually decrypts the TLS and the tunneled messages. However, I guess it is not so easy to decrypt the data sent in the TLS tunnel.

 

I heard that there is Lawful Interception services with which can get/trace the keys exchanged during TLS handshake and use the keys for further decryption of data may be by feeding the key to TLS plug-in or so.

 

Does Wireshark have support for this kind of functionality?

Can any one help me in giving more details and information in this area?

 

Regards,

Krishna.

 


The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 0 comments |
headers
Thomas Steffen | 1 Nov 2006 16:21
Picon

Re: Configure bug in adns support

Hi Joerg

Thanks for the patch. I have just verified it with wireshark-0.99.4, and it does indeed solve my problem. I also tested it on my Linux system, and it does not have any negative side effects there. So I think this is the proper solution. Please apply the patch.

Yours,
Thomas

On 10/24/06, Joerg Mayer <jmayer-2TuS4uRBb1yzQB+pC5nmwQ@public.gmane.org> wrote:
On Tue, Oct 24, 2006 at 03:25:55PM +0200, Thomas Steffen wrote:
> I think I found a problem in the configure script.
...
> from blastwave.org (/opt/csw). I also an incompatible version of
> libiconv in /usr/local/lib, so I specify configure
> --without-usr-local.

Shouldn't that be --disable-usr-local?

> However, this does not have the desired effect, and -L /usr/local
> always makes it into LDFLAGS.
...
> Obviously I don't want /usr/local, if I specify --without-usr-local.

Please test the attached patch and report back.

Thanks for the detailed report!

Ciao
    Joerg
--
Joerg Mayer                                           <jmayer-2TuS4uRBb1yzQB+pC5nmwQ@public.gmane.org>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.


_______________________________________________
Wireshark-dev mailing list
Wireshark-dev-IZ8446WsY0/dtAWm4Da02A@public.gmane.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev 



_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 0 comments |

Gmane