headers
Varuna De Silva | 1 Oct 2007 06:47
Picon

Re: Alternative to USBPcap and Possibility of

Hello,

> > This is what we hope to do, we will use the filter driver, of
> > snifferusb2.0, and hope to get the raw usb packets, then I will write the porting
> > file ( the
> > famous pcap-xxx.c file), similar to one which we are doing
> > to integrate our hw, and integrate it with pcap-win32.
> >
> >Since this sniffer is also opensource, hope its ok.

> I don't see any license on the code from

>        http://benoit.papillault.free.fr/usbsnoop/

For some reason, I cant reach here now.

> so presumably there's no issue of license incompatibility with the BSD
> license for libpcap/WinPcap.

> However, he doesn't have a 2.0 version; where did you find the 2.0
> version?

This is where it is
 http://www.pcausa.com/Utilities/UsbSnoop/default.htm

In fact its almost the same I guess, except for few neat-ups for code.

> > The next question is that, we are able to have the piece of
> > HW that we developed and which will be in a working condition by the
> > mid of
> > next month, as an Opensource HW platform compatible with
> > (If not only with) Wireshark. It can intercept a physical TDM line,
> > to display the messages going on it. Is anything like this
> >possible with wireshark.

> "Possible with Wireshark" in what sense?  If that's the hardware for
> which you're developing the SS7 support in WinPcap, it should be
> possible to make it work - that's what you're doing.

Sorry I shouldve elaborated. What I mean is to have it as a permanent
extension, to wireshark, in the sense, anybody who want to have this
card and the interface can have it free. We can have all the circuitry and
design on the wireshark website.

We are ready to give all the rights to the community, in whatever licensing
required, and we dont expect any money or any other service charge or etc.
We are ready to support, as and when anybody requires help and so on.

Why we want it to be supported by wireshark is for several reasons.
1. We are a set of students from a poor uni from a poor country and dont
have necessary funds to have our own site and have full time dedicated to it.

2. The circuitry is designed with industry standard ICs which is readily available
and the entire card can be developed by one at around maximum $100. Quite
cheap, we did nt even spend that much per card, because we got samples from
Dallas Maxim

3. Theres much to be developed especially from the software level.

Anyway I am not aware of any legal issues which applies to you, but just
got the feeling somebody can make use of our work, and better not let it
keep dusting after our project. If this is not possible just push this to trash.

Thanks alot

Varuna Xavier

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 503 comments |
headers
Илья Куделин | 1 Oct 2007 11:09
Picon

Re: lua functions

thanx for answer.
it's sound decoder
 

Sorry but I been very busy lately.

Most lua functions are just wrappers for functions of wireshark's
"API". Don't use the Lua wrappers, use the very same C functions they
use instead, you can use the code in them instead!

you can take the code in wslua_retap_packets() and
wslua_register_menu() and instead of fetching the parameters from the
lua_State you should get them yourself.

BTW
I do not see any good use in a dissector for retap_packets(), which
kind of plugin are you working on?

Luis

On 9/27/07, Илья Куделин <iliya.kudelin <at> gmail.com> wrote:
>
> > Hi
> > can anybody tell me how i can use lua functions ( f.e.retap_packets() )
> from
> > plugin which written in C ?
> > -------------- next part --------------
> >
>
> Nobody know how it use?
> f.e. wslua_retap_packets(lua_State *L) or wslua_register_menu(lua_State *L)
> what is lua_State? how make it work?
> pls help me.
>
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 0 comments |
headers
Илья Куделин | 1 Oct 2007 11:30
Picon

Re: lua functions


Sorry but I been very busy lately.

Most lua functions are just wrappers for functions of wireshark's
"API". Don't use the Lua wrappers, use the very same C functions they
use instead, you can use the code in them instead!

you can take the code in wslua_retap_packets() and
wslua_register_menu() and instead of fetching the parameters from the
lua_State you should get them yourself.

BTW
I do not see any good use in a dissector for retap_packets(), which
kind of plugin are you working on?

Luis

where  i  can see how  to initialized  the lua_State structure? 

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 1 comment |
headers
Luis EG Ontanon | 1 Oct 2007 11:59
Picon

Re: lua functions

You should use the functions the lua interface uses not the lua
wrappers themselves.

In the case of retap_packets you can call it as:

cf_retap_packets(&cfile, FALSE);

But you should do that from a gui action  *_stat.c in the gtk/ dir as
it would only work in wireshark (it won't work for tshark).

On 10/1/07, Илья Куделин <iliya.kudelin <at> gmail.com> wrote:
>
> >
> > Sorry but I been very busy lately.
> >
> > Most lua functions are just wrappers for functions of wireshark's
> > "API". Don't use the Lua wrappers, use the very same C functions they
> > use instead, you can use the code in them instead!
> >
> > you can take the code in wslua_retap_packets() and
> > wslua_register_menu() and instead of fetching the parameters from the
> > lua_State you should get them yourself.
> >
> > BTW
> > I do not see any good use in a dissector for retap_packets(), which
> > kind of plugin are you working on?
> >
> > Luis
>
> where  i  can see how  to initialized  the lua_State structure?
>
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev <at> wireshark.org
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
>

--

-- 
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 0 comments |
headers
Илья Куделин | 1 Oct 2007 12:44
Picon

Re: lua functions

In the case of retap_packets you can call it as:

cf_retap_packets(&cfile, FALSE);


But you should do that from a gui action *_stat.c in the gtk/ dir as
it would only work in wireshark (it won't work for tshark).

in which lib i can fund  this function.  because, the compiler says "unresolved external link _cf_retap_packets" 

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 501 comments |
headers
Илья Куделин | 1 Oct 2007 12:46
Picon

Re: lua functions


In the case of retap_packets you can call it as:

cf_retap_packets(&cfile, FALSE);



But you should do that from a gui action *_stat.c in the gtk/ dir as
it would only work in wireshark (it won't work for tshark).

in which lib i can fund  this function.  because, the compiler says "unresolved external link _cf_retap_packets"
can i use this function from plugin?

sorry for spam :(

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 501 comments |
headers
Peter Johansson | 1 Oct 2007 13:07
Picon

Repeated crashes after update to GTK 2.12.0

After having updated the GTK version to 2.12.0 (using nmake -f makefile.nmake setup) I run into crashes when running Wireshark. I have rebuilt all the sources and the problem remains.
 
Unfortunately Wireshark does not crash every time, just sometimes. I have two scenarios:
1. Crashes occurr once Wireshark has been started and I press the "show capture options" button (but not every time).
2. Crashes occurr when capturing data and "Network name resolution" is enabled (but not every time, and not for all frames).
 
The two scenarios seem unrelated and at least scenario 2 *should* not be a result from the update to GTK 2.12.0.
I have no other information regarding scenario 1.
For scenario 2 however, it seems that host_name_lookup_process is passing *ans->rrs.str to add_ipv4_name when the correct information is actually stored in ans->rrs.bytes (note that this one should not be preceeded by "*").
 
When changing the call to add_ipv4_name to use ans->rrs.bytes as input instead of *ans->rrs.str, name resloution seems to work. But I cannot understand why it has worked before as I cannot find a change in the SVN repository that has changed this anytime recently (at least not since the renaming from Ethereal).
Should add_ipv4_name be called with ans->rrs.bytes instead of *ans->rrs.str? The (missing) documentation for adns is a bit unclear on on when to use what from the ans->rrs union :-(
 
Has the adns version been bumped recently?
 
Has anyone else seen anything like this?
 
/ Peter
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 9 comments |
headers
Graham Bloice | 1 Oct 2007 13:39
Favicon
Gravatar

Re: Repeated crashes after update to GTK 2.12.0

Peter Johansson wrote:
> After having updated the GTK version to 2.12.0 (using nmake -f
> makefile.nmake setup) I run into crashes when running Wireshark. I
> have rebuilt all the sources and the problem remains.
>  
> Unfortunately Wireshark does not crash every time, just sometimes. I
> have two scenarios:
> 1. Crashes occurr once Wireshark has been started and I press the
> "show capture options" button (but not every time).
> 2. Crashes occurr when capturing data and "Network name resolution" is
> enabled (but not every time, and not for all frames).
>  
> The two scenarios seem unrelated and at least scenario 2 *should* not
> be a result from the update to GTK 2.12.0.
> I have no other information regarding scenario 1.
> For scenario 2 however, it seems that host_name_lookup_process is
> passing *ans->rrs.str to add_ipv4_name when the correct information is
> actually stored in ans->rrs.bytes (note that this one should not be
> preceeded by "*").
>  
> When changing the call to add_ipv4_name to use ans->rrs.bytes as input
> instead of *ans->rrs.str, name resloution seems to work. But I cannot
> understand why it has worked before as I cannot find a change in the
> SVN repository that has changed this anytime recently (at least not
> since the renaming from Ethereal).
> Should add_ipv4_name be called with ans->rrs.bytes instead of
> *ans->rrs.str? The (missing) documentation for adns is a bit unclear
> on on when to use what from the ans->rrs union :-(
>  
> Has the adns version been bumped recently?
>  
> Has anyone else seen anything like this?
What compiler version?

If you're on Windows, and using a version of MSVC later than 6.0, have
you recompiled the adns library?  setup removes the old one.
--

-- 
Regards,

Graham Bloice

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 8 comments |
headers
Peter Johansson | 1 Oct 2007 15:16
Picon

Re: Repeated crashes after update to GTK 2.12.0

2007/10/1, Graham Bloice <graham.bloice-aic7tYjrKw4S+FvcfC7Uqw@public.gmane.org>:
Peter Johansson wrote:
> After having updated the GTK version to 2.12.0 (using nmake -f
> makefile.nmake setup) I run into crashes when running Wireshark. I
> have rebuilt all the sources and the problem remains.
>
> Unfortunately Wireshark does not crash every time, just sometimes. I
> have two scenarios:
> 1. Crashes occurr once Wireshark has been started and I press the
> "show capture options" button (but not every time).
> 2. Crashes occurr when capturing data and "Network name resolution" is
> enabled (but not every time, and not for all frames).
>
> The two scenarios seem unrelated and at least scenario 2 *should* not
> be a result from the update to GTK 2.12.0.
> I have no other information regarding scenario 1.
> For scenario 2 however, it seems that host_name_lookup_process is
> passing *ans->rrs.str to add_ipv4_name when the correct information is
> actually stored in ans->rrs.bytes (note that this one should not be
> preceeded by "*").
>
> When changing the call to add_ipv4_name to use ans->rrs.bytes as input
> instead of *ans->rrs.str, name resloution seems to work. But I cannot
> understand why it has worked before as I cannot find a change in the
> SVN repository that has changed this anytime recently (at least not
> since the renaming from Ethereal).
> Should add_ipv4_name be called with ans->rrs.bytes instead of
> *ans->rrs.str? The (missing) documentation for adns is a bit unclear
> on on when to use what from the ans->rrs union :-(
>
> Has the adns version been bumped recently?
>
> Has anyone else seen anything like this?
What compiler version?

If you're on Windows, and using a version of MSVC later than 6.0, have
you recompiled the adns library?  setup removes the old one.
--
Regards,

Graham Bloice
 
I am using VC2005 (not the express edition).
No, I have not compiled the adns library myself, should I have to do that? I thought it was precompiled. The adns_dll.dll version I run Wireshark against (a copy of adns_dll.dll resides in \Wireshark\wireshark-gtk2 for instance, copied from \wireshark-win32-libs\adns- 1.0-win32-05\adns_win32\lib) is ver 1.0.0.5 from Oct 13, 2005 (this is adns-1.0-win32-05 if I understand things correctly).
 
Regards, Peter
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 7 comments |
headers
Graham Bloice | 1 Oct 2007 15:23
Favicon
Gravatar

Re: Repeated crashes after update to GTK 2.12.0

Peter Johansson wrote:
> 2007/10/1, Graham Bloice <graham.bloice <at> trihedral.com
> <mailto:graham.bloice <at> trihedral.com>>:
>
>     Peter Johansson wrote:
>     > After having updated the GTK version to 2.12.0 (using nmake -f
>     > makefile.nmake setup) I run into crashes when running Wireshark. I
>     > have rebuilt all the sources and the problem remains.
>     >
>     > Unfortunately Wireshark does not crash every time, just sometimes. I
>     > have two scenarios:
>     > 1. Crashes occurr once Wireshark has been started and I press the
>     > "show capture options" button (but not every time).
>     > 2. Crashes occurr when capturing data and "Network name
>     resolution" is
>     > enabled (but not every time, and not for all frames).
>     >
>     > The two scenarios seem unrelated and at least scenario 2
>     *should* not
>     > be a result from the update to GTK 2.12.0.
>     > I have no other information regarding scenario 1.
>     > For scenario 2 however, it seems that host_name_lookup_process is
>     > passing *ans->rrs.str to add_ipv4_name when the correct
>     information is
>     > actually stored in ans->rrs.bytes (note that this one should not be
>     > preceeded by "*").
>     >
>     > When changing the call to add_ipv4_name to use ans->rrs.bytes as
>     input
>     > instead of *ans->rrs.str, name resloution seems to work. But I
>     cannot
>     > understand why it has worked before as I cannot find a change in
>     the
>     > SVN repository that has changed this anytime recently (at least not
>     > since the renaming from Ethereal).
>     > Should add_ipv4_name be called with ans->rrs.bytes instead of
>     > *ans->rrs.str? The (missing) documentation for adns is a bit
>     unclear
>     > on on when to use what from the ans->rrs union :-(
>     >
>     > Has the adns version been bumped recently?
>     >
>     > Has anyone else seen anything like this?
>     What compiler version?
>
>     If you're on Windows, and using a version of MSVC later than 6.0, have
>     you recompiled the adns library?  setup removes the old one.
>     --
>     Regards,
>
>     Graham Bloice
>
>  
> I am using VC2005 (not the express edition).
> No, I have not compiled the adns library myself, should I have to do
> that? I thought it was precompiled. The adns_dll.dll version I run
> Wireshark against (a copy of adns_dll.dll resides in
> \Wireshark\wireshark-gtk2 for instance, copied from
> \wireshark-win32-libs\adns- 1.0-win32-05\adns_win32\lib) is ver
> 1.0.0.5 <http://1.0.0.5> from Oct 13, 2005 (this is adns-1.0-win32-05
> if I understand things correctly).
>  
I also use VS2005 Pro.

Ever since I moved on from VC6 earlier this year, I've need to recompile
adns due, I presume, to it being linked with the VC6 CRT.  As a note,
you have to open and convert the older .dsw file to a newer VS .sln file
and then compile it.

This is similar to the issue with zlib.

--

-- 
Regards,

Graham Bloice

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 6 comments |

Gmane