wireshark-dev October 2010 archive
Main Archive Page > Month Archives  > wireshark-dev archives
wireshark-dev: Re: [Wireshark-dev] [Wireshark-commits] rev 34339

Re: [Wireshark-dev] [Wireshark-commits] rev 34339: /trunk/gtk/ /trunk/gtk/: capture_dlg.c

From: Guy Harris <guy_at_nospam>
Date: Sun Oct 03 2010 - 21:48:17 GMT
To: Developer support list for Wireshark <wireshark-dev@wireshark.org>

On Oct 3, 2010, at 12:44 PM, Sake Blok wrote:

> On 3 okt 2010, at 20:18, Guy Harris wrote:

        ...

> Which .def file are you referring too?

The wpcap/PRJ/WPCAP.DEF and wpcap/PRJ/Wpcap_no_extensions.def files in the WinPcap source (replace slashes with backslashes if you're looking at the source on Windows).

>
>> Where is it failing?
>
> It was failing in both "capture_filter_compile_cb" and "dumpcap.c", the only places where bpf_image is used. As long as HAVE_BPF_IMAGE is not defined, all is fine (except, the compile BPF button is not available and neither is dumpcap -d). But if I "add support for" bpf_image in the same way as I added support for pcap_open_dead, the linker complains that bpf_image can not be found.

That's because, at least in the current top of tree, the bpf_image() wrapper in capture-wpcap.c is static. None of the other wrappers are.

>> libpcap 0.4 had neither pcap_open_dead() nor pcap_compile_nopcap() - you *had* to have a live capture device or a savefile open in order to compile a filter into BPF code.
>
> So, that sounds to me like we should just use these functions without adding complexity by using "HAVE_PCAP_COMPILE_NOPCAP" until someone knocks at our door telling us that (s)he has a problem with these functions on their platform.

I'd say so. It's been a long time since libpcap 0.5 came out - there might be some *really* old {Linux distributions, *BSD releases} still using 0.4, but if nobody complains if we require pcap_compile_nopcap() or pcap_open_dead(), it's probably not worth worrying about those old releases.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe