["Neulinger, Nathan R." <nneul@xxxxxxx>]

> The gtk_text_set_point() and gtk_editable_set_position() 
> calls I grabbed
> from the GTK+ test application to set the highlighted portion 
> of the hex
> pane in the viewable area without having to figure out the 
> font size and
> spacing, works nice under win32 and linux.

The problem with that is that I've found that using those calls is
notoriously buggy. Hence the contortions that are currently gone through for
the highlighting. It seems to be very dependent on gtk+ version. 

In any case, if the default font isn't monospaced for you, something is
wrong with your fonts setup. (Or windows just sucks. Hmmm.) At one point I
had played around with a patch to use color based highlighting instead of
boldfacing, which is actually easier to use in some respects.

I can bring that patch up to date if people are interested. The main reason
I did it was that boldfaced periods are hard to distinguish from regular
periods in the ascii view.

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul@xxxxxxx
University of Missouri - Rolla         Phone: (573) 341-4841
Computing Services                       Fax: (573) 341-4216

> 
> I don't have a "DLT_PPP_WIN32" trace yet, next time I do a 
> dialup connection
> I'll try to get one.
> 
> Ed
> -----Original Message-----
> From: Gilbert Ramirez [mailto:gram@xxxxxxxxxx]
> Sent: Tuesday, February 01, 2000 11:27 PM
> To: Meaney, Ed
> Cc: 'Ethereal Dev list'
> Subject: Re: [ethereal-dev] Ethereal Win32 libpcap patch.
> 
> 
> On Tue, Feb 01, 2000 at 02:46:54PM -0500, Meaney, Ed wrote:
> > All,
> > I've finally had some time to clean up the win32 libpcap support.
> > I use the WinDump libpcap from 
> http://netgroup-serv.polito.it/windump/
> under
> > NT 4.0 SP4.
> > There may be a problem in get_interface_list in util.c for 
> Win98/95. NT
> > returns Driver names in WCHARs.
> > 98/95 should return the names in standard char * format but 
> I don't have
> > access to 95/98 right now.
> > Attached is my patch. let me know if there are any problems.
> > 
> > Ed <<win32.patch>> 
> 
> Great! Thanks. I haven't tried the patch yet; I'll try it at
> work tomorrow. But just by readin the patch, I have a couple of
> questions.
> 
> diff -u -r1.71 packet-ip.c
> --- packet-ip.c	2000/01/24 04:44:35	1.71
> +++ packet-ip.c	2000/02/01 19:35:07
> @@ -1047,6 +1047,9 @@
>      case IP_PROTO_IPV6:
>        dissect_ipv6(pd, offset, fd, tree);
>        break;
> +    case IP_PROTO_IPV4:
> +      dissect_ip(pd, offset, fd, tree);
> +      break;
>      case IP_PROTO_PIM:
>        dissect_pim(pd, offset, fd, tree);
>        break;
> 
> True, we should put that in for correctness. Out of curiosity, do
> you have a trace file with packets like that, IP-in-IP ?
> 
> 
>  #ifdef WIN32
> -#define MONO_MEDIUM_FONT "-*-lucida 
> console-medium-*-*-*-*-100-*-*-*-*-*-*"
> -#define MONO_BOLD_FONT "-*-lucida 
> console-bold-*-*-*-*-100-*-*-*-*-*-*"
> +/* font that allows bold and regular */
> +#define MONO_MEDIUM_FONT "-unknown-courier
> new-normal-r-normal-*-*-110-*-*-m-*-windows-russian"
> +#define MONO_BOLD_FONT "-unknown-courier
> new-bold-r-normal-*-*-110-*-*-m-*-windows-russian"
> 
> I think I'll avoid applying this patch. Nye vcye govaryat po-russki.
> 
> 
> diff -u -r1.13 proto_draw.c
> --- proto_draw.c	2000/01/25 03:45:45	1.13
> +++ proto_draw.c	2000/02/01 19:35:08
> @@ -158,6 +158,9 @@
>      scrollval = MIN(linenum * lineheight,bv->vadj->upper -
> bv->vadj->page_size);
>  
>      gtk_adjustment_set_value(bv->vadj, scrollval);
> +    /* set the current highlight visible in window */
> +    gtk_text_set_point(GTK_TEXT(bv), (bstart/16) * 76);
> +    gtk_editable_set_position(GTK_EDITABLE(bv), (bstart/16) * 76);
>    }
>  }
> 
> What are the gtk_text_set_point() and gtk_editable_set_position()
> calls for?
> 
>  
> diff -u -r1.31 libpcap.c
> --- libpcap.c	2000/01/22 06:22:39	1.31
> +++ libpcap.c	2000/02/01 19:35:09
> @@ -160,6 +160,13 @@
>  	WTAP_ENCAP_LINUX_ATM_CLIP
>  };
>  #define NUM_PCAP_ENCAPS (sizeof pcap_encap / sizeof pcap_encap[0])
> +/*
> + * New Data-link level type for win32.
> + */
> +#ifdef WIN32 
> +#define DLT_EN100MB	100	/* Ethernet (100Mb) */
> +#define DLT_PPP_WIN32	101	/* Win32 dial up connection */
> +#endif
>  
>  int libpcap_open(wtap *wth, int *err)
>  {
> @@ -456,6 +463,13 @@
>  
>  int wtap_pcap_encap_to_wtap_encap(int encap)
>  {
> +#ifdef WIN32
> +   /* 2 NEW Encaps for win32 100 - 100Mb Eth and 101 - PPP wan */
> +   if (encap == DLT_EN100MB)
> +      return WTAP_ENCAP_ETHERNET;
> +   if (encap == DLT_PPP_WIN32)
> +      return WTAP_ENCAP_PPP;
> +#endif
> 
> Do you have a "DLT_PPP_WIN32" trace available? We discovered that the
> NDIS type for "WAN" indicates a packet with a fake ethernet 
> header on it.
> It is possible, if libpcap for win32 uses the same NDIS facility as
> NetXRay, that "DLT_PPP_WIN32" should really return 
> WTAP_ENCAP_ETHERNET.
> 
> --gilbert
> 
>