docs/tshark: proper name is lopsided CamelCase (TShark)

This is a first pass that covers the WSDG, WSUG, man page, a code
comment and a README. Plenty left to do in the Debian files, a few
Lua examples and other misc files.

doc/README.stats_tree

@@ -3,9 +3,9 @@ tapping with stats_tree
 Let's suppose that you want to write a tap only to keep counters, and you
 don't want to get involved with GUI programming or maybe you'd like to make
 it a plugin. A stats_tree might be the way to go. The stats_tree module takes
-care of the representation (GUI for Wireshark and text for Tshark) of the
+care of the representation (GUI for Wireshark and text for TShark) of the
 tap data. So there's very little code to write to make a tap listener usable
-from both Wireshark and Tshark.
+from both Wireshark and TShark.
 
 First, you should add the TAP to the dissector in question as described in
 README.tapping .

doc/tshark.adoc

@@ -32,7 +32,7 @@ data from a live network, or read packets from a previously saved
 capture file, either printing a decoded form of those packets to the
 standard output or writing the packets to a file.  *TShark*'s native
 capture file format is *pcapng* format, which is also the format used
-by *wireshark* and various other tools.
+by *Wireshark* and various other tools.
 
 Without any options set, *TShark* will work much like *tcpdump*.  It
 will use the pcap library to capture traffic from the first available
@@ -49,7 +49,7 @@ optional gzip, zstd or lz4 compression will be automatically detected.  Near the
 beginning of the DESCRIPTION section of xref:wireshark.html[wireshark](1) or
 https://www.wireshark.org/docs/man-pages/wireshark.html is a detailed
 description of the way *Wireshark* handles this, which is the same way
-*Tshark* handles this.
+*TShark* handles this.
 
 Compressed file support uses (and therefore requires) the zlib library.
 If the zlib library is not present when compiling *TShark*, it will be
@@ -147,7 +147,7 @@ display of the packet summary or details; this would be used if *-z*
 options are specified in order to display statistics, so that only the
 statistics, not the packet information, is displayed.
 
-The *-G* option is a special mode that simply causes *Tshark*
+The *-G* option is a special mode that simply causes *TShark*
 to dump one of several types of internal glossaries and then exit.
 
 == OPTIONS
@@ -155,7 +155,7 @@ to dump one of several types of internal glossaries and then exit.
 -2::
 +
 --
-Perform a two-pass analysis. This causes tshark to buffer output until the
+Perform a two-pass analysis. This causes *TShark* to buffer output until the
 entire first pass is done, but allows it to fill in fields that require future
 knowledge, such as 'response in frame #' fields. Also permits reassembly
 frame dependencies to be calculated correctly.
@@ -257,7 +257,7 @@ files of size one megabyte each.
 Set capture buffer size (in MiB, default is 2 MiB).  This is used by
 the capture driver to buffer packet data until that data can be written
 to disk.  If you encounter packet drops while capturing, try to increase
-this size.  Note that, while *Tshark* attempts to set the buffer size
+this size.  Note that, while *TShark* attempts to set the buffer size
 to 2 MiB by default, and can be told to set it to a larger value, the
 system or interface on which you're capturing might silently limit the
 capture buffer size to a lower value or raise it to a higher value.
@@ -330,7 +330,7 @@ the interface name might be a long name or a GUID.
 
 Note that "can capture" means that *TShark* was able to open that
 device to do a live capture.  Depending on your system you may need to
-run tshark from an account with special privileges (for example, as
+run *TShark* from an account with special privileges (for example, as
 root) to be able to capture network traffic.  If *tshark -D* is not run
 from such an account, it will not list any interfaces.
 --
@@ -423,14 +423,14 @@ user's group).
 -G  [ <report type> ]::
 +
 --
-The *-G* option will cause *Tshark* to dump one of several types of glossaries
+The *-G* option will cause *TShark* to dump one of several types of glossaries
 and then exit.  If no specific glossary type is specified, then the *fields*
 report will be generated by default.
 Using the report type of *help* lists all the current report types.
 
 The available report types include:
 
-*column-formats* Dumps the column formats understood by tshark.
+*column-formats* Dumps the column formats understood by *TShark*.
 There is one record per line.  The fields are tab-delimited.
 
 [horizontal]
@@ -487,7 +487,7 @@ Field 6:: base for display (for integer types); "parent bitfield width" for FT_B
 Field 7:: bitmask: format: hex: 0x....
 Field 8:: blurb describing field
 
-*folders* Dumps various folders used by tshark.  This is essentially the
+*folders* Dumps various folders used by *TShark*.  This is essentially the
 same data reported in Wireshark's About | Folders tab.
 There is one record per line.  The fields are tab-delimited.
 
@@ -495,7 +495,7 @@ There is one record per line.  The fields are tab-delimited.
 Field 1:: Folder type (e.g "Personal configuration:")
 Field 2:: Folder location (e.g. "/home/vagrant/.config/wireshark/")
 
-*ftypes* Dumps the "ftypes" (fundamental types) understood by tshark.
+*ftypes* Dumps the "ftypes" (fundamental types) understood by *TShark*.
 There is one record per line.  The fields are tab-delimited.
 
 [horizontal]
@@ -1010,7 +1010,7 @@ example,
 
 will save host name resolution records along with captured packets.
 
-Future versions of *Tshark* may automatically change the capture format
+Future versions of *TShark* may automatically change the capture format
 to *pcapng* as needed.
 
 The argument is a string that may contain the following letter:
@@ -1231,7 +1231,7 @@ Multiple diameter messages in one frame are supported.
 Several fields with same name within one diameter message are supported, e.g.
 __diameter.Subscription-Id-Data__ or __diameter.Rating-Group__.
 
-Note: *tshark -q* option is recommended to suppress default *tshark* output.
+Note: *tshark -q* option is recommended to suppress default *TShark* output.
 --
 
 *-z* dns,tree[,__filter__]::

docbook/wsug_src/WSUG_chapter_customize.adoc

@@ -404,7 +404,7 @@ stamp type to use while capturing packets. The values reported by
 `--list-time-stamp-types` are the values that can be used.
 
 -X <eXtension option>::
-Specify an option to be passed to a Wireshark/Tshark module. The eXtension
+Specify an option to be passed to a Wireshark/TShark module. The eXtension
 option is in the form extension_key:value, where extension_key can be:
 +
 --

docbook/wsug_src/WSUG_chapter_io.adoc

@@ -756,7 +756,7 @@ The btn:[Close] button will, well, close the dialog box.
 
 Wireshark provides a variety of options for exporting packet data.
 This section describes general ways to export data from the main Wireshark application.
-There are many other ways to export or extract data from capture files, including processing <<AppToolstshark,tshark>> output and customizing Wireshark and tshark using Lua scripts.
+There are many other ways to export or extract data from capture files, including processing <<AppToolstshark,tshark>> output and customizing Wireshark and TShark using Lua scripts.
 
 [[ChIOExportSpecifiedPacketsDialog]]
 

epan/wslua/wslua_capture_info.c

@@ -27,7 +27,7 @@ WSLUA_CLASS_DEFINE(CaptureInfo,FAIL_ON_NULL_OR_EXPIRED("CaptureInfo"));
     A `CaptureInfo` object, passed into Lua as an argument by `FileHandler` callback
     function `read_open()`, `read()`, `seek_read()`, `seq_read_close()`, and `read_close()`.
     This object represents capture file data and meta-data (data about the
-    capture file) being read into Wireshark/Tshark.
+    capture file) being read into Wireshark/TShark.
 
     This object's fields can be written-to by Lua during the read-based function callbacks.
     In other words, when the Lua plugin's `FileHandler.read_open()` function is invoked, a
@@ -303,7 +303,7 @@ WSLUA_CLASS_DEFINE(CaptureInfoConst,FAIL_ON_NULL_OR_EXPIRED("CaptureInfoConst"))
     function `write_open()`.
 
     This object represents capture file data and meta-data (data about the
-    capture file) for the current capture in Wireshark/Tshark.
+    capture file) for the current capture in Wireshark/TShark.
 
     This object's fields are read-from when used by `write_open` function callback.
     In other words, when the Lua plugin's FileHandler `write_open` function is invoked, a

epan/wslua/wslua_file.c

@@ -36,7 +36,7 @@ WSLUA_CLASS_DEFINE(File,FAIL_ON_NULL_OR_EXPIRED("File"));
     functions (e.g., `read_open`, `read`, `write`, etc.).  This behaves similarly to the
     Lua `io` library's `file` object, returned when calling `io.open()`, *except*
     in this case you cannot call `file:close()`, `file:open()`, nor `file:setvbuf()`,
-    since Wireshark/tshark manages the opening and closing of files.
+    since Wireshark/TShark manages the opening and closing of files.
     You also cannot use the '`io`' library itself on this object, i.e. you cannot
     do `io.read(file, 4)`.  Instead, use this `File` with the object-oriented style
     calling its methods, i.e. `myfile:read(4)`. (see later example)

epan/wslua/wslua_file_handler.c

@@ -788,7 +788,7 @@ static gboolean verify_filehandler_complete(FileHandler fh) {
 
 
 WSLUA_FUNCTION wslua_register_filehandler(lua_State* L) {
-    /* Register the FileHandler into Wireshark/tshark, so they can read/write this new format.
+    /* Register the FileHandler into Wireshark/TShark, so they can read/write this new format.
        All functions and settings must be complete before calling this registration function.
        This function cannot be called inside the reading/writing callback functions. */
 #define WSLUA_ARG_register_filehandler_FILEHANDLER 1 /* the FileHandler object to be registered */
@@ -873,7 +873,7 @@ wslua_deregister_filehandler_work(FileHandler fh)
 }
 
 WSLUA_FUNCTION wslua_deregister_filehandler(lua_State* L) {
-    /* Deregister the FileHandler from Wireshark/tshark, so it no longer gets used for reading/writing/display.
+    /* Deregister the FileHandler from Wireshark/TShark, so it no longer gets used for reading/writing/display.
        This function cannot be called inside the reading/writing callback functions. */
 #define WSLUA_ARG_register_filehandler_FILEHANDLER 1 /* the FileHandler object to be deregistered */
     FileHandler fh = checkFileHandler(L,WSLUA_ARG_register_filehandler_FILEHANDLER);

epan/wslua/wslua_listener.c

@@ -352,7 +352,7 @@ WSLUA_ATTRIBUTE_FUNC_SETTER(Listener,packet);
 
 
 /* WSLUA_ATTRIBUTE Listener_draw WO A function that will be called once every few seconds to redraw the GUI objects;
-            in Tshark this funtion is called only at the very end of the capture file.
+            in TShark this funtion is called only at the very end of the capture file.
 
     When later called by Wireshark, the `draw` function will not be given any arguments.
 

epan/wslua/wslua_tree.c

@@ -53,7 +53,7 @@ TreeItem create_TreeItem(proto_tree* tree, proto_item* item)
 CLEAR_OUTSTANDING(TreeItem, expired, TRUE)
 
 WSLUA_CLASS_DEFINE(TreeItem,FAIL_ON_NULL_OR_EXPIRED("TreeItem"));
-/* <lua_class_TreeItem,`TreeItem`>>s represent information in the https://www.wireshark.org/docs/wsug_html_chunked/ChUsePacketDetailsPaneSection.html[packet details] pane of Wireshark, and the packet details view of Tshark.
+/* <lua_class_TreeItem,`TreeItem`>>s represent information in the https://www.wireshark.org/docs/wsug_html_chunked/ChUsePacketDetailsPaneSection.html[packet details] pane of Wireshark, and the packet details view of TShark.
    A <<lua_class_TreeItem,`TreeItem`>> represents a node in the tree, which might also be a subtree and have a list of children.
    The children of a subtree have zero or more siblings which are other children of the same <<lua_class_TreeItem,`TreeItem`>> subtree.
 
@@ -62,7 +62,7 @@ WSLUA_CLASS_DEFINE(TreeItem,FAIL_ON_NULL_OR_EXPIRED("TreeItem"));
 
    In some cases the tree is not truly added to, in order to improve performance.
    For example for packets not currently displayed/selected in Wireshark's visible
-   window pane, or if Tshark isn't invoked with the `-V` switch. However the
+   window pane, or if TShark isn't invoked with the `-V` switch. However the
    "add" type <<lua_class_TreeItem,`TreeItem`>> functions can still be called, and still return <<lua_class_TreeItem,`TreeItem`>>
    objects - but the info isn't really added to the tree. Therefore you do not
    typically need to worry about whether there's a real tree or not. If, for some

tshark.c

@@ -3564,7 +3564,7 @@ process_cap_file(capture_file *cf, char *save_file, int out_file_type,
     /* Set up to write to the capture file. */
     wtap_dump_params_init_no_idbs(&params, cf->provider.wth);
 
-    /* If we don't have an application name add Tshark */
+    /* If we don't have an application name add TShark */
     if (wtap_block_get_string_option_value(g_array_index(params.shb_hdrs, wtap_block_t, 0), OPT_SHB_USERAPPL, &shb_user_appl) != WTAP_OPTTYPE_SUCCESS) {
       /* this is free'd by wtap_block_unref() later */
       wtap_block_add_string_option_format(g_array_index(params.shb_hdrs, wtap_block_t, 0), OPT_SHB_USERAPPL, "%s", get_appname_and_version());