Commit Graph

2364 Commits (master)

Author SHA1 Message Date
Gerald Combs ae3010cabe wslua: Port make-taps to Python3
Port the script that creates taps_wslua.c and taps.txt to Python3. The
generated taps_wslua.c has one less newline, otherwise the output is
identical to the Perl version. Make the "taps" configuration file an
ConfigParser / .ini file.
Ping #18152.
2022-06-27 16:11:34 +00:00
João Valverde e9e6431d7b dfilter: Change boolean string representation
Use "True" or "TRUE" instead of "true" and remove case insensivity.
Same for false. This should serve to differentiate booleans a bit
more from protocol names, which should be using lower-case.
2022-06-25 13:02:34 +01:00
Gerald Combs d3e2f1053b Doc: Port make-authors-short to Python3.
Port the script that creates AUTHORS-SHORT to Python3.
Ping #18152.
2022-06-24 18:32:50 +00:00
Moshe Kaplan 26f87b3250 wslua: Port epan/wslua/ to Python3
Port the script that creates
declare_wslua.h and register_wslua.c
to Python3.
Ping #18152.
2022-06-24 15:02:38 +00:00
Gerald Combs 3b0d9194bc Docs: Update the ftype description list in wireshark-filter(4).
Update a couple of ftype descriptions and update the list in the
wireshark-filter man page.
2022-06-21 14:33:45 -07:00
João Valverde fe25d701ba Docs: Updates to wireshark-filter manpage 2022-06-21 16:56:06 +01:00
João Valverde e11c7559a8 plugins.example: Fix an installation path 2022-06-17 16:35:20 +01:00
Chuck Craft d008708552 editcap/mergecap: swap 'v'|'V' options to match other CLI utilities
Closes #18134
2022-06-16 02:13:50 +00:00
Chuck Craft f82ddef8d2 tshark/docs: add -X read_format: example to view file internals 2022-06-12 16:30:35 +00:00
João Valverde 3e543bb0af Docs: Update README.dissector for string encodings 2022-06-09 20:52:24 +01:00
Gerald Combs 8fa64a4773 Docs: Note that display filter layer numbers start at 1. 2022-06-08 17:21:58 +00:00
João Valverde 4015522162 Docs: Another display filter regex update 2022-06-08 16:40:09 +00:00
João Valverde bd0f0cbbed Docs: Update display filter manual page to PCRE2 2022-06-08 12:12:25 +01:00
John Thacker 06871d27df wiretap: merge support for IDBs in the middle of a file
Support merging files with IDBs in the middle of the file.
Use wtap_get_next_interface_description when doing the initial
list of interfaces so that we can correctly get IDBs later.

Note that while IDB merge modes "any" and "none" work as expected, the
default "all" mode can't really work for IDBs in the middle of the file
without adding a two-pass mode. In "all" mode, if there are any such IDBs,
merge them with duplicates iff the interfaces at the beginning of the
files were merged.

Related to #15502 and #16542.
2022-06-02 12:51:52 +00:00
Gerald Combs be929e162d epan: Allow conversations based on arbitrary element lists.
Add conversation_new_full and find_conversation_full, which take
arbitrary element lists instead of fixed addresses and ports.

Update the comments in conversation.h to be more Doxygen-conformant.
Update README.dissector.

Use the new functionality to add initial conversation support to the
Falco Bridge dissector.
2022-05-23 18:12:26 +00:00
Chuck Craft 609c0d3881 docs: adoc migration bolding typos; Windows pipe name syntax 2022-05-12 16:43:44 +00:00
John Thacker 2e5a78dc64 text2pcap: Switch default file format to pcapng
For the upcoming 4.0 release, switch the default file format for
text2pcap to pcapng from pcap, to match other tools and the GUI
behavior. Update the documentation and release notes appropriately.

Deprecate the old -n flag; since pcapng is the default this has no
effect. Changing the output capture file format is supported with
the -F option, consistent with the other command line tools.

Related to #18009.
2022-05-12 16:20:40 +00:00
João Valverde b602911b31 dfilter: Add support for universal quantifiers
Adds the keywords "any" and "all" to implement the quantification
to any existing relational operator.

Filter: all tcp.port in {100, 2000..3000}

Syntax tree:
   1 FIELD(tcp.port)
   1 SET(#2):
     2 FVALUE(100 <FT_UINT16>)
     2 FVALUE(2000 <FT_UINT16>) .. FVALUE(3000 <FT_UINT16>)

00000 READ_TREE		tcp.port -> reg#0
00002 ALL_EQ		reg#0 === 100 <FT_UINT16>
00003 IF_TRUE_GOTO	5
00004 ALL_IN_RANGE	reg#0 in { 2000 <FT_UINT16> .. 3000 <FT_UINT16> }
00005 RETURN
2022-05-12 14:26:54 +01:00
Odysseus Yang 36e834b6b7 ETW: Extract IP packets from Windows event trace
With this change, Wireshark will be enhanced to display IP packets from an event trace logfile
or an event trace live session.
2022-05-05 13:35:47 +00:00
John Thacker 536c685ea5 docs: Update reference to minimum versions of GLib and Qt 2022-04-28 23:12:24 -04:00
Roland Knall f595f3b6ad sshdump: Update doc for openssh key note
Add a note, that the key value pair format has to be openssh format

Fixes #18063
2022-04-28 19:59:07 +02:00
João Valverde 4f3f507eee dfilter: Add syntax to match specific layers in the protocol stack
Add support to display filters for matching a specific layer within a frame.
Layers are counted sequentially up the protocol stack. Each protocol
(dissector) that appears in the stack is one layer.

LINK-LAYER#1 <-> IP#1 <-> TCP#1 <-> IP#2 <-> TCP#2 <-> etc.

The syntax allows for negative indexes and ranges with the usual semantics
for slices (but note that counting starts at one):

    tcp.port#[2-4] == 1024

Matches layers 2 to 4 inclusive.

Fixes #3791.
2022-04-26 16:50:59 +00:00
João Valverde eb2a9889c3 dfilter: Add abs() function
Add an absolute value function for ftypes.
2022-04-18 17:09:00 +01:00
Chuck Craft 4e0cd3dbd2 epan: add ENC_TIME_USECS timestamp encoding
Needed to format timestamp in #18038 - packet-cql.c
Mirrors changes made in !1924 - Add ENC_TIME_NSECS timestamp encoding
Documentation in README.dissector, proto.c, proto.h - could use
refresh in a different merge request.
2022-04-14 15:18:30 +00:00
João Valverde cef02cc3a0 dfilter: Add max()/min() tests and documentation 2022-04-14 13:07:41 +00:00
Chuck Craft 55f7b27b35 tshark.adoc: update -z conv/endpoints descriptions 2022-04-13 12:58:14 +00:00
Moshe Kaplan 1e352c3e7b manpage: Fix grammar errors and improve phrasing
Quickly review of fixing common grammatical errors in
the man pages.
2022-04-13 03:39:56 +00:00
João Valverde fb9a176587 dfilter: Allow grouping arithmetical expressions with { }
This removes the limitation of having only two terms in an
arithmetic expression and allows setting the precedence using
curly braces (like any basic calculator).

Our grammar currently does not allow grouping arithmetic expressions
using parenthesis, because boolean expressions and arithmetic
expressions are different and parenthesis are used with the former.
2022-04-08 23:12:04 +01:00
Chuck Craft b52437ba28 WSUG/tshark: protocol summary and output with "-e" 2022-04-08 19:40:43 +00:00
John Thacker f0f0f05060 editcap: Document use of stdin and stdout
Editcap accepts '-' for stdin or stdout, document that. Also change
an incorrect statement that claims that the '-v' flag writes to
standard output; it writes to standard error.
2022-04-07 20:57:08 -04:00
João Valverde 34ad6bb478 dfilter: Make logical AND higher precedence than logical OR
In most, if not all, programming languages logical AND has
higher precedence than logical OR. Apply the principle of
least surprise and do the same for Wireshark display

Before: ip and tcp or udp => ip and (tcp or udp)

    Filter: ip and tcp or udp

    00000 CHECK_EXISTS	ip
    00001 IF_FALSE_GOTO	5
    00002 CHECK_EXISTS	tcp
    00003 IF_TRUE_GOTO	5
    00004 CHECK_EXISTS	udp
    00005 RETURN

After: ip and tcp or udp => (ip and tcp) or udp

    Filter: ip and tcp or udp

    00000 CHECK_EXISTS	ip
    00001 IF_FALSE_GOTO	4
    00002 CHECK_EXISTS	tcp
    00003 IF_TRUE_GOTO	5
    00004 CHECK_EXISTS	udp
    00005 RETURN
2022-04-04 19:51:38 +00:00
João Valverde 7b4ec1bd88 Docs: Add new display filter syntax to the manpage. 2022-04-01 07:22:22 +01:00
João Valverde 8df570294f plugins.example: Add some comments 2022-03-28 13:23:28 +00:00
João Valverde e3765215aa plugins.example: Add package target
Basic package target to create a .zip or tar.gz of the plugin
and README file.
2022-03-28 13:23:28 +00:00
João Valverde c451e572e5 plugins.example: Make installation relocatable
Fixes "make install" to be relocatable using DESTDIR. For that
we cannot use an absolute path as intallation directory target.
This is useful mostly to implement packaging using CPack.

It is a bit awkward to configure a default CMAKE_INSTALL_PREFIX
using WiresharkConfig.cmake but it seems to be working OK.

The previous non-relocatable behaviour may still be useful. It is
relegated to a custom "copy_plugin" target.
2022-03-28 13:23:28 +00:00
João Valverde 80eff54e83 Plugins.example: Fix typo and more rewording 2022-03-26 00:57:42 +00:00
João Valverde 16729be2c1 dfilter: Add bitwise masking of bits
Add support for masking of bits. Before the bitwise operator
could only test bits, it did not support clearing bits.

This allows testing if any combination of bits are set/unset
more naturally with a single test. Previously this was only
possible by combining several bitwise predicates.

Bitwise is implemented as a test node, even though it is not.
Maybe the test node should be renamed to something else.

Fixes #17246.
2022-03-22 12:58:04 +00:00
Gerald Combs 1e39a66746 etwdump: Clarify "ETW".
Not everyone knows what ETW is.
2022-03-21 15:35:48 -07:00
João Valverde 8983dda8f2 dfilter: Deprecate "~=" (any_ne)
The representation "~= has been superseded by "!==" with the same
meaning, making it superfluous and somewhat confusing. Deprecate
"~=" and recommend "!==" instead.
2022-03-09 11:28:39 +00:00
Adrian Granados 8622c92a75 extcap: new interface, wifidump, to capture Wi-Fi frames using a remote SSH host 2022-03-09 08:01:39 +00:00
João Valverde 9cc3e7e1bb dfilter: Add support for binary literal constants
Example: 0b1001, 0B111000, etc.
2022-02-23 22:27:59 +00:00
John Thacker 1d84a092cf doc: Update text2pcap and Import from Hexdump doc
Update the text2pcap man page and the Import from Hexdump WSUG
page to clarify how to use it, for grammar, and to remove a few
things that are no longer relevant. (E.g., it's no longer the case that
files without an EOL don't work.)
Fix #15563, #15564.
2022-02-23 02:58:31 +00:00
David Perry fc3f061829 Differentiate `-c` from `-a packets:` 2022-02-11 01:54:53 +00:00
David Perry 1e0d117eb7 Specify directory for temporary captures 2022-02-09 14:32:28 +00:00
John Thacker fb38fe8573 doc: Document tshark -z stats
Document the currently undocumented -z statistics for tshark. Note
that all the stats added here exist in 3.6 as well. Fix #8353
(at least for now).
2022-02-06 12:48:46 +00:00
Jim Young 42106c9688 Docs: Accurately describe our minimum GLib and where to get it 2022-02-06 10:17:25 +00:00
John Thacker 25d0c88251 epan: Add BASE_SHOW_UTF_8_PRINTABLE
Add BASE_SHOW_UTF_8_PRINTABLE and related function tvb_utf_8_isprint
for supporting fields of bytes that are "maybe UTF-8" (default or
SHOULD be UTF-8 but could be something else, with no encoding indicator),
such as SSID fields in IEEE 802.11 (See #16208), certain OctetString
fields in Diameter or PFCP, and other places where
BASE_SHOW_ASCII_PRINTABLE is currently used. Fix #5307
2022-02-06 00:32:13 +00:00
Dr. Lars Völker 8ef0114995 SOME/IP: Add stats information to tshark man file 2022-02-02 00:45:04 +00:00
John Thacker 65b44f4621 docs: tshark: read filter -> display filter
The beginning of the tshark manual talks about read filters and
using the -R option. Switch all that to display filters and -Y,
since that's the typical use now, with -R limited to two-pass
2022-02-01 13:25:03 +00:00
Guy Harris 08dc06027f TShark, Wireshark: add some more documentation of "-i TCP@<host>:<port>".
Add a mention of the meaning of the "TCP@<host>:<port>" syntax in the
text about the -i option.
2022-01-31 21:31:48 -08:00
Guy Harris 778fc283a7 dumpcap: add some more documentation of "-i TCP@<host>:<port>".
Add a mention of the meaning of the "TCP@<host>:<port>" syntax in the
text about the -i option.
2022-01-31 16:45:31 -08:00
Gerald Combs c49f63b5f5 Docs: Update markup in the text2pcap man page.
Add an EditorConfig entry as well.
2022-01-25 09:52:17 -08:00
John Thacker d2fd2eeb31 text2pcap: encap types option (instead of link type)
Add an option to text2pcap to specify the encapsulation type
via wiretap encapsulation type short names instead of pcap
link layer types, similar to editcap.

Update the documentation to reflect this.
2022-01-16 04:27:03 +00:00
Martin Mathieson 559df3c620 Fix some spelling errors 2022-01-15 23:11:47 +00:00
Jim Young b5f89dbe2d tshark: Add new long option --hexdump <hexoption> 2022-01-13 01:18:38 +00:00
John Thacker f85f077b54 text_import: Allow fake IP headers with Raw IP encapsulation
In text2pcap and Import from Hex Dump, allow fake IP headers with
the appropriate versions when the Raw IP, Raw IPv4, and Raw IPv6
encapsulations are specified. In such cases, do not add a dummy
Ethernet header.

Continue to reject other encapsulations besides these, Ethernet,
and Wireshark Upper PDU when appropriate. Add some checks for the
encapsulation type in text_import as well, instead of just assuming
that the callers handle it correctly.
2022-01-11 08:46:44 -05:00
John Thacker b5c51f396a text2pcap: Use RFC 3849 addresses for documentation
Use the RFC 3849 IPv6 address prefix reserved for documentation
for the documentation and examples
2022-01-11 01:28:23 +00:00
John Thacker 21465962fd text2pcap: Use common capture type flag
Support all possible file formats that wiretap writes, using the
same "-F" flag that other CLI tools like editcap, mergecap, and tshark
support. Default is still pcap for now; a future commit will switch
to pcapng and remove the "-n" option, to match other CLI tools.
2022-01-03 16:42:15 +00:00
Gerald Combs 17e4032e81 [Automatic update for 2022-01-02]
Update manuf, services enterprise numbers, translations, and other items.
2022-01-02 16:39:07 +00:00
John Thacker ab347ea14e text2pcap: add regex
Add support in text2pcap for the regex mode added to "Import from
Hex Dump" in 3.6.0 The input and output indicators cannot (yet?)
be configured, and are set to the default of allowing any of "iI<"
for inbound and "oO>" for outbound. This reaches feature parity
between text2pcap and Import from Hex Dump, fixes #16724.
(There might be some more cleanups to do, including docs.)
2022-01-02 01:01:51 +00:00
João Valverde 019bb06268 Docs: Add some content about different equality operators
Add information about the different kind of comparisons with
multiple fields to the wireshark-filter man page.

Add some minimal information to the user guide. It would be
nice to have a section dedicated to this with some examples.
2021-12-31 15:33:32 +00:00 6c9cb8f3fa Prefs/Extcap: Added support for password which is never stored on the disk 2021-12-30 16:03:15 +00:00
John Thacker 021c25e22c text2pcap: Use standard log debug level
Remove the '-d' option from text2pcap, and move the two levels
of debug messages in text2pcap and text_import to either
2021-12-30 01:17:06 +00:00
Pascal Quantin dcbd456e69 doc: fix a copy/paste error and a typo 2021-12-27 13:01:42 +00:00
Gerald Combs b851a9fbc6 Docs: Remove unneeded markup in the Wireshark man page.
Remove empty list continuations and continuations around single lines of
2021-12-27 08:25:52 +00:00
Gerald Combs 87eca12c38 Docs: Document our diagnostic output options.
Add docs/diagnostic-options.adoc, which is a snippet that documents our
various --log-* options. Include it in the dumpcap, rawshark, and tshark
man pages.

Make the ws_log_print_usage output more consistent.
2021-12-27 08:04:25 +00:00
John Thacker 0dfc6414e0 text2pcap: Add Export PDU
Support Export PDU functionality from text2pcap. Related to #16724.
2021-12-26 14:07:37 -05:00
John Thacker 8cafcfa5a9 text2pcap: Support OFFSET_NONE 2021-12-25 09:19:07 -05:00
Moshe Kaplan 69d54d6f8e Corrects repeated words throughout the code.
Repeated words were found with:
egrep "(\b[a-zA-Z]+) +\1\b" . -Ir
and then manually reviewed.
Non-displayed strings (e.g., in comments)
were also corrected, to ease future review.
2021-12-22 11:01:11 +00:00
João Valverde 9a52634c5f Add ws_version.h to wireshark.h 2021-12-21 23:00:04 +00:00
João Valverde 4448b6494e Add a ws_posix_compat.h header
Currently used to define ssize_t on platforms that lack it.

Fix some Windows build errors caused by moving the definition into a
separate header.

Fix some narrowing warnings on Windows x64 from changing the definition
of ssize_t from long int to int64_t.

The casts in dumpcap are ugly but necessary. The whole code needs
to be rewritten for portability, or the warnings disabled.
2021-12-21 01:30:06 +00:00
Jaap Keuter 4a7053e880 Documentation: simplify protocol tree function documentation intro 2021-12-20 06:50:38 +00:00
João Valverde fe5248717f Replace g_snprintf() with snprintf()
Use macros from inttypes.h with format strings.
2021-12-19 20:06:13 +00:00
Martin Mathieson 3319d994b5 README.heuristic: minor updates 2021-12-19 08:03:04 +00:00
João Valverde 2f572659f5 Docs: Fix a README.developer code example
Remove spurious "int".

Also prefer "g_string_printf", just for stylistic reasons.
2021-12-18 21:13:20 +00:00
Martin Mathieson 4901eefaa5 README.tapping: Some minor updates 2021-12-18 14:47:57 +00:00
João Valverde a8acda8fcc Docs: Add more info about transitioning to C99 fixed-width types 2021-12-18 07:24:46 +00:00
João Valverde 06e6f7d922 Docs: First pass to update README.developer to C11
Update to reflect the transition from C99 to C11. Remove obsolete
comments and recommendations. Add a bit about transitioning to C
fixed width types.

Related to #17768.
2021-12-16 04:59:04 +00:00
John Thacker 69641adfca doc: Add lbmr_* -z stats to tshark manual
Add some more undocumented -z statistics. Ping #8353.
2021-12-12 14:21:15 +00:00
John Thacker 61b402cbe9 doc: Update tshark documents of stat options
Lost one option when updating in the previous commit, restore
2021-12-10 08:12:57 -05:00
John Thacker c0933a18da doc: Update tshark manual for undocumented -z statistics
This commit includes all statistics / taps that exist up through the
3.4.x release. Another commit will handle the ones added in the 3.6
branch. Mention that statistics are unaffected by the display filter
(but are affected by capture and read filters, and usually have their
own filters) at the top rather than repeating the same boilerplate
in half the options.

Ping #8353
2021-12-10 00:20:44 +00:00
João Valverde 19dcb725b6 epan: Remove STR_ASCII and STR_UNICODE
These display bases work to replace unprintable characters so the
name is a misnomer. In addition they are the same option and this
display behaviour is not something that is configurable.

This does not affect encodings because all our internal text strings
need to be valid UTF-8 and the source encoding is specified using

Remove the assertion for valid UTF-8 in proto.c because
tvb_get_*_string() must return a valid UTF-8 string, always, and we
don't need to assert that, it is expensive.
2021-12-03 04:35:56 +00:00
Jörg Mayer a0173cd7cf text2pcap: Support parsing of iso-8601 dates 2021-12-02 19:34:45 +00:00
John Thacker fd1c9b75ba doc: Update stats_tree README
Update README.stats_tree including the sample implementation for
changes in the API, such as the enum return value and needing to
set the node datatype as either int or float.

Also update the comments in the stats_tree header to make it clear
that abbrev and name refer to the abbreviation used in the tshark -z
option, and the name of the menu and window in the GUI for the stats
2021-11-23 22:20:16 -05:00
João Valverde b657396d44 plugins.example: Add missing header
Fixes 9bdccce574.
2021-11-23 17:16:27 +00:00
John Thacker b5917d0182 wmem: Add a multimap
A number of protocols have IDs that can be reused that are used as
lookup keys. In most cases the frame number should be used as well
to differentiate repeat appearances of an ID. For response/request
matching, it is frequently useful to find the most recent frame number
(greatest value less than or equal to the current one) that contained
an ID.

We can achieve that by using a multimap that stores values with a given
ID in a tree keyed with the frame number. This works better than using
a map or a tree alone:

1) A map isn't ordered, so doesn't allow for less than or equal comparison.
2) Using a tree requires an ordering on all the ID components, and then
   having to test all the components other than the frame number separately
   for equality after retrieval.

Currently the multimap does not support inserting items without specifying
the tree key (and having the multimap generate a key), because the total
capacity of trees (including deleted nodes) is not tracked. If other use
cases are needed, this could be added later along with more generic
multimap support.

Use a multimap in ANSI MAP, ANSI TCAP, and GSM SMS, all of which need to
match lookup IDs that can be reused. Fix #7653.
2021-11-21 07:16:55 -05:00
Gerald Combs e2703507c2 Update a bunch of GLib documentation links.
Change our URLs to The official documentation for GLib
appears to be at, but it has a different
layout than the content (and is surprisingly resistant to
exploration IMHO). We can switch to using a
simple substitution and it still seems to be updated, so do that for
2021-11-20 21:33:17 +00:00
Martin Mathieson 263189e23d Fix some spelling errors. 2021-11-18 04:43:51 +00:00
Guy Harris 6d96d8bbc2 Don't include config.h in the example plugin.
Wireshark's config.h isn't available to third-party plugins, and the
developers of the plugin might not even have their own config.h, so
don't include it in the example (if it *does* have its own config.h, the
developers will presumbly know that they should include it).
2021-11-12 12:53:21 -08:00
Guy Harris 2445180fa7 Don't use HAVE_CONFIG_H in sample code in the documentation.
We require config.h and don't define HAVE_CONFIG_H - it should *always*
be included.
2021-11-12 11:23:06 -08:00
João Valverde 237efe7b00 README.dissector: Reinforce a style recommendation. 2021-11-09 22:04:21 +00:00
João Valverde 070aeddf76 Lift restriction on upper case protocol display filter names
Unlike other header fields in filter expressions protocol names
cannot contain upper-case letters. Remove that restriction. This
should make start-up slightly faster as it remove an extra loop
for each protocol filter name.

This was added in 9ead15a6eb but
I don't see a reason to have different rules for protocols and
fields, it seems the README.developer was just being vague and

The recommendation for lower case is a style recommendation,
and it's a good one, but it should be applied uniformly. As
long as we are not enforcing this for all field filter values
there is no point in enforcing it just for protocol names and
actually it is detrimental, e.g:


It's weird and unexpected to have this difference and there is
no technical reason to require it. What we should probably do
is not include the protocol name in the FIELDFILTERNAME and
have the registration mechanism append it to the PROTOFILTERNAME.

Also disallow leading '-' everywhere in filter names, not just
protocol filter names. It's a universal requirement.
2021-11-02 08:35:24 +00:00
Guy Harris 1cf1684504 README.developer: put items about Windows together.
Move the item about MinGW-w64 up after the earlier item about Windows
portability in general.
2021-11-01 13:38:36 -07:00
João Valverde 4ff22025e8 README.developer: Add note about portability on Windows 2021-11-01 20:01:11 +00:00
João Valverde d635ff4933 dfilter: Remove redundant STTYPE_CHARCONST syntax node
A charconst uses the same semantic rules as unparsed so just
use the latter to avoid redundancies.

We keep the use of TOKEN_CHARCONST as an optimization to avoid
an unnecessary name resolution (lookup for a registered field with
the same name as the charconst).
2021-10-31 20:33:31 +00:00
John Thacker 6d52bf07a7 docs: Update wireshark-filter.adoc for recent filter changes.
Commas in sets, changes to != and ~=, changes to contains and matches,
changes to implicit conversions/comparisons to unquoted values.
Also fix #15392.
2021-10-31 08:56:48 +00:00
João Valverde e996c4f060 docs: Add some notes about project APIs 2021-10-26 20:30:18 +00:00
João Valverde c9abbde287 docs: Update wireshark-filter man page about "!="
Update man page to remove obsolete information about "!=".
2021-10-26 14:53:20 +00:00
João Valverde 59c082c046 Add new global header wireshark.h with guideline
Remove ws_diag_control.h from config.h because that was a workaround
for the lack of a public global header. Fix the resultant build errors.
2021-10-22 06:41:44 +00:00
Chuck Craft a541fcb528 docs/tshark: proper name is lopsided CamelCase (TShark)
This is a first pass that covers the WSDG, WSUG, man page, a code
comment and a README. Plenty left to do in the Debian files, a few
Lua examples and other misc files.
2021-10-21 19:54:20 +00:00