from the GTK flavor in two major ways:
- The "Decode As" and "User Specified Decodes" dialog have been unified.
- You can modify the decode as behavior at any time, not just when you
have a packet selected.
Revert part of 53498 so that we can move items marked
/*** THE FOLLOWING SHOULD NOT BE USED BY ANY DISSECTORS!!! ***/
from epan/decode_as.h to ui/decode_as_utils.h.
Move "save" code from decode_as_dlg.c to decode_as_utils.c as well.
In packet-dcerpc.c don't register a table named "ethertype". We might
want to add checks for duplicate table names.
To do:
- Add support for ranges?
- Either add support for DCERPC or make DCERPC use a regular dissector
table.
- Fix string selectors (i.e. BER).
svn path=/trunk/; revision=53910
the code to scan for them uses those routines.
This means epan_init() no longer takes those routines as arguments -
which is just as well, given that the mechanism in question is no longer
part of libwireshark, but is part of libwsutil.
This should fix bug 9508.
svn path=/trunk/; revision=53796
knowledge of particular types of plugins. Instead, let particular types
of plugins register with the common plugin code, giving a name and a
routine to recognize that type of plugin.
In particular applications, only process the relevant plugin types.
Add a Makefile.common to the codecs directory.
svn path=/trunk/; revision=53710
We presumably want "decode as" behavior to be consistent across UIs so
call load_decode_as_entries() from read_prefs().
svn path=/trunk/; revision=53498
The basic idea behind this design is to have dissectors register with a "decode as list" with their name and dissector table. When "Decode As" dialog is launched, any "registered" dissector found in the packet will cause a tab to be created in the dialog. Any GUI (GTK+/Qt/tshark) can just hook into the "decode as list" to see what can be provided.
This patch includes the GUI portion of the functionality (including packet-dcerpc.[ch] because it had some GUI dependencies that are now removed).
Other notes:
1. Some "GUI text" (UTF8_LEFTWARDS_ARROW and similar) made their way into the dissector code. Not sure how necessary it is and if reformatting the strings to avoid the macros is desired (TCP/UDP use it, SCTP doesn't).
2. I converted the SCTP functionality to have 2 tabs (instead of radio button), currently both are labeled "Transport" which could be confusing to users. Naming suggestions welcome (as well as for naming of tabs from other dissectors).
3. BER and DCERPC have more opportunity to use Decode As now that they are selected based on dissector presense, not packet_info values.
4. Catapult DCT2000 populates pinfo->ipproto, yet under new design will not show up to do Decode As. Should a "decode as item" be created for it?
5. BER dissector doesn't have Clear/Show Current functionality working (never did)
6. Bluetooth (in old design) could have been used "capture wide" instead of single packet (creating tabs of values not present in current packet), which goes against what I believe to be in the intent of Decode As, but I'm willing to hear counter-arguments.
svn path=/trunk/; revision=53446
configuration file directory and directory in which to save captures),
have the routine to parse -P options use them, and move that routine to
libui.
Have that routine just return a gboolean.
svn path=/trunk/; revision=53435
In the process, fix various man page descriptions of the -t flag,
and add support for UTC absolute times in the iousers and iostat TShark
taps.
svn path=/trunk/; revision=53114
Currently this is only for GTK, but allows users to test it to see if its worth adding to Qt (my personal opinion is yes).
From Jiří Engelthaler
svn path=/trunk/; revision=52790
This patch augments Wireshark's and tshark's augument usage reports (-? and
-t?) and the Wireshark and tshark man pages to list all available timestamp
options available for the -t option.
svn path=/trunk/; revision=50445
... as per the XXX comment removed from tshark.c this was a mess to keep the linker
happy... I couldn't!
I did this without even understanding whether calling main_window_update was realy
necessary in most cases. I guess nothing or more specific update cbs would be best.
svn path=/trunk/; revision=50188
as the "where to put the packet data" argument.
This lets more of the libwiretap code be common between the read and
seek-read code paths, and also allows for more flexibility in the "fill
in the data" path - we can expand the buffer as needed in both cases.
svn path=/trunk/; revision=49949
code prior to this built on other buildbots *and* on my 10.6 VM, so I
don't know what the GCC on the buildbots is getting wrong....
svn path=/trunk/; revision=49505
it into a separate capture_session structure. capture_opts should
contain only user-specified option information (and stuff directly
derived from it, such as the "capturing from a pipe" flag).
svn path=/trunk/; revision=49493
than the standard error.
In Wireshark on Windows, create a console before doing so and destroy it
before exiting. Don't do that in TShark or dumpcap, as those are
console-mode programs on Windows.
This should fix bug 8609 and still allow "wireshark -D" and "wireshark
-L" to work when the standard output isn't redirected.
svn path=/trunk/; revision=49025
that directory since 2001 and reading from that directory was only left in for
backwards compatibility with versions prior to r4702. I think it's now safe
to remove that backwards compatibility.
This eliminates the last argument of get_persconffile_path().
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8437
svn path=/trunk/; revision=48797
set_titlebar_for_capture_in_progress(); make the call directly, to make
it a bit clearer when it needs to be called (which helps us do the
equivalent in the Qt version).
svn path=/trunk/; revision=48687
ui/gtk/main_titlebar.c, with set_titlebar_for_capture_file() for either
no capture file or an opened capture file and
set_titlebar_for_capture_in_progress() for an in-progress capture.
svn path=/trunk/; revision=48683
it affects more than just the file name, it also affects whatever "you
have unsaved changes" indicator the UI provides.
Put a comment in the Qt code as a reminder of how to set the "you have
unsaved changes" indicator.
svn path=/trunk/; revision=48680
filter *after* initially reading the file so that we get the expected multi-
pass behaviour and forward-looking filters (like response_in) work properly.
svn path=/trunk/; revision=48615
Use the PNG versions of the new application icons.
Remove the XPM versions of the Wireshark application and capture icons.
To paraphrase Zoidberg, XPMs are bad and we should feel bad. Remove
xpm_to_widget_from_parent (which we weren't using and likely won't use
in the future).
Replace wiki_24.xpm (which was a GNOME or GTK+ stock icon IIRC) with the
16x16 and 24x24 versions emblem-web.png from GNOME icon theme 2.30.3.
This version was used specifically because it's GPLv2 and later versions
are GPLv3.
Update image/README.
svn path=/trunk/; revision=48565
remove C++ incompatibilities
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8416 attachment #10404
Note: The following parts of the patch had been previously done:
asn1/snmp/packet-snmp-template.c
epan/dissectors/packet-snmp.c
epan/dissectors/packet-x11.c
Also; hostlist_table.c: code under '#ifdef HAVE_GEOIP'
didn't compile and needed a few additional patches.
svn path=/trunk/; revision=48447
