This is a dissector for the BRP (Bandwidth Reservation Protocol). This protocol
is used by various telecommunications vendors to establish VoD (Video
On-Demand) sessions between a STB (Set Top Box) at the customer's home and the
VoD server at the video head-end.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6428
- Changed hf blurbs to NULL
- Used dissector_add_handle() as the proposed port is registered to a different protocol.
svn path=/trunk/; revision=39254
New dissectors: (UA) Universal Alcatel Protocol and transport UAUDP
From me :
* Prefer proto_tree_add_item (when is possible)
* Use 4-space indenting
* Add Modeline information
* Fix Clang Warning
svn path=/trunk/; revision=39167
Add dissector for XMCP protocol.
From me:
- Fixed an obvious bug setting transaction_id_key[2].key = NULL,
where transaction_id_key is defined with only 2 elements.
- Only register heur_dissector once.
- Only find media_type_dissector_table once.
- Added packet-xmcp.c to CMakeLists.txt
svn path=/trunk/; revision=39131
A work in progress.
Can be used with the SSL dissector to decrypt Enhanced RDP Security SSL.
With Standard RDP Security (e.g those on Wiki), the PDUs are all encrypted
after the SecurityExchange PDU.
Wiki to be updated with an example SSL protected capture and associated
key material.
svn path=/trunk/; revision=39066
Vuze, called Azureus before, is a great BT client and has a lot of users,
while its DHT implementation is different from the official one.
From me: New-style dissectors are supposed to to always return
"bytes dissected" (not just when tree != NULL);
svn path=/trunk/; revision=37755
Attached is a dissector for CN/IP protocol described in EIA-852. It is mainly
used to encapsulate and send Lontalk (EIA-709.1) or EIA-600 frames over UDP (or
TCP).
This dissector can only decode the common header and data frames can be decoded
by further dissectors.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5907
svn path=/trunk/; revision=37596
The two patches attached allow the dissection of the Homeplug AV Ethernet MAC
management frames between a controlling device and a Homeplug AV Ethernet to
PLC adapter. This protocol is pretty similar to the previous generation
Homeplug protocol (dissected by packet-homeplug.c) but a couple of noticeable
differences make it require its own dissector handler.
This dissector is based on the work done by Nicolas Thill, Xavier Carcelle and
myself in the Faifa project (https://dev.open-plc.org).
The dissector handles the standard Homeplug AV Ethernet MAC management frames
(called public) as well as the Intellon specific management frames (vendor).
From me:
Remove unnecessary global variables.
Add to COL_INFO even when !tree.
Remove gotos.
Remove unnecessary includes.
svn path=/trunk/; revision=37403
The Locator/ID Separation Protocol [1] is being standardized within the IETF,
and it is nearing RFC status (pending security review). I have been maintaining
a dissector patch for about a year, see [2]. Feedback received indicates that,
among others, it is widely used by the developers of a large router vendor,
without issues.
In January I submitted the dissector for data plane packets as bug #5602, which
was committed as r35615. The patch attached to this bug adds support for
dissection of control plane packets.
[1] http://tools.ietf.org/html/draft-ietf-lisp
[2] http://lisp.ccaba.upc.edu/wireshark/
svn path=/trunk/; revision=36845
A new dissector for uTorrent Transport Protocol
From me :
* Add link to spec BEP-0029
* Add note about type/version
* Rework extensions loop
* Use 2-space indenting
svn path=/trunk/; revision=36715
Adds BMC protocol, including adding support for MAC and RLC CTCH channels to carry it.
From me:
Removed hf blurbs = def and removed check_col added tp CMakeList.
svn path=/trunk/; revision=36662
A patch to add ATM over TCP Dissector.
The dissector dissect only the ATMTCP header (VCI, VPI, Payload Length)
The data are not yet dissect, it is necessary to add a "UAT" (As with the K12
dissector) to indicate the type (ILMI, AAL, ATM...) of data (based on VCI/VPI)
svn path=/trunk/; revision=36354
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5654
From me:
- Entry for DVBCI added to wtap.c encap_table_base[];
- Some code simplification with respect to the use of col_...() for COL_INFO;
- Certain tests for "enough bytes available" not really needed;
- (Other minor tweaks);
- #include<stdio.h> not req'd;
- Minor reformatting and whitespace cleanup;
svn path=/trunk/; revision=36149
Patch to add a new dissector for Realm Specific IP (RSIP) as defined by
RFC 3102, RFC 3103, and RFC 3104.
This is a very basic dissector. It could be extended to do addtional RSIP
protocol violation testing. The dissector is written such that it should be
easy to add later.
svn path=/trunk/; revision=35653
The patch I am attaching here is for dissecting LISP data packets.
From me:
Minor cleanups.
Showing the reserved field.
Adding to all makefiles and release notes.
svn path=/trunk/; revision=35615
FCoIB – Fibre Channel over InfiniBand. The protocol enables transmission of
Fibre Channel frames over InfiniBand networks. It is based on encapsulation of
Fibre Channel frames over InfiniBand UD transport. The discovery protocol is
based on the FIP protocol (not supported by this patch).
This patch adds an FCoIB dissector to Wireshark. It is based in large part on
the existing FCoE dissection code.
This code is submitted on behalf of Mellanox Technologies Ltd.
svn path=/trunk/; revision=35475
This is a dissector for reload framed message:
ReLOAD packets can be inserted in frame message, as described in
draft-ietf-p2psip-base-10
From me: remove some unnecessary includes.
svn path=/trunk/; revision=35005
This patch adds to Wireshark the ability to dissect Infiniband SDP (Socket
Direct Protocol) and CM MADs traffic.
It also contains various other bug-fixes and enhancements. SDP traffic can be
identified automatically (analyzing SDP CM MADs) or manually.
SDP, or Sockets Direct Protocol, is a protocol developed by the Infiniband
Trade Association which enables existing socket-based applications to
transparently utilize the Infiniband capabilities.
This patch is submitted on behalf of Mellanox Technologies Ltd.
svn path=/trunk/; revision=34918
The company I work for uses two proprietary protocols, for which I initially
developed wireshark plugins. Now we would like to integrate them into the
public wireshark repository.
I followed the READMEs and converted the plugins into a static dissectors. I
cleaned up the code until checkAPI.pl was silent, translated all terms to
english and ran randpkt and fuzz-testing for a long time. All that I found was
a bug in a different dissector.
From me:
- Fold the header files into the dissectors
- Clean up some memory leaks
- Strengthen the heuristics of adwin-config (the TCP heuristics are still pretty
weak)
- Make packet-adwin.c a "new style" dissector
- Use find_or_create_conversation()
- Remove most of the check_col()'s
svn path=/trunk/; revision=34640
Add dissector for Tektronix Teklink Protocol, used by their Logic Analyzers.
May be useful for reverse engineering their Protocol.
svn path=/trunk/; revision=34609
Add dissector for PAPI (Aruba AP Control Protocol), used by Aruba WLAN
Controller).
There is no documentation on this protocol, the dissector is based on my
analysis ...
There is also an experimental "debug dissector" (not enable by default) for
dissecting the rest of data.
Changes by me:
- make it a new-style dissector
- change the name of the "debug" preference
- other minor changes
svn path=/trunk/; revision=34587
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5095
From me: Fix a bug in add_symbol which caused occasional Wireshark crashes;
Add additional checking during parse of symbol hash file;
Improve "directory not found" error message;
Do misc code cleanup and simplification.
svn path=/trunk/; revision=34558
- Add packet-reload.c
- Make most packages not-required (not tested)
- Does *not* (yet) add an optional/whatever case to enable_
svn path=/trunk/; revision=34307
I try to configure Wireshark with cmake on macosx 10.6.
It fails with : set_target_properties called with incorrect number of arguments.
Attached a patch to fix this issue.
svn path=/trunk/; revision=34201
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5067
From me: - Fix one bug;
- Add a comment about some code which doesn't display info
in COL_INFO as intended due to what seems to be a Wireshark bug in
tcp_dissect_pdus() when there are multiple records in a
TCP frame.
svn path=/trunk/; revision=33824
dissectors/Makefile.common:
The following dissectors were missing from CM:
dissectors/packet-dcerpc-budb.c
dissectors/packet-dcerpc-butc.c
dissectors/packet-dcerpc-drsuapi.c
dissectors/packet-gsmtap.c
Both: Whitespace fixes and reordering.
svn path=/trunk/; revision=33462
From me: A few minor changes:
- col-clear() not req'd;
- Use 'gint32 length' rather than 'guint8 length';
- Use ENC_NA instead of FALSE/TRUE in two cases;
- Move global tdmoe_handle to be local to proto_reg_handoff...
svn path=/trunk/; revision=33307
Add support for Gigamon headers (timestamp, source port, length, etc)
that are inserted by Gigamon network equipments.
From me:
Various cleanup:
- Register to "eth.trailer" heuristics for trailer.
- Use standard dumping of timestamp.
- Rewrote gmhdr_plfm_str handling.
- Dump srcport details in a subtree.
- Removed packte-gmhdr.h.
- Ensure the while-loop will end.
svn path=/trunk/; revision=33256
Add a new dissector for the NexusWare C7 MTP over UDP/TCP protocol. One of
NexusWare's example applications provide a way to forward MTP Level 3 messages
via UDP/TCP. This is a dissector for this protocol (which is lacking an IANA
assigned port).
svn path=/trunk/; revision=33082
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4788
- Compile the python code directly into epan - don't link it in as
a static lib.
- Call make-init-lua.pl with the top level directory instead of the
current directory. Change make-init-lua.pl accordingly.
svn path=/trunk/; revision=33009
Add support for the IBM TN5250 data stream protocol.
http://wiki.wireshark.org/TN5250
From me:
Move most of the contents of the header file to the .c file.
Replace blurbs that match the hf name with NULL.
Replace empty-string blurbs with NULL.
Fix some abbreviations (hf_tn5220_xxx -> tn5220.xxx).
Make some functions static.
Cast some offset increments to unsigned to make sure we don't go backwards
(which could create a loop). This includes making most of the subdissection
functions return an unsigned number.
Use find_or_create_conversation().
svn path=/trunk/; revision=32838
This is mostly to recognize the packets and a start to reverse engineer
the currently undocumented protocol. It's very far from complete/correct!
svn path=/trunk/; revision=32542
removed the old implementation from Makefile.common.
This caused a duplicate registration and subsequent assertion
failure for cmake users. Fix this.
svn path=/trunk/; revision=32488
see: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4590
From me: A few minor changes:
- Make ancp_info a local variable rather than a static global variable;
- Use Stats ! ANCP rather than Stats ! ANCP ! Packet Types.
svn path=/trunk/; revision=32353
See: http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4584
From me:
- Change dissect_sasp_pdu() to return void: tcp_dissect_pdus() ignores
any return value when it calls a dissector and thus trying to register/use
the dissector as a 'new-style' dissector doesn't work as intended;.
- Add some 'expert' messages for invalid SASP Header Type and unknown Message Type.
- Use consistent indentation & cleanup whitespace;
- (A few other minor changes).
svn path=/trunk/; revision=32266
- Add checking for linker flags
- Install plugins with the name including the Wireshark version.
This will make it easier to find matching plugin versions if
files get just copied over.
svn path=/trunk/; revision=32231
I have written a crude dissector of GigE-vision Control Protocol packets.
The dissector was written as part of the opengigevision project:
http://gitorious.org/opengigevision
svn path=/trunk/; revision=32198
- Remove not needed #includes: stdio, stdlib, string & prefs;
- Fix a few typos in text strings;
- use 'tvb_reported_length() > 0' rather than '... != 0' in several cases;
(tvb_reported_length can return -1);
- if (!initialized) {...} not required in proto_reg_handoff..;
- col_clear(...) before col_add_fstr(...) not req'd;
- Add a comment about whether tvb_length() rather than tvb_reported_length
should be used in one case.
svn path=/trunk/; revision=31734
Aruba Wireless Controller support a Remote Monitoring of Access Point
The code is based en HP ERM/Cisco ERSPAN dissectors
svn path=/trunk/; revision=31645
Added support for Solaris IPNET layer
From me:
Some code cleanup in packet-ipnet.c
Added packet-ipnet.c to CMakeFiles.txt
Added WTAP_ENCAP_IPNET to encap_table_base[]
svn path=/trunk/; revision=31159
This patch adds protocol dissection support for the Assa Abloy R3 protocol.
R3 is an electronic lock management protocol for configuring operational
parameters, adding/removing/altering users, dumping log files, etc.
svn path=/trunk/; revision=31105
This is a patch for a new dissector that decodes Nokia Siemens Networks'
proprietary Flow Layer Internal Protocol (Ethertype 0x8901).
svn path=/trunk/; revision=31069
That's what the packages are for, so instead of creating
WSWIN32, the stuff should probably go into the GLIB2
package.
- libwireshark now compiles - no time to add linking with
it until tonight
svn path=/trunk/; revision=29756
It's only beginnings, so epan is commented out in
the subdirs statement.
This is more a synch to avoid duplicate work and creating
conflicting patches to the cmake stuff.
svn path=/trunk/; revision=29666