Support WS_BIN_PATH and SOURCE_DIR (modelled after test/config.sh) to
support out-of-tree builds (including cmake). Add Python 3 support and
mention this in the documentation.
Tested with Python 2.7.9, 3.2.6, 3.4.3:
WS_BIN_PATH=/tmp/wsbuild/run SOURCE_DIR=/tmp/wireshark \
tools/dfilter-test.py testBytesIPv6
(2.7.9 and 3.4.3 were also tested fully, but some cases seem to fail
even before this patch. 2.5.6 and 2.6.6 do not work because the unittest
module is outdated.)
Change-Id: I13074579f6f74206edb5cd7be8e7a8406de49c56
Reviewed-on: https://code.wireshark.org/review/7793
Reviewed-by: Anders Broman <a.broman58@gmail.com>
works as proto_tree_add_item(), but also returns the value of (u)ints
of 8,16,24 and 32 bits length in a 32 bit variable. It's based on Hadriels
previous work.
Change-Id: If3b4b8588b63251f1ee9b954a202acde7c02ce86
Reviewed-on: https://code.wireshark.org/review/7230
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Most of our sites are now HTTPS-only. Update URLs accordingly. Update
other URLs while we're at it. Remove or comment out dead links.
Change-Id: I7c4f323e6585d22760bb90bf28fc0faa6b893a33
Reviewed-on: https://code.wireshark.org/review/7621
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Originally suggested by Bill Meier for the MQTT protocol[1], but the
Websocket protocol can also benefit from this. Since
DESEGMENT_ONE_MORE_SEGMENT is a valid packet length, use the zero length
instead as an indicator that the length is not yet known.
Updated documentation too and remove the function documentation from
packet-tcp.c since it is duplicated in packet-tcp.h.
A noteworthy WSDG change is that the get_pdu_len parameter of
tcp_dissect_pdus gained another void pointer since
v1.99.2rc0-890-gceb8d95 ("Lua: Expose tcp_dissect_pdus() to Lua").
[1]: https://www.wireshark.org/lists/wireshark-dev/201405/msg00044.html
Change-Id: I4eba380e00cd757635eb5639c2857356dae3171e
Reviewed-on: https://code.wireshark.org/review/7279
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I22780721dcc32caee0eae782142e7dad31e0ed07
Reviewed-on: https://code.wireshark.org/review/7313
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I57354c309ecf3a0c8f0c7cff485638027f30bb19
Reviewed-on: https://code.wireshark.org/review/5813
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a CF_FUNC macro to match VALS, TFS, etc. This should help us to avoid
the following warning:
warning: ISO C forbids initialization between function pointer and 'void *' [-Wpedantic]
We could start adding DIAG_OFF+DIAG_ON everywhere but this seems to be
more consistent with the other macros in proto.h. Update each instance
of BASE_CUSTOM to use CF_FUNC.
Adjust a dummy variable name generated by asn2wrs.py that was triggering
an invalid error in checkhf.pl.
Fix an encoding arguement in packet-elasticsearch.c found by
fix-encoding-args.pl.
Change-Id: Id0e75076c2d71736639d486f47b87bab84e07d22
Reviewed-on: https://code.wireshark.org/review/7150
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Move some text from README.qt to the Developer's Guide. Add an overview.
Change-Id: Ia20ed837939e34871b157566c38cd0c6e590bc38
Reviewed-on: https://code.wireshark.org/review/7087
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change name from proto_tree_add_new_bytes to
proto_tree_add_bytes_with_length and other tweaks
pointed by Peter Wu.
Change-Id: I6058c28a74a154e2882e4eb04558bedcede6f508
Reviewed-on: https://code.wireshark.org/review/7039
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Remove emem's 8-byte-memory-alignment configure check as well as references
to all the environment variables emem used.
Change-Id: I897aec9e9c68e064454561e7a9f066b18892ec66
Reviewed-on: https://code.wireshark.org/review/6950
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Iddd1200e62bf3200cb1a68408378dd9d47120b77
Reviewed-on: https://code.wireshark.org/review/6939
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
frame_data has long been gone. struct _packet_info is the same as
packet_info, just use that for brevity.
Change-Id: Ieb02bf6b642d728a7f80087f5cd750b9691e34e9
Reviewed-on: https://code.wireshark.org/review/6865
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add address_to_qstring and address_to_display_qstring, which wrap
address_to_string and address_to_display respectively and return
QStrings. Convert most of the instances in ui/qt to the new routines.
Fix a some memory leaks in the process.
Change-Id: Icda80bbfe0b2df723d54c8da84355255f819af89
Reviewed-on: https://code.wireshark.org/review/6848
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
Change-Id: I256fd5395b062fa954ebd60598721323ea1d7ff1
Bug: 10875
Reviewed-on: https://code.wireshark.org/review/6713
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Lua-created tvbuffs should be kept around for the duration of pinfo's
lifetime, instead of only for the duration of frame dissection. So
instead of using the frame dissector's frame_end_routine, we'll register
a callback to wmem for pinfo pool's allocator.
Bug: 10888
Change-Id: I3e9db671c3f2a7cab9e258aca17f3be8acaf2417
Reviewed-on: https://code.wireshark.org/review/6768
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
I.e., you don't need a trailing blank, at least not with the current
version (and there shouldn't be a requirement for such an extra trailing
blank).
Change-Id: Ia2b732c74fc6020acc01a2c0c52ed3567d36d762
Reviewed-on: https://code.wireshark.org/review/6575
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There's no requirement for "display" field values to have names
beginning with BASE_; use SEP_, to indicate that they're separators.
(And, yes, we should introduce SEP_NONE, with a value of 0, and use it.)
While we're at it, fix BASE_SEMICOLON - the separator is a colon, not a
semicolon - and document SEP_SPACE in doc/README.dissector.
Change-Id: I856aafda2c60b8320dffe287f0deb06a9604a2bf
Reviewed-on: https://code.wireshark.org/review/6486
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I4a803d83844d937804849b2ad3b067381c9b96d0
Reviewed-on: https://code.wireshark.org/review/6448
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There isn't a legitimate use for the API, all cases can be covered with proto_tree_add_item. As a bonus, a few more tvb_get_ptr calls can be removed.
Change-Id: I3bb86ba8f05ef3363407bcfe9b059ee27ebc135d
Reviewed-on: https://code.wireshark.org/review/6429
Reviewed-by: Michael Mann <mmann78@netscape.net>
This affects both the dissector (that has been added with a tap interface and a stats generator) and the UI (to recall the stats menu).
Change-Id: I90658f7aa6707aa39bdd787a51b20fed4dbddc53
Reviewed-on: https://code.wireshark.org/review/6236
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
These "bases" will put a ".", "-", or ":" respectively between hexidecimal bytes in the field in packet view and display filter. FT_BYTES with BASE_NONE will have no separator in the packet view, but continue to have the ':' as a separator in the display filter.
Converted the "string" hf_ entries that used tvb_fc_to_str as a string to use proto_tree_add_item with FT_BYTES/BASE_DOT type.
Converted applicable tvb_bytes_to_ep_str_punct() calls to use the new BASE values.
Change-Id: I2442185bb314d04a3ff2ba57883652ecd738b5f9
Reviewed-on: https://code.wireshark.org/review/6098
Reviewed-by: Michael Mann <mmann78@netscape.net>
"stat name" has been official changed to "endpoints" for all dissectors, rather than a mixture of "host"/"endpoints" based on dissector.
Change-Id: If34bcb5165b493948e784ba038ab202803a59843
Reviewed-on: https://code.wireshark.org/review/6154
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
-z "follow,udp" tshark cli command now supports a stream index
It is now possible to select the UDP stream displayed in Qt GUI (like for TCP)
Change-Id: Ia367f36ea4f60db0fddb997a7e0903c09e172f2d
Reviewed-on: https://code.wireshark.org/review/6083
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Also, convert the "string" hf_ entries that used tvb_fcwwn_to_str as a string to use proto_tree_add_item with FT_FCWWN type.
Change-Id: I4ca77870499fd8239584a70874998b5d194a7167
Reviewed-on: https://code.wireshark.org/review/6036
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- packet.h should be first Wireshark #include
after config.h and "system" includes.
- '#include <glib.h>' not needed.
Change-Id: Ibec076818f3f509aabb4d240e939ef719f3798d6
Reviewed-on: https://code.wireshark.org/review/5939
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Go back to a single view similar to the GTK+ UI. Apply layouts using Qt
Designer.
Rename the menu item and class to "Capture File Properties". It's not
really a summary if it contains details such as "marked average bits
per second". We might want to move this to a "Properties" item under
the "File" menu similar to other applications.
Add the GTK+ summary icon (for now) to the toolbar and open the
properties dialog on clicking.
Singleton dialogs delenda est[1]. Let the user open as many summaries on
as many capture files as he or she wishes. Also, global cfile delenda
est[2].
Don't blindly include QtGui. Add specific components instead.
Use consistent method names, variable names, and patterns. Try to
document what "consistent" means.
Adjust the way we display some statistics to match the summary bar, e.g.
displayed = captured if we don't have a filter applied.
[1] Not really.
[2] Yes, really.
Change-Id: I11793b1d79dd0c3f70414ac8592b86181da59916
Reviewed-on: https://code.wireshark.org/review/5274
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Specifically: show the use of tcp_dissect_pdus()
for a TCP heuristic dissector
Change-Id: I02f184b2c8ef6ed128ef3d0bc59eed759aae54bb
Reviewed-on: https://code.wireshark.org/review/5399
Reviewed-by: Bill Meier <wmeier@newsguy.com>
That list doesn't show the entries in the dissector tables, just
information about the tables themselves.
Clean up some tshark man page issues while we're at it.
Change-Id: I70beee34110f5c0d58105944dd71105a8400f5ca
Reviewed-on: https://code.wireshark.org/review/5360
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- get language as soon as possible (before creating any Qt objects) to make all
translations working
- dynamic list of supported languages
- runtime change of GUI language (no need to restart application)
- add flags icons support
- search for *.qm languages in buildin resources, then
data dir called "languages" (main directory in sources or
/usr/share/wireshark/languages), then user directory
(UNIX: ~/.wireshark/languages); "languages" directory should contains
files wireshark_xx.qm where xx is language code (en, en_GB, etc.),
and optional xx.svg for flag icon
- try to fix some untranslated manually-created UI items
(need manual reset text of those components)
Change-Id: I62ca8a8cddce47cec9dbcad6b0bd68b6cfd92229
Reviewed-on: https://code.wireshark.org/review/5041
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
- If boolflags are being used, an extra space is added
to the call of the extcap filter. This leads to the
argumentparser of python to exit with an error-code,
and the extcap filter will not start. This patch instead
catches the unknown arguments and prints them on stdout,
as well as running the dissection with the rest of the
arguments list.
Basically this is a work-around, for a behaviour not
yet fixed in extcap, but it stabilizes the usage of the demo
Change-Id: I7589292692b0b3c839909fd09d62a4714cbe869e
Reviewed-on: https://code.wireshark.org/review/4638
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
There are protocols out there that have 64-bit wide bit mask fields, so
make the internal representation and bitfield decoders 64-bit aware.
For this, the ws_ctz() fallback and bits_count_ones() have to be tweaked
slightly.
Change-Id: I19237b954a69c9e6c55864f281993c1e8731a233
Reviewed-on: https://code.wireshark.org/review/4158
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There is regular expression that extracts only the number from
--extcap-interface argument and only that number (as string) is being
passed to extcap_dlts().
Change-Id: I5159f9405a766c1edff792213b2aef72b9a29ba4
Reviewed-on: https://code.wireshark.org/review/4550
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Description:
Ignore the specified bytes number at the beginning of the frame during MD5 hash calculation.
Useful to remove duplicated packets taken on several routers or SW(differents mac addresses for example).
e.g. -I 26 in case of Ether/IP/ will ignore ether(14) and IP header(20 - 4(src ip) - 4(dst ip)).
The default value is 0.
This option is only relevant when used with -d|-D|-w
Bug: 8511
Change-Id: I009a09d32778a182b2d88f372651f658a4938882
Reviewed-on: https://code.wireshark.org/review/4104
Tested-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
documents referring to the split out sections.
Remove trailing whitespace while at this.
Change-Id: I36cfe0ac55e8f653bffbf850e01f582aacf85557
Reviewed-on: https://code.wireshark.org/review/4094
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Make sure the Qt UI is named "Wireshark" and its executable is named
"wireshark" or "wireshark.exe". Make sure the GTK+ UI is named
"Wireshark 1" or "Wireshark (GTK+)" depending on how much the target
audience is likely to care about UI toolkits. Make sure the GTK+
executable is named "wireshark-gtk" or "wireshark-gtk.exe".
It looks like moving to Qt 5.3 (g978faf3) broke the PortableApps
package. It's likely even more broken now.
Autotools out-of-tree builds also broke on Ubuntu 12.02 (automake
1.11.3) at some point. The first attempt to compile in ui/qt returns
"error: source_file.cpp: No such file or directory". The second attempt
works. Out-of-tree builds work fine on Ubuntu 14.04 (automake 1.14.1).
Tested:
- Nmake builds
- NSIS packaging
- CMake builds (Windows, OS X)
- Autotools build and distcheck
- RPM packaging
To do:
- Test Debian packaging
- Fix PortableApps
Change-Id: I66429870e05fd2d6fc901942477959ed6164fce2
Reviewed-on: https://code.wireshark.org/review/3919
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Herwin Weststrate