Attached patch:
1. Adds port 5985 as a HTTP traffic port (used by MS Powershell remoting over
HTTP)
2. Adds dissection of Kerberos authentication to HTTP.
svn path=/trunk/; revision=34641
The company I work for uses two proprietary protocols, for which I initially
developed wireshark plugins. Now we would like to integrate them into the
public wireshark repository.
I followed the READMEs and converted the plugins into a static dissectors. I
cleaned up the code until checkAPI.pl was silent, translated all terms to
english and ran randpkt and fuzz-testing for a long time. All that I found was
a bug in a different dissector.
From me:
- Fold the header files into the dissectors
- Clean up some memory leaks
- Strengthen the heuristics of adwin-config (the TCP heuristics are still pretty
weak)
- Make packet-adwin.c a "new style" dissector
- Use find_or_create_conversation()
- Remove most of the check_col()'s
svn path=/trunk/; revision=34640
BACnet has a private transfer service which is vendor specific. The start of
each request and response contains the vendor identifier. I've added a way for
vendors to provide their own dissectors by registering their vendor identifier.
The packet-bacapp.c method fConfirmedPrivateTransfer has been modified to look
for a vendor specified dissector. If found it will be run. If not found we
default to running the standard dissection included in packet-bacapp.c.
I modified the summary column display for private transfer messages so that the
summary now displays the Vendor Identifier (V=xx) and the Service Number (SN=xx).
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5250
From me: Rename sub-dissector tablle to "bacapp.vendor_identifier"
Change subdissector ui_name to "BACapp Vendor Identifier"
svn path=/trunk/; revision=34625
Find a patch who clean up PPP dissector
* Remove check_col (from my previous patch #5325)
* Remove the #define ppp_min (unused)
* Remove some unused ett_*
* Cleanup NO ARRAY entry (it is a false positive of checkhf tool, it is need {
(in the same line) before a hf_... in hf_register_info struct
* Cleanup Unused entry in VSNP Dissector ( it's really strange, there is no
check when the code was added #4434 ;) )
* minor bug fix...
From me: put one of the check_col()'s (that also protects a val_to_str() call)
back in.
Note: the checkhf tool bug was fixed in rev 34623.
svn path=/trunk/; revision=34624
The current PRP dissector in packet-prp.c does not correctly identify VLAN
tags. It uses the hard coded value 0x8000 to check the ethertype.
The attached patch (against current SVN trunk) changes this to use the
ETHERTYPE_VLAN define from epan/etypes.h and also fixes two misspellings in the
respective comments.
svn path=/trunk/; revision=34622
Update to use add the time as a filterable field and other cosmetic changes.
From me: exp2() seems to be C99 so #if the use of it out.
svn path=/trunk/; revision=34611
- Reindent source; cleanup whitespace;
- Remove many unneeded 'if(tree)' & similar (Tnx to Jeff Morriss for the suggestion);
- remove unneeded initializers;
- Reformat some long lines;
- Fix up some comments showing message layout;
- Localize two static global variables.
svn path=/trunk/; revision=34610
Add dissector for Tektronix Teklink Protocol, used by their Logic Analyzers.
May be useful for reverse engineering their Protocol.
svn path=/trunk/; revision=34609
RFC 4447 describes new TLV called Generalised PWid FEC in LDP messages with the
id 0x81. This is related to PsuedoWire setup and maintenance.
Related to this, following are the TLVs which are defined in RFC 4447 and RFC 4446.
1. PW Status TLV
2. PW Interface parameters
3. PW Group TLV
From me: remove some unused variables; Mark fcn arg as unused.
svn path=/trunk/; revision=34606
CableLabs has added additional TLV's to DHCP Option 60 Modem capabilities
reporting for their Docsis 2.0 devices. Additionally, in Docsis 3.0, they have
moved the capabilities portion of Option 60 (sub-option 5) to now reside in the
vendor specific Option 125 using their Enterprise number (4491).
svn path=/trunk/; revision=34605
It is a rework of PAP PPP dissector
- Replace proto_tree_add_text by proto_tree_add_item
- add col_append_fstr to show information (Peer-ID, Password...)
svn path=/trunk/; revision=34604
Add dissector for PAPI (Aruba AP Control Protocol), used by Aruba WLAN
Controller).
There is no documentation on this protocol, the dissector is based on my
analysis ...
There is also an experimental "debug dissector" (not enable by default) for
dissecting the rest of data.
Changes by me:
- make it a new-style dissector
- change the name of the "debug" preference
- other minor changes
svn path=/trunk/; revision=34587
The attached patch begins to add support for RPL to the ICMPv6 file. All
locations that RPL code have been added are marked with a comment allowing this
patch to be reverted at a future time if it is decided to e.g. move all the RPL
code to it's own dissector.
A few values await IANA assignment and are also clearly marked (in
packet-ipv6.h).
Only the 'metric' option is left unsupported, as it is primarily defined in
another I-D.
svn path=/trunk/; revision=34579