Fix
ui/qt/rtp_stream_dialog.cpp:708:26: error: 'type' is deprecated: Use typeId() or metaType(). [-Werror,-Wdeprecated-declarations]
} else if (v.type() == QVariant::String) {
^
and similar errors. Although the warnings recommend typeId() or
metaType(), userType() exists in both Qt 5 and 6 so use it instead.
Fix
ui/qt/tcp_stream_dialog.cpp:1669:31: error: 'globalPos' is deprecated: Use globalPosition() [-Werror,-Wdeprecated-declarations]
ctx_menu_.exec(event->globalPos());
^
and similar warnings.
Release (uncomment) text added in 9b074122
Add popup menu text
Add screen shots and pngcrush per 9ed7568f
Update View menu screenshot to include Packet Diagram
If USE_qt6 is enabled, set CMAKE_PREFIX_PATH to WIRESHARK_QT6_PREFIX_PATH
if it's defined. This lets you more easily switch between Qt 5 and
6 builds. Note that we have experimental support for Qt 6 in the
Developer's Guide.
The Sysdig Bridge plugin loads Falco plugins, so rename it to Falco
Bridge.
Make it optional and dependent on libsinsp+libscap, similar to our codec
plugins.
Remove some unused code.
Add a FindSinsp CMake module, and use it in the Sysdig Bridge plugin
CMakeLists.txt. It still needs work, but should at least be usable on
more machines.
Conflicts:
plugins/epan/sysdig_bridge/CMakeLists.txt
Switch from loading the cloudtrail plugin directly to doing so
indirectly via libsinsp. This should let us start leveraging the rich
functionality offered by libsinsp.
Fix
logshark/plugins/epan/sysdig_bridge/packet-sysdig-bridge.c:86:39: error: this old-style function definition is not preceded by a prototype [-Werror,-Wstrict-prototypes]
register_conversation_filters_mappings()
^
1 error generated.
Prior versions had a dedicated plugin API function for this, but we
removed it from the plugin API, so just use the plugin name.
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
avoid moving plugin states around the address space by mallocing all of the memory at the beginning instead of using realloc every time a plugin is detected. This prevents crashes and other types of bad behavior that were caused by plugins accessing garbage memory.
register_cleanup_routine is called after reading a single capture
file. Since the async extraction is set up per plugin instead of
per-instance, we want register_shutdown_routine().
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
Update to reflect newest API changes (single extract_fields
func). This simplifies dissect_plg_bridge a bit, as the setup/calling
plugin function can mostly be unified based on the field type, with
just looking at the res_str/res_u64 part of the field struct
afterward.
Although not used by wireshark directly, update
plugin_next/plugin_next_batch to note they return structs for events
instead of pointers + lens + timestamps.
Extract functions now use field names, so no need to extract or keep
track of field ids. The a "abbrev" property of header_field_info
contains the field name e.g. ct.xxx.
It recently changed from 320 to 322, probably as a result of a rebase
to master, so reflect that change here.
It won't change once the plugin changes code is merged to master.
This commit introduces a new wireshark plugin which is able to act as proxy to sysdig plugins, loading them into Wireshark and transforming their output into dissectors that Wireshark can use to display the data.
3GPP.User-Equipment-Info AVP should contain the IMEISV (if type is 0).
However some implementations put the IMEI there: decode it but display a
protocol error indication too.
Add support for masking of bits. Before the bitwise operator
could only test bits, it did not support clearing bits.
This allows testing if any combination of bits are set/unset
more naturally with a single test. Previously this was only
possible by combining several bitwise predicates.
Bitwise is implemented as a test node, even though it is not.
Maybe the test node should be renamed to something else.
Fixes#17246.
The DFVM instructions arguments are generic boxed types but instead
of using FVALUE and PCRE types the code passes aroung REGISTER types
instead. Change that to pass constants in the instruction.
João Valverde