Added KCS and TMode protocol dissectors.
Request/response logic has been revised.
Saved request data logic has been revised.
Added Get Message command response dissector.
Added missing PICMG command dissectors.
Added new PICMG command dissectors.
Added new PPS OEM command entries.
Added VITA 46.11 command dissectors.
From: Bill Meier:
- refs to value_strings/range_strings in hf[] entries, by convention, should use VALS/RVALS macros;
- refs to true_false_strings should use TFS(&...) macro.
also: true_false_string definitions should not be defined as arrays.
- remove some unneeded #includes (packet-ipmi.c).
- Do some re-indentation.
- Add editor-modelines as needed.
bug: 10004
Change-Id: Ib269b35784c0b70892d1e0111bcfb483ea64092c
Reviewed-on: https://code.wireshark.org/review/1185
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a dissector table for the 802.3 "slow protocols" subtype, split the
dissectors for those protocols into separate files, and have them
register in that dissector table.
Remove some unnecessary #includes while we're at it.
Change-Id: Ic36c9c255efdd348055fa4f21fd6cc094f74e378
Reviewed-on: https://code.wireshark.org/review/1891
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I8e20917ac08e2349caf330ee967d24d7c738bb71
Reviewed-on: https://code.wireshark.org/review/1815
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Add a dissector for pcap-ng file-type-specific blocks; it creates a
dissector table using the block type as the key, attempts to call the
appropriate dissector using that table, and does a minimal dissection if
that fails.
Change-Id: I67e139f06ba88d40faa5b4ab169e8df08f5bfe7b
Reviewed-on: https://code.wireshark.org/review/1784
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This doesn't appears to be "autogenerated", and it certainly isn't the biggest dissector even after the merge. This avoid file pollution, makes less non-static variables/functions and makes the check* scripts job easier.
Change-Id: If94857e4a3e602c3d45201b1aebbf466ba3e1dd1
Reviewed-on: https://code.wireshark.org/review/1597
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Described in:
Robertson, W., and Ross, P., Extending the Wireshark Network Protocol Analyser
to Decode Link 16 Tactical Data Link Messages, Defence Science and Technology
Organisation, January 2014. DSTO-TN-1257.
Change-Id: Ie4b1228ef112e56b3ab975d0c9254fa468b90cc2
Reviewed-on: https://code.wireshark.org/review/1551
Reviewed-by: Michael Mann <mmann78@netscape.net>
Instead of forcing developers to generate sminmpec.c (which will have
different results depending on the presence or absence of a working
Internet connection) add sminmpec.c back to the repository. I'll add
it to the weekly update-numbers script so that it will be updated at
the same time as manuf, services, enterprise-numbers, and usb.c.
Change the Autotools, CMake, and Nmake sminmpec.c target name to
"update-sminmpec".
Remove the mtime check from make-sminmpec.pl. Update enterprise-numbers
and sminmpec.c while we're here.
Tested with an in-tree Autotools build and an out-of-tree CMake build.
Change-Id: Iecc332ce2731e3e98ab0205a56c78807e599a026
Reviewed-on: https://code.wireshark.org/review/1516
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This dissector dissects MA USB Packets. It is capable of dissecting
Media Agnostic packets both in a TCP stream as well as packets sent
over SNAP (referred to in spec as "Raw Ethernet" mode).
Change-Id: I3ad4e1beb891f9c2835adff320095e7e738241eb
Signed-off-by: Sean O. Stalley <sean.stalley@intel.com>
Reviewed-on: https://code.wireshark.org/review/1252
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
For packet-scope allocation, there's no need to support realloc(), free()
cause memory will be garbage collected after packet dissection.
(and this allocator is much faster than full block allocator).
Change-Id: I73fdf708c3077f48f55bdcc71f4fa859e4ac2335
Reviewed-on: https://code.wireshark.org/review/1428
Reviewed-by: Anders Broman <a.broman58@gmail.com>
See IEEE Standard 802.3-2012 Section 5, Clause 65 and CableLabs DPoE
Security and Certificate Specification 1.0, Section 6.
Currently dissects 1G mode. 10G mode will be added when hardware is
available.
Change-Id: I6232af9bf6807644ef66a120d97e5fa5927988fe
Reviewed-on: https://code.wireshark.org/review/1284
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
it no longer has any warnings
This reverts commit 30c9f421c0.
Change-Id: I5cc71f905ffa4f00ffb44ad7d03b2684c2e44e38
Reviewed-on: https://code.wireshark.org/review/1316
Reviewed-by: Evan Huus <eapache@gmail.com>
As pointed out by David Ameiss, I only did automake the first time round.
Change-Id: Ie72ab5014d8f21d194d15af430c6c0a8a612f5f7
Reviewed-on: https://code.wireshark.org/review/1309
Reviewed-by: Evan Huus <eapache@gmail.com>
This has two expected uses:
- Many current users of wmem_tree don't actually need the predecessor lookup
it provides (the lookup_le function family). A hash map provides straight
insertion and lookup much more efficiently than a wmem_tree when predecessor
lookup isn't needed.
- Many current users of glib's hash table and hash functions use untrusted data
for keys, making them vulnerable to algorithmic complexity attacks. Care has
been taken to make this implementation secure against such attacks, so it
should be used whenever data is untrusted.
In my benchmarks it is measurably slower than GHashTable, but not excessively
so. Given the additional security it provides this seems like a reasonable
trade-off (and it is still faster than a wmem_tree).
Change-Id: I2d67a0d06029f14c153eaa42d5cfc774aefd9918
Reviewed-on: https://code.wireshark.org/review/1272
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I332bd690be67c908067c12e570f993565de98aed
Reviewed-on: https://code.wireshark.org/review/1159
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ia582732ee27ce9c1e4280afef5a6b3e3be959d23
Reviewed-on: https://code.wireshark.org/review/1127
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If8fcfe1971c8863f370e440f64c36eb7566f6852
Reviewed-on: https://code.wireshark.org/review/113
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I8832c139938e767de71b2cc74ca41208f509e478
Reviewed-on: https://code.wireshark.org/review/959
Reviewed-by: Michael Mann <mmann78@netscape.net>
There is confusion about API usage, and problems on my part concerning whether
keys should be compared signed or unsigned, and how to do that efficiently.
Unsigned keys in particular were behaving oddly.
Change-Id: I075693bbd04c15f79f24f9a24006003a914cc572
Reviewed-on: https://code.wireshark.org/review/924
Reviewed-by: Evan Huus <eapache@gmail.com>
It automatically works for LINKTYPE_PKTAP and, by default, for
LINKTYPE_USER2; if any other dissector is specified for LINKTYPE_USER2,
that dissector overrides PKTAP.
Change-Id: Ic00ac8a81c6101e45d638d337aef42df3920da12
Reviewed-on: https://code.wireshark.org/review/903
Reviewed-by: Evan Huus <eapache@gmail.com>
(Using sed : sed -i '/^\# \$Id\$/,+1 d') (start with dash)
Change-Id: Ia4b5a6c2302f6a531f6a86c1ec3a2f8205c8c2dd
Reviewed-on: https://code.wireshark.org/review/881
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is a tree implementation intended to replace the current red-black tree in
wmem_tree (which was inherited from emem), assuming there are no regressions.
Splay trees bubble recently accessed keys to the top, and as such have a number
of very nice properties: https://en.wikipedia.org/wiki/Splay_tree
This implementation is a variant known as "independent semi-splaying", which has
better practical performance. It should do about as well as the red-black tree
for random insertions and accesses, but somewhat better for patterned accesses
(such as accessing each key in order, or accessing certain keys very
frequently).
There are a few other changes relative to the red-black tree implementation that
are worth mentioning:
- Instead of requiring complex keys to be split into guint32 chunks and doing
this weird trick with sub-trees, I let the keys be arbitrary pointers and
allowed the user to specify an arbitrary comparison function. If the function
is NULL then the pointers are compared directly for the simple integer-key
case.
- Splay trees do not need to store a red-black colour flag for each node. It is
also much easier to do without the parent pointer in each node. And due to
the simpler system for complex keys, I was able to remove the "is_subtree"
boolean. As such, splay nodes are 12 bytes smaller on 32-bit platforms, and
16 bytes smaller on a 64-bit platform.
All done in about half the lines of code.
Change-Id: I89fb57e07d2bb7e3197190c7c2597b0c5adcc03b
Reviewed-on: https://code.wireshark.org/review/758
Reviewed-by: Evan Huus <eapache@gmail.com>
Commit includes dissector code for lg8979 as well as additions to RTAC Serial code to call dissector when required.
See bug report 9874 for further details and sample pcap files
UPDATE1: L&G 8979 commit for addressing comments from Anders and Alexis and added Cmakelists.txt
UPDATE2: address further comments from Alexis re. proto_item_set_text / proto_item_add_text entries. Also add modelines
UPDATE3: fix compilation error noted by Alexis
UPDATE4: address proto_tree_add_* comments from Michael
Change-Id: I6e69d2b7b7e91e6efa12e4a5fb7dbd140c0540ed
Reviewed-on: https://code.wireshark.org/review/610
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I6eee13cda755b1f1d1a61288a6314fcebb681efb
Reviewed-on: https://code.wireshark.org/review/180
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Adds support for BLUETOOTH_LE_LL_WITH_PHDR, dissector integrates with existing
BTLE dissector.
Fixes BTLE dissector to correctly extract packet CRC.
Adds CRC checking to BTLE dissector.
Provides optional context to BTLE dissector that allows RF captures to provide
link-layer hints for dissection details. Significantly, parameters for
determining CRC correctness are provided, as well as Access Address validity
information.
Change-Id: I7d4936b053353a7f9c524021c01f67f5828253fb
Reviewed-on: https://code.wireshark.org/review/310
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ADB Client-Server Protocol is protocol between adbd
(ADB Daemon aka Server) and adb client (aka adb).
Typically you can find it on "lo" interface over TCP protocol.
Change-Id: Iad008560c983f5ede554e1eaa728d703aae95eed
Reviewed-on: https://code.wireshark.org/review/233
Reviewed-by: Evan Huus <eapache@gmail.com>
Rename "SVNPATH" to "GITBRANCH" since that seems more appropriate.
Rename "svnversion.h" to "version.h" as Evan suggested. Update some
URLs. In make-version.pl, make sure we don't set an improper upstream
branch name. Use the number of commits + short hash from `git describe`
for package names by default.
Change-Id: I922bba8d83eabdf49284a119f55b4076bc469b96
Reviewed-on: https://code.wireshark.org/review/139
Reviewed-by: Gerald Combs <gerald@wireshark.org>
There is no public spec, based only on analyze of packet
It is more easy to found the address IP of Intant AP
Change-Id: I3baf205c5e4ad699b954f4a9fbf4b9e65f82cb36
Reviewed-on: https://code.wireshark.org/review/121
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
messages on the Data Display Channel (DDC)
this dissector is available as an option for I2C messages
it handles EDID messages (Extended Display Identification Data)
and passes HDCP messages on to the HDCP dissector
Change-Id: Ia8d8e73c36e2a1ad560b911dd4c1c9f34997b5c2
Reviewed-on: https://code.wireshark.org/review/63
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
New Dissector For Lightweight Mesh protocol
A dissector for ATMEL Lightweight Mesh protocol (lwm).
The protocol is carried on the top of 802.15.4 frame.
From me:
* Add Modelines info
* Fix indent (use 4 spaces)
* Remove trailing whitespace
svn path=/trunk/; revision=54856