During validation it was discovered that the incorrect bit was displayed,
verified against the ZigBee test tool that bit 0 is used for validity
Change-Id: Iaaa2f8021b2aa269f660626fdd252cade732b60f
Reviewed-on: https://code.wireshark.org/review/23124
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I493771df32b83691fa587b9a725c15df6057fb52
Ping-Bug: 13977
Reviewed-on: https://code.wireshark.org/review/23104
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I7f0950d82c50c8f019d844d726ffe7a0015618c5
Reviewed-on: https://code.wireshark.org/review/23117
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also display PSMP ID in decimal
Ping-Bug: 13977
Change-Id: If6b87ab87339038d763dcc1c97353aaf9d69a02c
Reviewed-on: https://code.wireshark.org/review/23103
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
TRANSUM fails to calculate RTE figures for DCE-RPC where request Packet
Type is zero
Bug: 13988
Change-Id: I1dd7aee0283042703530a6d72fff063279e6147e
Reviewed-on: https://code.wireshark.org/review/23115
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie98f0c70190206b4682bf1b1b13add51c52303db
Reviewed-on: https://code.wireshark.org/review/23009
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The ZCL Default Response command can be sent in response to any profile-wide or
cluster specific command. The Default Response command is itself a profile-wide
command so the Default Response frame control is of no help in deciding whether
the original request is profile-wide or cluster-specific. The simplest solution
is to not attempt interpretation. A more sophisticated solution would be to cache
all ZCL frame counters and match Default Responses based on sequence number, but
this is problematic because sequence numbers repeat. At least for now we can
always display the information correctly.
Change-Id: I827e2d2f9d6e5f7c9dfa572d2ee2ac3c9f170d70
Reviewed-on: https://code.wireshark.org/review/22688
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Some Android devices support 802.11 monitor mode and nlmon
interfaces. Add linktype defines to be able to capture frames
from such interfaces.
Change-Id: I8b8b444ac2821542fc946694b71c8d9fb7ba1238
Reviewed-on: https://code.wireshark.org/review/23080
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Switch the Command Prompt instructions back to using the
platform-specific variants. Switch back to setting WIRESHARK_BASE_DIR.
Change-Id: Ie9f865e5fac1312f2eb3762e439d53ab9a038bd4
Reviewed-on: https://code.wireshark.org/review/23112
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"The release mode (CMAKE_BUILD_TYPE=release) defines NDEBUG" isn't
Linux-specific; it's true in the Unix Makefile generator, and possibly
in other generators. (The Visual Studio generator, at least for newer
versions of VS, lets you specify at *build* time what type of build to
do, so the generated build files don't unconditionally define, or not
define, NDEBUG, they do so based on the build type.)
The RPATH stuff is done on Unix-like systems *except* for macOS.
Change-Id: Ieffbaaa9a8e11a1a30b34036a2412c6735baa0c8
Reviewed-on: https://code.wireshark.org/review/23114
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Field is only 1 not 2 bytes long.
Bug: 13987
Change-Id: If22e19e917bd41907248a497b30883e89fc9ff4b
Reviewed-on: https://code.wireshark.org/review/23109
Reviewed-by: Michael Mann <mmann78@netscape.net>
It is a list of Neighbor report (for request and response)
Missing dissection of Neighbor Sublelement 0x03 (BSS Transition Candidate Preference)
Issue reported by Mark Williams
Bug: 13985
Change-Id: Ic3871866ba4779ee69e91d6d57b46926466b340c
Reviewed-on: https://code.wireshark.org/review/23107
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Recent changes had the bt snoop capturing function stop working for
Android API versions >= 21. One of the command strings used for
detecting btsnoop server socket interface got messed up when
refactoring code. Fix by using the correct command strings again.
Fixes: faf100ec ("androiddump: Introduce adb_connect_transport helper function")
Change-Id: Id645d24cfb0cb23f36484cfd6416768c89bce51b
Reviewed-on: https://code.wireshark.org/review/23106
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Instead of trying to ship README.md, convert its line endings and make
sure the result is named README.txt.
Change-Id: I4e081587c73342b01633b3a31ea03068e3fc1733
Reviewed-on: https://code.wireshark.org/review/23098
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I86e3097a322a4a354235ce941e52e6d4c6baf8ca
Reviewed-on: https://code.wireshark.org/review/23097
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
That's a separate README file for this directory, and its name is
README, not README.md like the top-level README file.
Change-Id: I9ec920de6a844441e00d4608608563bc4ddd8349
Reviewed-on: https://code.wireshark.org/review/23096
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The old URL fetched VS 2013 when I tried it; update to a link that
fetches VS 2015.
Change-Id: Ib33e8f09bef51a532c986e70ae6ac5d9d1f1dabe
Reviewed-on: https://code.wireshark.org/review/23094
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do it via type "abinary" like the comment suggests.
Note: VSA "abinary" code path untested.
Ping-Bug: 11630
Change-Id: Ie8ebbb2fdbc9f04faad40150652277f1396ea030
Reviewed-on: https://code.wireshark.org/review/22973
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is an ugly workaround for the fact that attributes 241-246 are
currently hardcoded as extended type. This is to restore previous
functionality to dissect some Ascend AVPs that shouldn't be using the
IANA allocation space.
Ping-Bug: 11630
Change-Id: I6bebefd21fe5149f5f57b3280c9992a0eca85e62
Reviewed-on: https://code.wireshark.org/review/22972
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This IE is a transparent container of a RANAP message
according to TS 25.413 - Section 11.2
Change-Id: I2080c9a75ce2acc947eade9c60b12c49080f8ee8
Reviewed-on: https://code.wireshark.org/review/23085
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Copy/pasteo made it "unverified", when it should have been labeled
"Not present"
Bug: 13955
Change-Id: If3b8dea276ae38ba8169762ed7ed8e764022b5d7
Reviewed-on: https://code.wireshark.org/review/23091
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 13866
Change-Id: I895266a6aa7458aa3ab18742bcd981986c2fd17c
Reviewed-on: https://code.wireshark.org/review/23074
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Give draft-frascone-xml-dictionary for the dictionary syntax.
Give RFC numbers and I-D names, rather than URLs to the plain text
versions of them; that way, you can more easily go to the HTML versions,
which give more information.
The "more information" for I-Ds may include later drafts and the final
RFCs, and for RFCs may give newer RFCs obsoleting the older ones; add
the RFC numbers for the I-Ds and the RFC number for the current Diameter
RFC.
Change-Id: If01ea341af3ae892755a243bd1dd66acfdfd5062
Reviewed-on: https://code.wireshark.org/review/23086
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Convert the contents of the top-level README to Markdown and give it a
.md extension. Most of our documentation is plain text or AsciiDoc, but
the top-level README file in a Git repository is special in that many
online browsers will show the README contents along with the directory
listing and those browsers tend to favor Markdown. This is true of
GitHub (which we're currently mirroring to), Gerrit via its Gitiles
plugin (which we're not yet using but likely will), and other places.
Add "foreign" to AM_INIT_AUTOMAKE. There is probably a joke to be
made here about the FSF and border walls.
Change-Id: I87c306d74864e1f0a432225b160a1b4483ee946c
Reviewed-on: https://code.wireshark.org/review/23049
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Let androiddump's internal definition of encap types directly
use linktype values from libpcap/wiretap. This way back and forth
conversion between internal and public values can be avoided.
Change-Id: I67522283cc3eb15cbdb1bfdd829bb1ff0031bb82
Reviewed-on: https://code.wireshark.org/review/23079
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- when building the END hash entry, always use the BEGIN destination
address. If no match is done, we will search using the BEGIN entry anyway
- add the source PC to the END hash entry. As it will be used for
messages initiated by the host that sent the BEGIN, we probably can
assume that the PC will not change
Bug: 13926
Change-Id: Iaa8b09bf6821961d1eab22683600f36d77bd2cc5
Reviewed-on: https://code.wireshark.org/review/23048
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove a variable apparently left over from the DocBook→AsciiDoc
transition.
Change-Id: Ieb6e2fd282ab71227bc5d33c200f04051acf529b
Reviewed-on: https://code.wireshark.org/review/23077
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The protocol help feature was completely removed in g09efa5fb8b and
deprecated long before that.
Change-Id: Ia0bde785002025c0cf9e3f783a5cad7f784938a2
Reviewed-on: https://code.wireshark.org/review/23076
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This patch makes required changes to be able to dissect packets that use
the new subdoc doc flags. This involved modifying the existing subdoc
flags, creating the new docs flags and modifying the extras dissector.
Change-Id: Iaaf5e58d778ca5f54f76c9d27680df68eee8b7bd
Reviewed-on: https://code.wireshark.org/review/23032
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Table 8-216—GAS Initial Request frame body format (page 752 of the
2012 version) suggests that the only thing that comes after the length
is the actual request and since the default just inserts the bytes for
req_len, it looks like the fall-through should not be there and it
should be a break.
Change-Id: I8e5afb24fedffea869829dc9f5bf3d42b20121eb
Reviewed-on: https://code.wireshark.org/review/23075
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
and also with conflict check: 'dpp' exists multiple times with NOT compatible types: FT_PROTOCOL and FT_UINT8
Change-Id: I98e2f7e8abbee5423e2bfa7b71b5259edd4711e4
Reviewed-on: https://code.wireshark.org/review/23071
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I4aee15cbf241d31c274dc511be2f86b8bfeae5b8
Fixes: v2.5.0rc0-683-g3c0ff67a9c ("ieee80211: Make a few dissector tables for vendor specific functionality")
Reviewed-on: https://code.wireshark.org/review/23069
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Including attributes in Public Action frames and those that can appear in GAS
frames.
Change-Id: I8d2a717984295592952b8fff82879197ace2a4b2
Reviewed-on: https://code.wireshark.org/review/22615
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
This allows vendors to more easily expand functionality.
Change-Id: Iaa6a0626f3ab3c80a3ea90ca09c90284705d0221
Reviewed-on: https://code.wireshark.org/review/23066
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>