If dissector_try_heuristic() succeeds return TRUE and vice-versa.
Change-Id: I3fb2595604f2f3981468473d0a966efe7387745e
Reviewed-on: https://code.wireshark.org/review/10199
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Add new Const/Def for WMQ800 FP3
Improve Detection of EBCDIC String in MQCONN_REPLY
Add Value in comments
Change-Id: I695a3afa64fee7f22918f68540901c97dfd38464
Reviewed-on: https://code.wireshark.org/review/10012
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
git does keep of this in a much better way anyway.
Change-Id: I9923516105e63e72878e0ed34c74eed44453ab01
Reviewed-on: https://code.wireshark.org/review/10207
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Yes, it *should* have been called "HT", but hindsight is always 20-20.
If you want less confusingly named information, look at what the "802.11
radio information" dissector puts into the protocol tree; the radiotap
dissection is for people debugging radiotap implementations or looking
for vendor-specific information that's not (yet) put into the generic
802.11 radio information.
Change-Id: If6e97f82595a6f11a45e34d5a52e70e9ca686d7c
Reviewed-on: https://code.wireshark.org/review/10202
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Optional filter argument wasn't correctly parsed.
Change-Id: Ic0418fa866e1a00880b4e41bb28267a155a71aa5
Reviewed-on: https://code.wireshark.org/review/10088
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Selecting a row in the statistics table causes a Glib assertion failure.
GLib:ERROR:ghash.c:373:g_hash_table_lookup_node: assertion failed: (hash_table->ref_count > 0)
When the comparestat_draw() function is called, the cs->ip_id_set hash table
is created and then immediately destroyed, but the hash table lookup
to cs->ip_id_set in new_tree_view_selection_changed() can happen anytime
the user clicks on a table row.
Bug: 11098
Change-Id: I6c7a39c947ca11327c3fc3ab0d4caa735798d142
Reviewed-on: https://code.wireshark.org/review/10096
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1) Introduced by me in commit c4fe7129d8
where I didn't honor the "print lsa header only" flag properly for
data highlighting
2) Introduced in 2001 with commit dd1b7eafaf
which moved offset increasing into an "if (tree)" statement with code
after the if statement continuing to work with offset.
Also make display of v2 and v3 LSAs the same again (forgot one case in
previous commit.
bug:11461
Change-Id: I1986c19842f1fa9c8a6d0a7c9a79c64939eeb9d0
Reviewed-on: https://code.wireshark.org/review/10192
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Change-Id: Ia731f281ee9af171c759d7f6f7c614c350cbb4e7
Reviewed-on: https://code.wireshark.org/review/10178
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Also add support for alphabetizing stat tree items as the addition of IPv6 stats tree makes it more obvious its needed.
Change-Id: I8b319ceac805ce7e3a1fd59f92c1c6fe2a54d3de
Reviewed-on: https://code.wireshark.org/review/10062
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Show the LSA type and length in the summary line
Improve a message to make it clear when we are talking about a LLS TLV
Add an expert item for LLS bit set but data block missing
PI_MALFORMED is an error not a warning.
Change-Id: I516c2a2f0c27fcf101671527d4e4f018e17d3025
Reviewed-on: https://code.wireshark.org/review/10189
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
least Cisco sends out these packets with a TTL of 1.
Change-Id: I9ef0cd486d200a768329cfb758b87e20e3456663
Reviewed-on: https://code.wireshark.org/review/10188
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Fix the "retap on show" behavior in TapParameterDialog. It was filling
in the tree when it shouldn't have.
Set the capture stop flag when WiresharkDialog closes.
Change-Id: I5e85f11cab32e8b958deabb58186a855b5fcaa84
Reviewed-on: https://code.wireshark.org/review/10186
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Wslua's Int64.fromhex() and UInt64.fromhex() need to check the sscanf return
value. Found by coverity (CID 1191368 &1191369).
Change-Id: I67fba027e18341d429787515f94c794573dc41c2
Reviewed-on: https://code.wireshark.org/review/10183
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Make sure "-z multicast,stat[,filter]" and "-z wlan,stat[,filter]" work.
Add some missing "-z" items to the man page.
Try to fix some MSVC++ warnings.
Change-Id: Ie18e5355d595e351f000f14d82781dcdf33141c3
Reviewed-on: https://code.wireshark.org/review/10184
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add HAVE_LIBGCRYPT compilation guards.
Move gcrypt-related variables into the scope they're used.
Change-Id: I81a2c8a54514fb51de53640fa8eceeddb2bf24d9
Reviewed-on: https://code.wireshark.org/review/10118
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
RADIUS configuration sometimes uses more ports - for example, one for
authentication, another one for accounting. Sometimes it uses the entire
port ranges. In case of FreeRADIUS 2.x.x server it might look like this:
...
listen {
type = auth
ipaddr = *
port = 13812
}
listen {
type = acct
ipaddr = *
port = 13813
}
...
Unfortunately we allow only one port to be redefined, not more. So it
forces a person who's analyzing a traffic from such a RADIUS server
manually select "Decode as" every time for each port.
It was requested at least once to lift this limitation:
* https://ask.wireshark.org/questions/2189/decode-multiple-ports-as-radius
So let's fix it!
With this commit it's possible to set a port ranges for RADIUS dissector
to handle. An example (default) configuration looks like (see
~/.wireshark/preferences):
radius.ports: 1645,1646,1700,1812,1813,3799
Old "alternate_port" preference is marked as obsolete. It won't be shown
to a user but it will still be used if exists (remained from a previous
installations).
*Ver. 2*:
Old alternate_port value is copied to the ports range, thus making
transition even more smooth.
Change-Id: Ibdd6f4f9fa1e0ac186147cec380bbfc62d509b17
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
Reviewed-on: https://code.wireshark.org/review/10015
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissecting client and server KEX messages requires to precisely distinguish KEX
algos. For example, Server KEX for DH_anon do not contain a signature, while
DHE_DSS and DHE_RSA do. The patch introduces KEX distinction with full
precision and fixes dissecting _anon KEX messages.
Change-Id: I0bcd5e2bf899ba9cac79476d5b7a1ffb3accf0db
Reviewed-on: https://code.wireshark.org/review/9836
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also fix an off by 1 error for EPB case
Change-Id: I895d82a58ec02c577dcaa67a97d456b42460b947
Reviewed-on: https://code.wireshark.org/review/10149
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Fix whitespace and replace tvb_captured_length with tvb_reported_length
Change-Id: I3952e7a1ac00b68e6f6eb1283977bc6299b0baaf
Reviewed-on: https://code.wireshark.org/review/9900
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The "Syntax Line Edit" is based on "QLineEdit". By default, the maximum
permitted length of a QLineEdit text is 32767 (16 bits).
As the "Host Flows" extension uses the Wireshark filter syntax to filter
the data, the filter can be become large. To avoid errors, I increased
the maximum permitted length value to the maximum of quint32.
Change-Id: I756efa76e1fc84449caef8fea368e6e38e776235
Reviewed-on: https://code.wireshark.org/review/10099
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ic97434112bc71202354004626ba51e1a22c39abf
Reviewed-on: https://code.wireshark.org/review/10165
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ife5f44a333227b1df3d2377d12dbec65a4b4d5c3
Reviewed-on: https://code.wireshark.org/review/10164
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I0aedefbb77899ebceac7fb08249faf47964d785b
Reviewed-on: https://code.wireshark.org/review/10163
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
up in the Expert Infos dialog.
Push the if(tree) check down into the basic type dissectors since we can't
generate/fill the label (which won't be used anyway) when we're not building
the tree (since the proto_item will be faked/NULL).
Change-Id: Ie4f1f6856cfad0dabc7c58cdee2c16c8fc032c6d
Reviewed-on: https://code.wireshark.org/review/10001
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
lemonflex-tail.inc:44:1: warning: no previous prototype for 'df_scanner_text' [-Wmissing-prototypes]
lemonflex-tail.inc:50:1: warning: no previous prototype for 'df_scanner_file' [-Wmissing-prototypes]
lemonflex-tail.inc:59:1: warning: no previous prototype for 'df_scanner_cleanup' [-Wmissing-prototypes]
Change-Id: If0476b430592df225234c5c685c8009ab08b5ab6
Reviewed-on: https://code.wireshark.org/review/10162
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I330ec2cee965f8cc3128c4a7bf794e52581ac290
Reviewed-on: https://code.wireshark.org/review/10166
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Provides better readability, the dissector table is only used for IPv6
extension headers.
Change-Id: I87d877a89c6465d4475f2f0a40636ccd1b6cdd92
Reviewed-on: https://code.wireshark.org/review/10174
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Instead of splitting the stats into two lists as with the GTK+ UI, add
everything to an expandable tree. This allows viewing nodes on more than
one network.
Rename the top-level Bluetooth menu item to Wireless and put the WLAN
stats dialog there.
The Qt UI matches SSIDs (WlanNetworkTreeWidgetItem::isMatch) a bit
differently than the GTK+ UI. Try to make the logic as plain as possible
since we'll likely have to update it in the future.
The addition of a custom BSSID address types means that we can't assume
that everything is AT_ETHER. Add routines for checking for broadcast
BSSIDs and comparing only the data portions of addresses.
Move PercentBarDelegate into its own module. Use it in
WlanStatisticsDialog.
Change-Id: Ie4214eb00671a890871380c4a07213ebfb7585c6
Reviewed-on: https://code.wireshark.org/review/10171
Reviewed-by: Gerald Combs <gerald@wireshark.org>
In the world of CMake calling "set" with multiple values creates a
semicolon-separated list. For WS_WIN_LIBS we want a single string so we
need to call "set" with a single, quoted value.
Change-Id: I96c5085af58adfb97ce16195eb27cc8ddb612d6a
Reviewed-on: https://code.wireshark.org/review/10158
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>