I made the following improvements to the Modbus/TCP dissector:
1. Implemented protocol to the latest specification (v1.1b). See
http://www.modbus.org/specs.php.
2. Upgraded to "tcp_dissect_pdus" instead of having the dissector do it
manually. This also provides TCP packet reassembly support.
3. Removed support for UDP port 502 because it's not supported by the protocol
specification. I believe "Decode As..." could be used in its place.
4. Added dissector support for the following function codes:
a) 8 - Diagnostics
b) 11 - Event Counter
c) 12 - Event Log
d) 43 - Encapsulation Transport (mostly for 43/14)
5. Removed support for function codes not in the protocol specification. None
of them were really being parsed, they just offered a "name" for the function
code.
6. Moved protocol #defines to header file for access from other dissectors. I
plan to have other dissectors use this, but one patch at a time.
7. Created "modbus" dissector that is accessible to other dissectors.
8. Renamed base "display filter name" to reflect PROTOABBREV.
I removed defines for value_strings, I think it's better to export the vaöue strings if needed.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5923
svn path=/trunk/; revision=37539
Handling of SercosIII if the plugin can not be loaded.
Changed the behaviour - if the SercosIII plugin is not available, the
openSAFETY dissector registers itself for ETHERTYPE_SERCOS. SercosIII
packages can not be dissected anyway in such a case and currently no
other dissector will handle those packages.
The following steps will be taken to display the situation to the user:
The message "SercosIII dissector not available, openSAFETY/SercosIII
native dissection." will be added to the tree. Additionally a similar
warning will be presented on the console during startup of wireshark.
All openSAFETY packages will be dissected, displaying the normal
openSAFETY information.
This will be more transparent for the customer.
svn path=/trunk/; revision=37533
- get_full_XXX functions are unused in the code
- A case statement which handles only 2 of the many enum elements
creates another warning promoted to error
- The patch removed usage of a variable but not the variable declaration
itself.
svn path=/trunk/; revision=37517
UATification of ESP
UATification of ESP SA keys. Some notes:
1. Trimmed a lot of fat removing the code that parsed (and reparsed) ESP SA
keys, since UATs can take care of all that.
2. There was no validation on the src/dest, so that was carried through (ie
there is still no validation of src/dest fields)
3. Formatting of the source was a little off, so I attempted to fix the
functions I needed to deal with. I know that's frowned upon, but the braces
were such that I couldn't tell if/else blocks to understand the code. If
somebody wanted to run an indent program on the file, that would be
appreciated.
Added some casts to make it compile on win64.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1123
svn path=/trunk/; revision=37516
than present, just chop all by setting caplen to 0. In all cases, don't touch
len. In other words, change incl_len but leave orig_len alone.
svn path=/trunk/; revision=37488
Specifically WPA/WME sub dissector
* Rework from scratch VS WPA/WME dissector
* Replace proto_tree_add_text/string (ugly hf_ieee80211_tag_interpretation header field...) by proto_tree_add_item
* Make item filterable
* and other stuff...
Based on WMM_Specification_1-1
svn path=/trunk/; revision=37486
original capture file's snaplen, save the new snaplen in the capture file
header so wireshark and capinfos can report it.
svn path=/trunk/; revision=37480