This patch incorporates the following fixes from the patch attached to
bug 5671 with changes as noted below:
1.) Files where the packet header and packet data are noncontiguous are
handled improperly, resulting in read misalignment and ultimately the
error message, "Observer: bad record: Invalid magic number 0xXXXXXXXX."
This bug is caused by not obeying the packet_entry_header.offset_to_frame
field.
2.) Daylight savings time is not properly accounted for in files using
local time encoding.
3.) As of Observer/GigaStor v13.10 (bug 5671 incorrectly stated v14),
timestamps in the file format changed from local time encoding to GMT
encoding. Wiretap has been changed to support reading both formats.
Patch submitted with bug 5671 added a separate file type to allow
writing local format. This patch does not add the separate file type
and always writes GMT.
4.) The wtap_dumper.bytes_dumped field is not being properly incremented
as data is written to files.
This patch also incorporates the following additional enhancements /
fixes not in bug 5671:
1.) Support for reading BFR files which contain Fibre Channel captures.
Test file Fibre_Channel_Capture.bfr attached.
2.) Support for modified file header used in upcoming v15. New header
file format takes an unused byte from the version string to allow for a
larger offset to the first packet to be specified. Test file
V15_Lrg_Hdr_Test.bfr is attached, it is also a fuzz test as the number
of TLV items given in the header is less then the actual.
3.) It was found that if the number of TLV items given in the header was
larger then present it would fail to open the file. Test file
V9_Num_TLVs_Too_Big.bfr is attached.
svn path=/trunk/; revision=36970
need to use its presence in zlib as a proxy for "not the crufty old zlib
that comes with some versions of X11".
Do, however, check for inflatePrime() there, instead, just in case the
crufty old zlib that comes with some versions of X11 lack it; this is to
prevent the configure script from assuming a shiny new zlib by testing
with a non-X11 program, causing the build to fail when you build
Wireshark.
svn path=/trunk/; revision=36969
packet list store, and there's one PacketListRecord for every packet, so
that can save some space...
...especially if we move them after all the pointers, rather than before
the pointers, so they don't collectively take up 8 bytes on an LP64 or
LLP64 platform due to pointers having to be 8-byte aligned.
svn path=/trunk/; revision=36968
Example:
File type: Microsoft NetMon 2.x
File encapsulation: Per packet
IEEE 802.11 plus Network Monitor radio header
ToDo: For the tabular form report display the list of per-packet encapsulations seen.
svn path=/trunk/; revision=36962
The supplied patch adds a new option -O, which specifies a list of protocols
(names can be found with the "-G protocols" option) to be fully decoded while
the others only show the layer header.
svn path=/trunk/; revision=36947
and without causing us to potentially run into bug 3834.
Add a couple hf entries for things that had been added with add_text().
svn path=/trunk/; revision=36946
the dissection of the UE capabilities when the RAT
type is set to geran-cs (the value part of Classmark 2 starts at the third byte).
Moreover it adds a subtree to enhance the display of Mobile Station Classmark 2 and 3 and MS Radio Access Capability IEs.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5867
svn path=/trunk/; revision=36943
Define all internal fcns as static;
fragment_table_init() & reassembled_table_init() need to be
called form a registered_init fcn;
proto_register... and proto_reg_handoff should be at the end of the file as
per Wireshark convention;
proto_reg_handoff .... doesn't need 'if (initialized)...';
proto_register... doesn't need 'if (proto_mux27010 == -1)...'
svn path=/trunk/; revision=36935
Now index can be easily calculated so remove idx pointer from all match functions.
Just in case change names if someone is using wireshark internals.
svn path=/trunk/; revision=36930
This patch registers a dissector table to allow other dissectors to register as
subdissectors for modbus/tcp data.
Additionally it registers the dissector, so it can be invoked by another
dissector by name.
Additionally this version of the patch adds the Data field not as a text field,
but rather as a field which can be selected and tested for by name.
svn path=/trunk/; revision=36925
