Move dissectors.c to a separate object library so that the rest of the
dissectors don't have to wait for it to be generated. This reduces build
time here by a few seconds when ccache is enabled.
packet-li5g.c used to parse the LI x2/x3 PDU header which defined in ETSI TS 103 221-2
lix2 used to parse the x2 xIRI payload, the ASN.1 defined in 3GPP 33.128.
Add the dissector generated by asnwer
will merge this file in a new request, so, delete it from the 5G LI branch
Add a comment line stating the 3gpp document in lix2.asn
fix the commit warning
This patch adds basic dissection for the egfx channel. It also fixes fragmentation
in the dynamic channel, and also introduces some of the decompressors involved in RDP
traffic.
This patch adds support for the ISO 10681-2 protocol, which is similar
to the ISO 15765-2 protocol (see packet-iso15765.c).
This patch also add support for registering combined FlexRay IDs to
register the new dissector.
This patch adds support to DoIP and ISO15765 to pass the diagnostic
address or addresses to UDS. UDS takes the relevant address into account
for the data identifier and routine identifier name resolution.
The protocol is a continuation of the WOW protocol occuring between the
world server and the client (as opposed to the login server and the
client).
The first two opcodes are unencrypted and perform setup for the
encryption.
The encryption was setup in the WOW protocol through SRP6.
Using the session key for encryption like this is not part of the SRP6
protocol.
All other opcodes are encrypted using the session key, which will need
to be deduced first.
This patch adds support for LIN (Local Interconnect Network) as
well as support for:
- Signal PDUs on LIN
- ISO 15765 (ISO TP) on LIN
- TECMP transported LIN is handle like LIN
LIN is a simple automotive fieldbus to connect for example simple
sensors and actuators to an electronic control unit.
This big patch addresses the following items:
* implement the "message" virtual channel so that multi-transport and bandwidth
PDUs are dissected;
* prepare the identification of static channels to be able to dissect them later;
* fix the compression field in channelPDUHeader.channelFlags;
* implement the drdynvc channel dissector, so now we decode the traffic on this
channel and we're able to track data on dynamic channels and transition to UDP
transport
Added dissectors for RTPS Virtual Transport and RTPS Processed Protocols
RTI Connext DDS can capture RTPS-related traffic by using the Network Capture
Utility. The generated .pcap capture files will follow these protocols,
establishing a format for how information must be saved, and then
parsed. This will improve debuggability by including additional information
obtained from within Connext DDS.
RTPS-VT parses the information related to the transport. It then, calls
the RTPS-PROC dissector, which handles the rest: calling the RTPS
dissector when needed, and parsing additional information such as the
one related to security.
The BT LMP dissector calls btbredr_rf_add_esco_link and
btbredr_rf_remove_esco_link. Move their prototypes and required struct
definitions to a header file.
This patch adds a dissector for PDUs based on signals. On CAN,
FlexRay, etc. data is transported in PDUs that are based on
signals. These signals are typically an arbitrary number of bits.
This dissector allows:
- Parsing configured signals (shortened datatypes too)
- Scaling and moving signals values (compu scale)
- Naming signal values (compu consts)
- Filtering on the scaled and raw value
The dissector supports:
- Signal PDUs over CAN
- Signal PDUs over FlexRay
- Signal PDUs over SOME/IP
- Signal PDUs over PDU-Transport
The Linux kernel includes a module called psample which sends sampled
packets to user-space over generic netlink.
This patch adds a dissector for these netlink packets.
The dissector is expected to be invoked by the generic netlink dissector and
during its hand off routine it adds an entry in the 'genl.family' dissector
table.
The various netlink attributes are dissected by calling
dissect_netlink_attributes(), in a similar fashion to the rtnetlink and
net_dm dissectors. The sampled packet itself is encoded in the netlink
attribute 'PSAMPLE_ATTR_DATA' and dissected by invoking a dissector from the
'sll.ltype' dissector table based on the packet's protocol which is
encoded in the 'PSAMPLE_ATTR_PROTO' attribute.
Signed-off-by: Amit Cohen <amcohen@nvidia.com>
I believe this was the original intention, to use these API restricitons
with dissectors only (not that I necessarily agree with that policy either),
and through copy-paste and lack of clear guidelines it spread to other
parts of the build.
Rename the checkAPI groups to make it very clear that this is dissector-only.
This doesn't mean, of course, that good programming practices shouldn't be
followed everywhere. In particular assertions need to be used properly.
Don't use them to catch runtime errors or validate input data.
This commit will be followed by another removing the various ugly hacks
people have been using to get around the checkAPI hammer.
The include_directories documentation at
https://cmake.org/cmake/help/latest/command/include_directories.html
says:
"Note: Prefer the target_include_directories() command to add include
directories to individual targets and optionally propagate/export them
to dependents."
Switch from include_directories to target_include_directories in a bunch
of places.
Add "SYSTEM" to the remaining external include_directories calls in
order to minimize our compiler warning blast radius.
A complete dissector for Van Jacobson PPP header compression:
<ftp://ftp.rfc-editor.org/in-notes/rfc1144.pdf>
This dissector was created solely by reading the description of the
protocol in section 3.2 of RFC 1144. In particular, I did *not* read the
sample implementation of the RFC in its Appendix A, due to the
questionable legality of using code with "All rights reserved" in
Wireshark. See #12138 for details.
Closes#12138.
Use target_include_directories instead of include_directories in a few
places as recommended at
https://cmake.org/cmake/help/latest/command/include_directories.html
Doing so lets us mark a bunch of dependency includes SYSTEM PRIVATE, in
particular LIBXML2_INCLUDE_DIRS. On macOS this keeps us from triggering
the nullability warnings described at
https://www.wireshark.org/lists/wireshark-dev/202004/msg00056.html
(This might also keep the Visual Studio code analyzer from complaining
about various Qt headers, but I haven't tested this.)
Currently, only pcapng has one, and it does nothing, but this mechanism
will be used more in the future.
Update comments in epan/dissectors/CMakeLists.txt and ui/taps.h while
we're at it.
According to the LINKTYPE_BLUETOOTH_BREDR_BB Packet Structure specification
(http://www.whiterocker.com/bt/LINKTYPE_BLUETOOTH_BREDR_BB.html), the
Bluetooth header should be formatted according to the Bluetooth
specification Volume 2, Part B, Section 6.4. However, right now
wireshark expects the header to be in a weird format,
specifically it expects the header fields to be MSB but the bits
within each header field to be LSB. (Bluetooth standard is all
LSB). Furthermore, it computes the HEC (header check, i.e. the header
CRC) with 4 bits arbitrarily masked.
This patch decodes the header according to the spec. It still accepts
the old format (if the broken HEC matches), and displays a warning.
Until now writing subdissectors for SOME/IP was not really possible.
While you could register for messages, the subdissector did not know
which message it was called for.
This patch fixes the subdissector support of SOME/IP by:
- adding header file to CMakeLists (was missing)
- creating a "data" struct so that subdissectors know what they dissect
- passing this "data" struct to the subdissector
packet-rtps.h and packet-rtps-utils.c have been merged into the one
dissector packet-rtps.c.
All the functions have been made static.
Forward declarations have been removed if not needed.
Fix: #17113.
This patch adds a new dissector for PDU-Transport. This is a very
simple protocol to transport CAN, FlexRay, LIN, and other PDUs.
It is typically used to transport legacy messages/PDUs over Ethernet.
The format is compatible to FDN and AUTOSAR.
Enabled AUTOSAR NM on top of the PDU Transport and fixed a few bugs
in AUTOSAR NM as well (length parsing).
Solves #17095
Also modified eCPRI dissector to call it for payloads. This dissector will
claim the "IQ Data" and "Real-Time Control Data" message types - others
are still handled by eCPRI.
New link type DLT_ETW is added for write and read Event Trace on Windows.
This change updates MBIM dissector to decode a MBIM message from
a DLT_ETW packet.
Add SMCD(v2) clc proposal/accept/confirm and decline support.
Proposal and decline parsing routines are used by SMC-R and SMC-D(v2).
Enhance the existing SMC-R protocol dissector in such
a generic way that it supports both SMC-R and SMC-D(v2)
protocols. These two protocols are similar to each other.
SMC-D has a version 1 and version 2.
Signed-off-by: Guvenc Gulce <guvenc@linux.ibm.com>
Added dissection for Dynamic Access Control (DAC) specific ACEs.
These are Conditional ACEs, System Resource Attribute ACEs and System
Scoped Policy ID ACEs.
A Condition ACE must be one of the following types:
ACE_TYPE_ACCESS_ALLOWED_CALLBACK
ACE_TYPE_ACCESS_DENIED_CALLBACK
ACE_TYPE_ACCESS_ALLOWED_CALLBACK_OBJECT
ACE_TYPE_ACCESS_DENIED_CALLBACK_OBJECT
ACE_TYPE_SYSTEM_AUDIT_CALLBACK
ACE_TYPE_SYSTEM_AUDIT_CALLBACK_OBJECT
Such an ACE may include a conditional expression (that will, if
present, be evaluated to determine whether or not the ACE allows or
denies access). If a conditional expression is present the ACE data
will start with the string "artx". The remainder of the ACE data will
be the conditional expression which is simply a list of tokens
(see MS-DTYP for details of each token type). With this change,
filter "nt.ace.cond" can be used to find packets containing one or
more Conditional ACEs and their details are dissected.
A System Resource Attribute ACE has a name, value type and a list of
values. The value types are: INT64, UINT64, STRING, SID, BOOLEAN and
OCTET_STRING (i.e. binary data). With this change, filter "nt.ace.sra"
can be used to find packets containing one or more System Resource
Attribute ACEs and their details are dissected.
System Scoped Policy ID is simply a new ACE type and it does not
require any new dissection. The SID associated with a System Scoped
Policy ID ACE will start with S-1-17 and identifies the "Central
Access Policy" that should be used.
Added a dissector to reassemble IPP Over USB packets and pass them to
the HTTP dissector. Added a display filter so IPPUSB packets can be
filtered. Dissector checks to ensure semgent is IPPUSB and supports
reassembly of send-documents and print-job documents. It also supports
the reassembly and dissection of packets that are truncted or
incomplete.
Change-Id: Icc9525592c07b00baaac887a70bc9e7568273016
New dissector for MC-NMF (.NET Message Framing Protocol) and
MS-NNS (.NET NegotiateStream Protocol).
TLS implementation is not tested due to the lack of a sample capture.
Fixes: wireshark/wireshark#16861
Stream Specification: https://www.ilda.com/resources/StandardsDocs/ILDA_IDN-Stream_rev001.pdf
The stream specification only defines IDN messages. The other packet commands
like ping request, ping response, etc. (see line 25 - 31 in packet-idn.c)
are part of the hello specification which is not released yet. We were still
able to implement some hello packets since we received a preliminary version
of the hello specification, because we need the hello packets for our work.
related to #16707
This adds a protocol post-dissector for Community ID support to
Wireshark/tshark: https://github.com/corelight/community-id-spec
The protocol is disabled by default. It establishes one new filter
value, "communityid".
Includes test cases and baselines to verify correct Community ID
strings based on similar testsuites in the existing Zeek and Python
implementations.
Remove the --check-addtext and --build flags. They were used for
checkAddTextCalls, which was removed in e2735ecfdd.
Add the sources in ui/qt except for qcustomplot.{cpp,h}. Fix issues in
main.cpp, rtp_audio_stream.cpp, and wireshark_zip_helper.cpp.
Rename "index"es in packet-usb-hid.c.
Bug: 16764
Change-Id: Iff902150491c984d3069c1b83acef9c2c8ce12c7
Reviewed-on: https://code.wireshark.org/review/38106
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Very rough support for dissecting the framing on unidirectional and
bidirectional streams. Support for dissecting QPACK contents will be
added later.
Thanks to Omer Shapira for identifying an important issue that broke
reassembly and blocked proper HTTP/3 support.
Bug: 16761
Change-Id: Ib7f87c824f1dca70967b82943e18d5afee39fa0b
Reviewed-on: https://code.wireshark.org/review/38084
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It is send from DCAgent to FSSO collector using UDP 8002 packet
It is based on analysis of protocol (and log)
Bug: 16657
Change-Id: I2e23a403a103c25820d714446d4e3245af04e876
Reviewed-on: https://code.wireshark.org/review/37547
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Technically Enhanced Capture Module Protocol (TECMP) allows the
transport of data recorded on different technologies (e.g. Ethernet,
CAN, LIN, FlexRay). A typical usage scenario is data recording in
vehicles, e.g. for validating and testing autonomous driving.
Bug: 16661
Change-Id: If7c08529049cc1d30d9a5640b4216eac83546800
Reviewed-on: https://code.wireshark.org/review/37610
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a dissector for Asphodel (https://bitbucket.org/suprocktech/asphodel).
Asphodel is a protocol for streaming real-time data from sensors in industrial
environments. This protocol dissector supports complete dissection of the UDP
advertisment packets, and simple dissection of the TCP command and stream data.
Sample Capture:
https://wiki.wireshark.org/SampleCaptures#Asphodel_Protocol
Change-Id: I6a7f730a4ce5349ac48b4fd86e61429983af5bf9
Reviewed-on: https://code.wireshark.org/review/37318
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
This is the dissector for the LBMSRS protocol which
comes under the 29West protocol suite
Bug: 16466 - LBMSRS sample capture file uploaded in this bug
Change-Id: I7458783f8cff5179064fbd68e910c162db1c5fd7
Reviewed-on: https://code.wireshark.org/review/36917
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit adds a basic dissector for ScyllaDB RPC protocol.
ScyllaDB (www.scylladb.com) is a No-SQL database serving multiple
client protocols (e.g. CQL). The newly introduced dissector
provides a way to inspect Scylla's internal protocol, used by
the nodes to communicate with each other - share data, gossip
the cluster state, update the schemas, etc.
This dissector implements only a shallow dissection of most packets,
i.e. recognizing the packet type. Two requests with deeper dissection
are MUTATION and READ_DATA, used by I/O operations in the database.
Bug: 16471
Change-Id: Ibba8262bd4e5a637b24b3e7846c42c6534ef811b
Signed-off-by: Piotr Sarna <sarna@scylladb.com>
Reviewed-on: https://code.wireshark.org/review/36633
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Start dissecting the class-specific control messages.
Change-Id: I21e97777c9fc0396a8c0c575ba21909f58bbb577
Reviewed-on: https://code.wireshark.org/review/36539
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Initial support for TEAP (Tunnel Extensible Authentication Protocol)
defined in RFC7170.
Only partial support implemented. Mainly the parts needed to discover
the carried EAP payload when establishing IEEE802.11 EAP-TEAP
connections.
Bug: 16379
Change-Id: Ic2b31d0b871b430792a371cd09926811e350c32b
Reviewed-on: https://code.wireshark.org/review/36104
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pass chip and interface information from FTDI FT to MPSSE dissector.
Set usb_conv_info_t field deviceVersion to bcdDevice field from DEVICE
DESCRIPTOR so USB dissectors can use it. In case of FTDI FT chips, the
bcdDevice value is used to determine chip.
Ping-Bug: 11743
Change-Id: I4f2cf5d50355d914fef51cf7e268064b02bc02ed
Reviewed-on: https://code.wireshark.org/review/36147
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Filipe Laíns <lains@archlinux.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ACDR is a protocol over UDP that is used by AudioCodes devices for
recording traffic to and from the device.
It adds a header to each packet that contains extra data about the packet.
For some packet types (like SIP), it also appends the IP and UDP/TCP
headers of the sent/received packet.
The dissector unwraps the ACDR header, and displays the packets with the
original type (and when available, with the original addresses).
Bug: 16275
Change-Id: I19ad90053a2ef73da80881dc5e94aa362de23ea3
Reviewed-on: https://code.wireshark.org/review/35417
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Dissect SetBitMode based on the libftdi implementation.
Pass MPSSE data to FTDI MPSSE dissector stub. The FTDI MPSSE stub
currently only marks the data as undecoded.
Add Olimex ARM USB JTAG adapters VID/PID information to FTDI FT.
Ping-Bug: 11743
Change-Id: I1cfc6371a0b1c8f8aae81bf024056fb99ffd443c
Reviewed-on: https://code.wireshark.org/review/35734
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I sometimes type too fast and 'epan/dissectors/s<TAB>' ends up into
'epan/dissectors/snort-config.' which is never intentional.
Change-Id: I5bae7b303bbcc7057f15d5acfa9fa01610cd90ce
Reviewed-on: https://code.wireshark.org/review/34926
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for the WFA Neighbor Awareness Networking (NAN) protocol.
Bug: 16087
Change-Id: Ideeeea2551c8db722b5578340bef4e504ea73dcf
Reviewed-on: https://code.wireshark.org/review/34635
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch updates the TCP Convergence Layer (TCPCL) parser, updates the
Compressed Bundle Header Encoding (CBHE) BP Endpoints that identify
CCSDS File Delivery Protocol (CFDP) and Asynchronous Management Protocol
(AMP) payloads, and adds an AMP dissector that parses the new Compressed
Bundle Header Encoding (CBOR) wire format.
1. Correctly parses the TCP Convergence Layer Length field
2. Adds support for the TCP Convergence Layer Refuse-Bundle Reason-Code
Flags per RFC-7242: Section-5.4
3. Parses BP traffic between Compressed Bundle Header Encoding (CBHE)
endpoints 64 and 65 as CCSDS File Delivery Protocol (CFDP)
payloads.
4. Parses BP traffic beetween Compressed Bundle Header Encoding (CBHE)
endpoints 5 and 6 as Asynchronous Network Management (AMP)
payloads
5. Updates the AMP parser to use the new Compressed Binary Object
Representation (CBOR)
The AMP dissector was originally written by Krishnamurthy Mayya
(krishnamurthymayya@gmail.com) against an older version of the AMP
specification and updated to parse the new Compressed Binary Object
Representation (CBOR) format by Keith Scott (keithlscott@gmail.com)
Change-Id: I8d1eff9fb09f1a9dbdb9f4cf077448316f6a9e05
Reviewed-on: https://code.wireshark.org/review/34216
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The QUIC transport protocol provides a stream, similar to HTTP/2. Make
it possible to look at the stream contents. This can be helpful while
HTTP/3 support is not yet complete.
Known issues that will be addressed in the future:
- If a single packet contains multiple streams, then Follow QUIC Stream
will wrongly include data from streams other than the selected one.
This is tracked by bug 16093 and affects HTTP/2 as well.
- The Substream index menu does not properly filter for available
stream numbers. If a non-existing stream is selected, then changing
to another (potentially valid) index results in the "Capture file
invalid." error. As workaround, clear the display filter first.
- Follow Stream always selects Stream ID 0 instead of the first or
currently selected stream field in a packet. Users should manually
update the stream index as needed.
Change-Id: I5866be380d58c96f0a71a29abdbd1be20ae3534a
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/34694
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Scalable service-Oriented MiddlewarE over IP (SOME/IP) is the
standard communication middleware for IP and Ethernet based
communication. It supports Service Discovery, RPC, Pub/Sub, and more.
Bug: 16014
Change-Id: Ifd6549818ccc87f376a5fb9ba1d6c335818c6e00
Signed-off-by: Dr. Lars Völker <lars.voelker@bmw.de>
Reviewed-on: https://code.wireshark.org/review/34497
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Diagnostic Log and Trace protocol (DLT) is a commonly used and
standardized protocol in the automotive industry used to retrieve
log data. This patch adds the protocol to Wireshark. Keep in mind
that ports have to be configured before the dissector can be used.
Change-Id: I24592705476fb0c3bb83a1cc10b3dae8867523f4
Signed-off-by: Dr. Lars Völker <lars.voelker@bmw.de>
Reviewed-on: https://code.wireshark.org/review/34462
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Linux kernel includes a module called drop monitor which -
unsurprisingly - monitors packet drops.
Once enabled, the module will periodically send netlink notifications to
user space over generic netlink. Historically, these notifications only
included the program counter where the drop occurred and the number of
packets that were dropped in this location in the last interval.
Patches in net-next (queued for Linux kernel 5.4) extend drop monitor
with another mode of operation where the dropped packets themselves are
sent to user space along with relevant metadata as netlink
notifications. This allows users to perform a more detailed analysis of
the dropped packets.
This patch adds a dissector for these netlink packets. The dissector is
expected to be invoked by the generic netlink dissector and during its
hand off routine it adds an entry in the 'genl.family' dissector table.
The various netlink attributes are dissected by calling
dissect_netlink_attributes(), in a similar fashion to the rtnetlink
dissector. The dropped packet itself is encoded in the netlink attribute
'NET_DM_ATTR_PAYLOAD' and dissected by invoking a dissector from the
'sll.ltype' dissector table based on the packet's protocol which is
encoded in the 'NET_DM_ATTR_PROTO' attribute.
Bug: 16018
Change-Id: I10bfa4b9c9d8f5e82769c250f929f74693142a23
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-on: https://code.wireshark.org/review/34351
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This protocol is a non-standard, ad-hoc protocol to pass baseband GSM
bursts between the modem (osmo-trx) and the encoder / decoder
(osmo-bts-trx). Osmocom inherited this when forking OsmoTRX off the
OpenBTS "Transceiver" program.
Change-Id: I31f5071d08eff1731f1d602886e204c87eed107c
Related: OS#4081 (https://osmocom.org/issues/4081)
Bug: 14814
Reviewed-on: https://code.wireshark.org/review/26796
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Dissect raw USB Packets. The actual USB packets to transaction conversion
(which is needed to pass the data to existing USB URB dissector) is not
implemented yet.
Ping-Bug: 15908
Change-Id: Ia75d58882d770fdd8650622d318241743069ad8f
Reviewed-on: https://code.wireshark.org/review/34006
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This change adds a basic dissector for the Network Controller Sideband
Interface (NCSI), as described by DMTF specification DSP0222.
Change-Id: I4e98361bfb7315c524f9c90db38507892adeeebe
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Reviewed-on: https://code.wireshark.org/review/33818
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Initial go at adding the CableLabs Dual Channel Wi-Fi dissector.
Changes:
. New dissector for CableLabs Layer-3 Protocol ("CL3") IEEE EtherType 0xB4E3
. New dissector for Dual Channel Wi-Fi (Subprotocol of CL3)
. Defined EtherType macro for CL3 + description
Bug: 15818
Change-Id: I6edf99d40883c1890659185cc3f0524a2218a6c4
Reviewed-on: https://code.wireshark.org/review/33440
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Note that this dissector covers the USB to serial only. FTDI
Multi-Protocol Synchronous Serial Engine (MPSSE) should be implemented
as separate dissector receiving data from FTDI FT dissector if the chip
has MPSSE.
Ping-Bug: 11743
Change-Id: I1f2e2b56b9351442f7ddbe97106b5f166de2cdca
Reviewed-on: https://code.wireshark.org/review/33520
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add dissection for Graylog Extended Log Format (GELF) over UDP.
Bug: 15776
Change-Id: Ie976a1dee8d3441532f209061aef5c804219f289
Reviewed-on: https://code.wireshark.org/review/33184
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch adds support of NVMe/TCP (NVM Express over Fabrics for TCP).
to wireshark.
NVM Express is high speed interface for accessing solid state drives.
NVM Express specifications are maintained by NVM Express industry
association at https://nvmexpress.org/.
NVMe/TCP is the TCP transport binding specification
which recently ratified (Technical Proposal 8000) and is a part
of NVMe-oF spec version 1.1.
Reference can be found here:
https://lwn.net/Articles/772556/
and protocol specification:
https://nvmexpress.org/welcome-nvme-tcp-to-the-nvme-of-family-of-transports/
Supported commands are
*) NVMe/TCP ICREQ, ICRESP.
*) NVMe Fabrics commands
*) NVMe commands that are supported by packet-nvme dissector.
Testing is done with Linux 5.0 nvme-tcp host and target drivers.
H2C and C2H termination PDU`s are not supported as Linux NVMe/TCP driver
does not support them as well in kernel 5.0
Bug: 15735
Change-Id: I63ae7aa2a42ff843b9832110830fd345f30d9170
Reviewed-on: https://code.wireshark.org/review/32640
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The BSSMAP LCLS GCR field is specified in 3GPP TS 29.205, which
in turn was originally created to augment the ITU-T Q.190x BICC
with Mobile specific information elements. Let's add the latter
decoding function as a new packet-bicc_mst.c, so it can be used
also from other dissectors. For example, GSM MAP also includes
GCRs and hence should be modified to use this new decoder.
Change-Id: I247d2ccd2d16e996f4fe5d5952ba8a4091a4ffd0
Reviewed-on: https://code.wireshark.org/review/33117
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This protocol is spoken between the BSC (Base Station Controller) and
the CBC (Cell Broadcast Centre). It runs over TCP Port 48049 and is
specified in 3GPP TS 48.049.
Change-Id: I183e4741e2db5b9cc4dfe2b89f7920a32af67971
Reviewed-on: https://code.wireshark.org/review/29745
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Every SysEx Manufacturer can decide its own SysEx message format.
As there are quite a lot of registered SysEx Manufacturers, it is best
to not mix all the Manufacturer specific commands in one file.
During the extraction following have been changed:
* sysex.digitech prefix changed to sysex_digitech
* sysex.device_id changed to sysex_digitech.device_id as the MIDI
System Exclusive specification doesn't specify anything except the
(Extended) Manufacturer ID
* sysex.digitech.device_id renamed to sysex_digitech.received_device_id
as this field is part of the Who Am I command response
* Remove the PROTO_CHECKSUM_ZERO flag - the actual checksum is simply
XOR of all bytes. Prior this change the actual checksum byte was
XORed together with the checksummed data.
Change-Id: I225149f16a83b7629ce4bf9f6ca81c1d93dd856a
Reviewed-on: https://code.wireshark.org/review/33070
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs
Harald Welte