The styling of the color selection buttons in the color preferences is
such that it's impossible to tell if they're disabled or enabled. Hide
and show them instead as needed.
Rename combo box items based on feedback here at SharkFest.
Bug: 15775
Change-Id: I22b384aca56fee73957f5842349efae218b2dd09
Reviewed-on: https://code.wireshark.org/review/33566
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
By holding down the Metamodifier (Ctrl on Mac) you get a contextmenu upon
dropping, from which you can decide if you want to add/or/and not/or not
the filter to the bar.
Bug: 15801
Change-Id: I78b3b265311ee53c7f53698c0e58186eb1afb57f
Reviewed-on: https://code.wireshark.org/review/33560
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
This reverts commit 13c5960a2c.
Based on the features that needs integration of "multi-selection" (which this change introduced), it seems that there will be fair amount time and code changes required in packet_list.cpp and possibly other files.
I am reverting this change from the master branch so that people can still continue to use features with single-selection.
Meanwhile, Stig B and others ready to test can import this change to verify which features are missing integration and/or integrated correctly. Once the feature set integration is complete and there is fair amount of approval from all of you, the core committers can decide on it.
Change-Id: I106fd3c54350dd0fd85fc44743e7f5321cb04110
Reviewed-on: https://code.wireshark.org/review/33454
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For all platforms that is supported by Qt framework...
- Select copy/<options> from context menu and it will copy selected lines.
Note: This change implements part 1 of another change, # 33007.
And has been tested on Windows 10 only.
Change-Id: Iba2668d7c411aa33de77003fe116e63e6f650b3d
Reviewed-on: https://code.wireshark.org/review/33074
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dynamic cast may yield NULL pointer, hence must be checked before
dereferencing it. Easy enough in a conditional.
CID 1435488
Change-Id: I8359ab5865795f1b1bea6980b023ff636d6719a6
Reviewed-on: https://code.wireshark.org/review/33316
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The _open_osfhandle() does take ownership of the handle and thus the
underlying handle gets closed at the same time as the file-descriptor.
As we want to preserve the underlying pipe handle, create a duplicate
handle and use the duplicate handle with _open_osfhandle().
Change-Id: Iaa52fbae8e72b1ba74ab8ea9a44def8dc2ab4570
Reviewed-on: https://code.wireshark.org/review/33251
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Found by clang with -Wextra-semi
Change-Id: I259f168759caab239c0e67526afbfa62c032b8b6
Reviewed-on: https://code.wireshark.org/review/33283
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Filter repeated messages. Once a message box is closed, if there were
any duplicates, log warning message with the number of duplicates that
were supressed.
Ping-Bug: 4811
Change-Id: I0ce09d39a640a425f3288e0ab9d3f4ba7bf44bfa
Reviewed-on: https://code.wireshark.org/review/33241
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When extcap fails before connecting to pipes, ws_write() in
InterfaceToolbar::controlSend() fails and error message is displayed to
the user.
Before this change, the message box would block until the user closes
the message. As the controlSend() was called inside "capture prepared"
context the remaining capture preparation code would wait for the user
action. However, the pipeTimeout() would get called before user confirms
the message as Qt would be processing all events in the main event
queue. This led to "capture failed" executing before "capture prepared"
finished. Such interruption caused multiple issues including freeing
buffer that was not yet allocated.
Bug: 15743
Change-Id: I6bc2734126292cdc5b560418069caf98747be68e
Reviewed-on: https://code.wireshark.org/review/33208
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In handling the capture preferences frame, the preference to not load
interfaces on startup is handled incorrectly. Instead of using the
preference value itself, the validity of the pointer to the preference is
used. This leads to some confusing logic.
Replacing this code with proper preference retrieval.
This was introduced with commit 7a07832712
CID 1439697
Change-Id: I9bf3df413d89f8df55553a7218f34d425eb103de
Reviewed-on: https://code.wireshark.org/review/33187
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Prior to this change the extcap option dialog destructor was called only
when the main Wireshark window closed.
Besides that, fix the NULL pointer dereference that would happen if
device name was not a valid extcap device.
Change-Id: I84334e3a83c66557d961771f74c39447d30a6875
Reviewed-on: https://code.wireshark.org/review/33197
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The default chk callbacks for individual fields only catches basic
errors such as invalid, too large numbers. Many dissectors perform
additional validation in the update_cb which is invoked for a record as
a whole. If this check fails, then the UAT must not be marked as valid
or else invalid records (like NULL pointers) could be exposed.
Thanks to Uli Heilmeier for noticing this.
Bug: 15709
Change-Id: I1cc4c6925322011a561ad6df840fbac67796e5b2
Fixes: v2.3.0rc0-1002-g1cd22559a8 ("Qt: convert UatDialog to model/view pattern, improve UX")
Reviewed-on: https://code.wireshark.org/review/33157
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Uli Heilmeier <openid@heilmeier.eu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ManageInterfacesDialog local view model hierarchy is as follows:
* InterfaceSortFilterModel
* InterfaceTreeCacheModel
* InterfaceTreeModel
Each model should return model indexes associated with itself.
The InterfaceTreeCacheModel::index() broke the data flow by returning
model index associated with InterfaceTreeModel. This lead to
InterfaceSortFilterModel to pass model index associated with
InterfaceTreeModel to a InterfaceTreeCacheModel instance.
This resulted in asserts in debug builds.
Fix the problem by returning model index associated with the
InterfaceTreeCacheModel.
Bug: 13744
Change-Id: I03a08dbda0bf7cce8f6832e1f34c1a75b8d3cfab
Reviewed-on: https://code.wireshark.org/review/33014
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ic5a3653cb8bcc33e0be108c8b201567e7090f9f5
Reviewed-on: https://code.wireshark.org/review/33043
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I5326b87784817fb353329e2d686fe0515c32f6cb
Reviewed-on: https://code.wireshark.org/review/33038
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I8443379d23a2946dd21c12e5e0bd5464ab73ca25
Reviewed-on: https://code.wireshark.org/review/31857
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Those routines exist on both Windows and UN*X, but they don't do
anything on UN*X (they could if it were ever necessary).
That eliminates some #ifdefs, and also means that the gory details of
initializing Winsock, including the Winsock version being requested,
are buried in one routine.
The initialization routine returns NULL on success and a pointer to a
g_malloc()ated error message on failure; report the error to the user,
along with a "report this to the Wireshark developers" suggestion.
That means including wsutil/socket.h, which obviates the need to include
some headers for socket APIs, as it includes them for you.
Change-Id: I9327bbf25effbb441e4217edc5354a4d5ab07186
Reviewed-on: https://code.wireshark.org/review/33045
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It was a bad idea to bring back the border around inactive+selected packet
list items in g009283a6 because it will move the text some pixels down.
Revert this part because we now have support for customize the colors.
Remove the old "style_inactive_selected" handling because it has no effect.
Change-Id: I7599591a957a11d42964f7dc0981411cf3b28b4f
Reviewed-on: https://code.wireshark.org/review/32964
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Make sure we link each application that calls WSAStartup with ws2_32.lib.
Pass version 2.2 to WSAStartup. Wikipedia says it was introduced in 1996,
so we should be OK.
Ping-Bug: 15711
Change-Id: I431839e930e7c646669af7373789640b5180ec28
Reviewed-on: https://code.wireshark.org/review/33033
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
When a stream index is explicitly given (as is done for items from the
Conversations statistics dialog), it does not have to query the stream
index from the packet list. Skip checking the packet list then.
Bug: 15672
Change-Id: I3f79e6a0997726535c38f9766b894b042ffbf916
Reviewed-on: https://code.wireshark.org/review/32972
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When extcap is started for capture, the argument call is appended to extcap
commandline if the associated value is not empty or the argument is boolflag.
Unfortunately such rule did not apply when constructing the arguments list
for selector reload action. This could lead to extcap being called with
the argument calls without required values (eg. multicheck, selector, string).
This change makes the --extcap-reload-option selector to not contain argument
calls for which the value is not available.
Bug: 15725
Change-Id: Ic2456c03b3eb7c7525d19e64ea02afd99ed5f6cb
Reviewed-on: https://code.wireshark.org/review/32967
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This makes it possible to set the console.log.level from the Advanced
preferences window.
Change-Id: I5c5551f089a935eef77f54fdcad0ba060f14edfd
Reviewed-on: https://code.wireshark.org/review/32930
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Deadlock happened if extcap was writing to control pipe before it sent
the pcap data and the pipe buffer was not able to hold all the data.
The solution is to start reading data from extcap control pipe in
capture prepare.
This bug was introduced in 018f6bff18
which was reviewed on https://code.wireshark.org/review/23211
Unfortunately neither the commit message nor the review contains any
explaination why it delays the extcap control pipe opening.
Bug: 15261
Change-Id: I10d006128f6eb7d63f751d230edbd905eb46416b
Reviewed-on: https://code.wireshark.org/review/32898
Reviewed-by: Anders Broman <a.broman58@gmail.com>
During introduction of proper direction support this line was left over,
causing TCP dest port to remain independant of direction. This change
simply drops the line.
See CID 1444115
Change-Id: I4ff362925e422bc57cfa3842127ddaf8695cf303
Reviewed-on: https://code.wireshark.org/review/32902
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Before this change extcap parameters without value would be silently
changed into a single space on parameters load.
This could lead to not only passing unexpected values to extcap call
arguments but also "auto-fill" text values without user consent.
Example scenario to observe this problem using extcap_example.py was:
1. Open "Example interface 1 for extcap" configuration
2. Click Restore Defaults
3. Enter message, so the capture can be started
4. Make sure "Save parameter on capture start" is enabled
5. Start capture
6. Notice that capture starts normally and extcap arguments are ok
7. Stop capture
8. Start capture again
9. Notice that parameters were reloaded and the extcap was called with
following unwanted arguments:
--logfile " " --radio " " --multi " "
Bug: 15065
Change-Id: I9cd87d9cc8c7e4f8893a066e9f10aa760b52bb97
Reviewed-on: https://code.wireshark.org/review/32887
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The deprecated-gtk and deprecated-gtk-todo API groups were removed last
year in g7853d0e354.
Change-Id: I9b299d54da043bbda91d639ec7c94a58f459149f
Reviewed-on: https://code.wireshark.org/review/32865
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Have cf_read_current_record() take a capture_file as an argument and
read, into its wtap_rec and Buffer for the currently-selected frame,
information for the currently-selected frame.
Rename cf_read_record_r() to cf_read_record().
That gives us 1) a routine that reads the currently-selected frame into
the wtap_rec and Buffer for the currently-selected frame and 2) a
routine that reads an arbitrary frame into the wtap_rec and Buffer
supplied to it. If you *want* the currently-selected record, use the
former, otherwise use the latter.
Change-Id: If6bd5915dd5bc18334d7b89859822a19234153a4
Reviewed-on: https://code.wireshark.org/review/32858
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For extcap boolean flags inserted into arguments hash table, the key should
be the "call" option and value should be NULL.
extcap_add_arg_and_remove_cb() takes care of NULL values by simply
omitting them from generated argument list.
ws_pipe_spawn_async() appends arguments until either:
* argument string is NULL
* argument string points directly to NULL terminator (empty string)
This bug resulted in extcap arguments being "cut off" after the first
"boolflag" present in the commandline arugments. Because arugments hash
table is unordered the actual commandline passed to extcap depended on
the order in which options were changed in extcap configuration dialog.
Bug: 15586
Change-Id: I00f136d3b627064cbfb539b3429aa5e4aef319e1
Reviewed-on: https://code.wireshark.org/review/32848
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We may or may not be working on the currently-selected packet, so
there's no reason to use read into the capture_file's wtap_rec and
Buffer for the currently-selected packet. We already have a wtap_rec of
our own, and we currently have a pointer to a raw packet data array that
we can replace with a Buffer of our own; just read into them.
Use wtap_rec_init() on the wtap_rec, rather than using its implicit
constructor - there's no guarantee that the initial values of the
structure members, as defined by C (and C++), are what we want.
Use wtap_rec_cleanup() in the destructor; it might do more than the
implied destructor (which does nothing). wtap_rec and Buffer are C
structures, so they don't get C++ constructors and destructors - we have
to use the C ones, which are explicit functions. I think there are
memory leaks that this fixes (packet comments and Buffer for the options
data, leaked when a PacketDialog window is closed).
Change-Id: Ica1d937fd00e4d2f5e4e2275bcd8edddb7a7921b
Reviewed-on: https://code.wireshark.org/review/32832
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Multicheck was introduced to make it easy to configure USBPcap to
capture only from selected devices instead of the whole Root Hub.
In GTK+ interface the multicheck enabled options featured a checkbox
next to the item entry. Displaying the checkboxes made it intuitive to
the user that the items can be checked/unchecked.
During the GTK+ to Qt transition, the checkbox idea got lost. The GTK+
interface up to its very last days did show the checkboxes.
While it is possible to select the individual devices in Qt UI and
actually have USBPcap to capture only on selected devices, it is really
unintuitive and the user simply has to know how the multicheck is
implemented to take advantage of it.
This change brings the multicheck checkboxes to Qt UI.
Ping-Bug: 13355
Change-Id: Ia677ff2222c46b9816b8dca4c47e93c72cee834f
Reviewed-on: https://code.wireshark.org/review/32813
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
path() incorrectly gives paths as /C:/Program Files/Wireshark/udpdump.html
under windows. The leading slash gives a wrong test on the file. Instead
toLocalFile() handles it correctly. isLocalFile() has been used to get if
we have a local file or a network URL. The reported bug occurred under Windows
only, but the change is compatible with Linux paths as well.
Accidentally when the test on the file was successful, nothing got called.
The routine has been reworked to open an existing local file.
Bug: 15592
Change-Id: Id6e3a91dfb4c9d20ae8cb0735eabab64caeff47f
Reviewed-on: https://code.wireshark.org/review/32772
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
That way we aren't allocating memory, reading packets from a batch, and
freeing the memory for each batch of packets delivered by dumpcap; we do
the allocation when the capture starts and the freeing when it finishes.
Change-Id: If012ab865f3a99d869535ad10827ad8680c1b10c
Reviewed-on: https://code.wireshark.org/review/32766
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That way we don't do initialization, possible expansion of the buffer
from its initial size, and cleanup for every packet.
Change-Id: If967bd8f0cc65631b8b128b2c048d32ba54c8033
Reviewed-on: https://code.wireshark.org/review/32774
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Move it to the capture_session structure from the info_data_t structure,
and pass it as an argument to capture_info_new_packets().
Change-Id: I822392bbf48eeb27ba9e17b73775d2fc4349bc17
Reviewed-on: https://code.wireshark.org/review/32765
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Ethernet packets without the CRC are 1514 bytes long, not 1500 bytes
long; using 1514 bytes will avoid a reallocation for a full-sized
Ethernet packet.
Change-Id: Ie8da3f13bf3df07e23e4478b7dcf84f06dec6a9d
Reviewed-on: https://code.wireshark.org/review/32761
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit 9445403f95.
cf_select_packet frees the buffer backing the dissection result
(cf->edt) which results in use-after-frees when callers try to access
the contents. See for example this call trace:
* PacketList::selectionChanged
* cf_select_packet(cap_file_, row)
* frameSelected(row) -> ByteViewTab::selectedFrameChanged
* addTab(source_name, get_data_source_tvb(source))
get_data_source_tvb returns the buffer that backs the dissection and
must remain valid even after dissection has completed. If this is not
done, then a possibly expensive redissection must be done in order to
populate the byte view. The temporary memory savings are not worth it.
Bug: 15683
Change-Id: Ia5ec2c7736cdebbac3c5bf46a4e2470c9236262d
Reviewed-on: https://code.wireshark.org/review/32758
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most code that reads from a capture_file already has its own wtap_rec
and Buffer; change the remaining ones to do so as well.
Change-Id: I9b7c136642bbb375848c37ebe23c9cdeffe830c3
Reviewed-on: https://code.wireshark.org/review/32732
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That makes it - and the routines that implement it - work more like the
seek-read routine.
Change-Id: I0cace2d0e4c9ebfc21ac98fd1af1ec70f60a240d
Reviewed-on: https://code.wireshark.org/review/32727
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Highlight the row in packet list and proto tree when mouse hovers
above the row. This mimics the behaviour on Windows.
Change-Id: I28461f9d7740269bad39893597232fe775f77a86
Reviewed-on: https://code.wireshark.org/review/32619
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The border around inactive+selected packet list items from aaba30a3
was removed in 00776f83 and 53dfec9b. Add this back again.
Use solid color in flat_style_format, no need for a gradient between
the same color.
Remove the empty default_style_format, it does not add anything.
Ping-Bug: 12010
Change-Id: I97df7147b196c73e9f6ec4b9c370ddb6bd54488a
Reviewed-on: https://code.wireshark.org/review/32676
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Giving the pathname of a temporary file that will be deleted once TShark
exits isn't useful; just refer to "the temporary capture file".
Change-Id: I7333ac3cef4e4ae1076a5b0e3c46a04e0328d505
Reviewed-on: https://code.wireshark.org/review/32645
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes it match the "Plugins" tab of the "About" dialog.
While we're at it, use the same code to enumerate extcap plugins in that
dialog.
Change-Id: I50f402a7ab5d83d46baab070d145558ed8f688f4
Reviewed-on: https://code.wireshark.org/review/32589
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Set the foreground color of an expert info item only when we set its
background color, otherwise we show black text on a dark background.
Remove an unneeded include while we're here.
Change-Id: Ibb835d26d7aa18bfb406b7820b321dc372aed599
Ping-Bug: 15511
Reviewed-on: https://code.wireshark.org/review/32534
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Inspired by looking into
https://ask.wireshark.org/question/8009/wireshark-ring-buffer-settings-from-command-line/
... in which the user was confused because a duration set on the command
line was not reflected in the GUI. That's because
I0180c43843f5d2f0c2f50153c9ce42ac7fa5aeae added the `interval` ring-buffer
option and made the GUI use this rather than `duration`. This was not at all
clear in the GUI, though.
Since `duration` and `interval` have quite different use cases, expose both in
the GUI.
Try to clean up and unify the tooltips at the same time. I'm not entirely
convinced the tooltips need to be on the checkbox, the spinbox, and the
combobox but leave it that way for now.
Add some to the man page description of the interval option to hopefully make
it clearer what the option does.
Change-Id: I3b45fe71c33af64d980dffb5e5ba93e2a15a6b96
Reviewed-on: https://code.wireshark.org/review/32526
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is a collection of routines, not a program.
Change-Id: I76296576443602b7ea016c5311e66a52a73ee941
Reviewed-on: https://code.wireshark.org/review/32491
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead, add a new T_EOF token type, call parse_token() with it when we
get an EOF, and, in parse_token(), write the current packet if we get a
T_EOF token.
That's a bit simpler, and would let us treat EOFs in different places
differently, if, for example, we want to report warnings for
half-finished packets.
Change-Id: Ie41a8a1dedf91c34300468e073f18bf806e01892
Reviewed-on: https://code.wireshark.org/review/32489
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Write out the last packet after text_import_scan() returns, if it
returned successfully, the same way that it's done in text2pcap. This
means we can get rid of the EOF rule in the lexer - the lexer just
finishes and returns 0 to text_import_scan(), which then returns a
success indication to text_import() - and make write_current_packet()
static.
Change-Id: Ibafdbe01da6bb33a213a32847f1981bc943290a1
Reviewed-on: https://code.wireshark.org/review/32486
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
capture_input_drops() doesn't, and shouldn't, modify or free or... the
interface name, so make the pointer to it a const pointer.
Change-Id: Iafc5c5dd9939225b3aeb8a8e36c5bdeecc394e12
Reviewed-on: https://code.wireshark.org/review/32465
Reviewed-by: Guy Harris <guy@alum.mit.edu>
capture_input_cfilter_error_message() doesn't, and shouldn't, modify or
free or... the error message, so make the pointer to it a const pointer.
Change-Id: Ic14ac306add328df369af4b6e149c856f4283912
Reviewed-on: https://code.wireshark.org/review/32464
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The result of sctp_stat_get_info() is only used in fillTable, so there's
no need to save it.
Make it a const pointer, to squelch warnings.
Change-Id: Icb6fd7e2f5c3c5c53f7d33509d100a0947e69369
Reviewed-on: https://code.wireshark.org/review/32460
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We don't modify expert_info_t's used when constructing an
ExpertPacketItem or when they're passed to the tap routine.
Change-Id: I9e6a1545ce2340091eb7c5f6a8ef5a1da675b3ab
Reviewed-on: https://code.wireshark.org/review/32456
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make sure that we always print log messages on Windows. External programs
or scripts (including our test suite) might need to see log messages
independent of our console settings.
Make sure that we always use our log handler and that its stdout /
stderr routing matches GLib's. Flush our log output, which is something
that GLib's default handler sometimes doesn't do:
https://bugzilla.gnome.org/show_bug.cgi?id=792432
Bug: 15605
Change-Id: I4b17f2cb9269b2c87c21835d82770dae93bbfa20
Reviewed-on: https://code.wireshark.org/review/32412
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If we have direction indications, flip the source and destination for
outgoing packets.
Also, generate sequence numbers for TCP.
Code lifted from text2pcap.
Bug: 15561
Change-Id: I869c45e88bf635f3277dbeeb08aff88dbfc8edef
Reviewed-on: https://code.wireshark.org/review/32383
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
1) They're both required, for both strftime() and strptime(), by the
Single UNIX Specification.
2) They're both supported by MSVC's strftime(), at least as of VS 2015.
3) With MSVC, we use our own strptime(), which is based on the GNU libc
one and which supports both of them.
So we don't have to worry about them not working and either giving a
bogus value or throwing an exception or anything such as that.
Bug: 15565
Change-Id: I72b7798f35c4461855298cfcfa84732c1297d5fe
Reviewed-on: https://code.wireshark.org/review/32370
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The wireless toolbar retrieves the full list of network interfaces
every 1.5 seconds to keep its list of interfaces updated. This
not only adds unnecessary load on the system it also generates
plenty of netlink traffic. When capturing packets on nlmon
interfaces they are flooded with packets generated by Wireshark
itself making it hard to understand the traffic that's really present
on the system.
Remove the periodic interface update and instead listen to network
interface change events and update only when something has changed.
The wireless toolbar need to know all when wireless interfaces are
added/removed, not only whether an interface is 'up' or not so
iface_monitor changes were also necessary.
Bug: 15576
Change-Id: I8fb19fd919dfef1b6b35bf48790b105ecd2b60a8
Reviewed-on: https://code.wireshark.org/review/32350
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
tcp.stream and udp.stream are already unsigned identifiers. An upcoming
http2.hashed_stream identifier can exercise the full unsigned 32-bit
number space, so be sure not to treat the stream identifier as signed
integer.
Change-Id: Ic5d398b2bda7eba7555e385ef3fcd44b490f78c9
Reviewed-on: https://code.wireshark.org/review/32287
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
When copying from another profile which has been renamed:
show the new profile name in the info label "Created from".
When copying from another profile which is later deleted:
append "(deleted)" to the info label to indicate that the origin
profile is not in the list.
Do not show "Renamed from" when a profile name if renamed back to
it's original name.
Change-Id: I0bf0c868c5dfd150a23b2ef887e7c70030b48d05
Reviewed-on: https://code.wireshark.org/review/32201
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Throw away the old temporary filename when restart capture to create
a new temporary file. This was omitted from the previous restart
capture fix.
Change-Id: I39396d26563ec3d424161f81667864440a13e6d2
Reviewed-on: https://code.wireshark.org/review/32184
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add ColorUtils::themeIsDark and use it to report our dark / light mode
in the "About" dialog. Summarize the HiDPI capability of our displays as
well.
Change-Id: I242af1eb48017d49b90e71099bb753e67a8dd32b
Reviewed-on: https://code.wireshark.org/review/32115
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reapply the column width and alignment when editing the fields
in a custom column.
Bug: 14177
Change-Id: I581ea67505f9181c1e5133c9950f59ed0780b0ba
Reviewed-on: https://code.wireshark.org/review/32121
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Set capture_opts->restart before restart current capture.
Update the restart handling in capture_input_closed() to not remove
the current save file; this is either the last file in a ring buffer
or a temporary file which will be reused later. Also remove the code
which starts the capture again because this is now done in
MainWindow::on_actionCaptureRestart_triggered().
Keep the code to restore the original save file when having a ring
buffer. This will avoid the error message "Ring buffer requested,
but capture isn't being saved to a permanent file" and a following
unwanted capture stop.
This fix will also avoid the "No packets captured" warning when
restart capture without having any packets captured.
Remove the unused capture_restart() function which was used in GTK.
Change-Id: I80802217b71810eaa36b78a2eb4c32697ddc92ce
Reviewed-on: https://code.wireshark.org/review/32110
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make it possible to remove the "Capture to a permanent file" setting
in Capture Interfaces Output dialog by turning off saving_to_file in
updateInterfaces().
Also make sure to free the old values for save_file and orig_save_file
to avoid memory leaks.
Set orig_save_file to the same as save_file from the '-w' option to
fill in the current "Capture to a permanent file" value correctly.
Change-Id: I1f4df8cfa279f934eff028f32838b9734b627af1
Reviewed-on: https://code.wireshark.org/review/32111
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Convert our self-generating FAQ to Asciidoctor via the following steps:
- `help/faq.py > /tmp/faq.html`.
- `pandoc -t asciidoc -o docbook/faq.adoc /tmp/faq.html`.
- Manually clean up the markup using a text editor.
Question and answer content was left intact. Removing or updating
obsolete content will have to be done in a separate change.
The Asciidoctor project uses the .adoc extension, so start using it here
as well.
The contents of the "help" directory appear to have been used for
offline support in help_url.c, but that functionality was removed in
2008 in 242e3b78bc. Its content is covered in the User's Guide and man
pages so remove it.
Change-Id: I9060eefe97cfc137f8b414077c30f814379b576a
Reviewed-on: https://code.wireshark.org/review/32014
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>