Add IPv6 handling to text_import, including the ability to
handle dummy IPv6 addresses instead of IPv4. GUI support is
still TBD. This further reduces the number of text2pcap features
that ui/text_import does not yet support. Related to #16724.
Add dummy IPv4 addresses to the text_import_info_t struct, and
use them if set in the same way text2pcap does. GUI support in
"Import from Hex Dump" is not added yet. This is also part of the
work for text2pcap to eventually call text_import. Related to #16724.
Since we're using wtap_dump_open[_stdout] from file_access.c now,
we don't need to include io.h or fcntl.h on Windows anymore, and
we don't need to include pcapio either.
Fixes a bunch of package warnings, and teaches the Debian package to
respect make install rules, and even more importantly to respect header
visibility rules, as defined by the build system. This prevents
private headers to be installed to the target system.
Remove the broken by design system that requires developers to
constantly fix headers by hand. Again the source of truth for which
headers are system headers is the build system, and that's what
any package must use, without requiring constant syncing of
installation rules in CMake and Debian.
The encapsulation type that text_import expects and puts
directly into rec.rec_header.packet_header.pkt_encap is a
wiretap encap type, not a pcap link type. Fix the name and
comment appropriately.
Use wtap_dump instead of the pcapio functions for writing files.
This makes it easier to unify with text_import, and also makes it
easier to eventually write other file formats (with a similar option
to the other CLI programs), and allows using the standard CLI error
messages.
Also move some of the option validation before attempting to open
the output file.
On Windows the POSIX read() and write() don't use the C99/POSIX
types size_t and ssize_t so we must do the same to avoid
gymnastics to squelch narrowing warnings.
This adds two types for that purpose that have the correct
definition for both Windows and POSIX.
The Enhanced Trading Interface (ETI) protocol and the Enhanced
Order Book Interface (EOBI) protocol are used by a few European
exchanges such as Eurex, Xetra and Börse Frankfurt.
Basically, a trader uses ETI to communicate with a matching
engine (over TCP), e.g. to add a new order, modify an existing
one, etc. while the matching engine also publicizes the current
state of the order book via EOBI over multicast UDP feeds.
ETI actually consists of two variants, i.e. ETI for derivatives
markets (such as Eurex) and ETI for cash markets (such as Xetra).
A common convention is to abbreviate them as ETI (for
derivatives) and XTI (for cash).
These protocols share the same encoding, i.e. messages start with
a length and a tag field and most messages and fields are fixed
size. See also
https://github.com/gsauthof/python-eti#protocol-introduction for
some more details.
The protocol specifications are openly available (cf.
https://github.com/gsauthof/python-eti#protocol-descriptions for
direct links) in human and machine-readable (XML) formats.
The Wireshark ETI/XTI/EOBI dissectors are code-generated by
`eti2wireshark.py`
(https://github.com/gsauthof/python-eti/blob/master/eti2wireshark.py)
which is GPL licensed. See also
https://github.com/gsauthof/python-eti#wireshark-protocol-dissectors
for usage examples and related work.
Currently used to define ssize_t on platforms that lack it.
Fix some Windows build errors caused by moving the definition into a
separate header.
Fix some narrowing warnings on Windows x64 from changing the definition
of ssize_t from long int to int64_t.
The casts in dumpcap are ugly but necessary. The whole code needs
to be rewritten for portability, or the warnings disabled.
Split ws_regex_matches() into two functions with better semantics
and remove the WS_REGEX_ZERO_TERMINATED symbol.
ws_regex_matches() matches zero terminated strings.
ws_regex_matches_length() matches a string length in code units.
epan/dissectors/packet-cisco-marker.c (13 (of 13) fields)
cisco_erspan_marker.prop_header doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.header doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.version doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.type doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.ssid doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.granularity doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.utc_offset doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.timestamp doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.utc_sec doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.utc_usec doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.sequence_number doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.reserved doesn't match PROTOABBREV of cisco-marker
cisco_erspan_marker.tail doesn't match PROTOABBREV of cisco-marker
Replace:
g_snprintf() -> snprintf()
g_vsnprintf() -> vsnprintf()
g_strdup_printf() -> ws_strdup_printf()
g_strdup_vprintf() -> ws_strdup_vprintf()
This is more portable, user-friendly and faster on platforms
where GLib does not like the native I/O.
Adjust the format string to use macros from intypes.h.
Correctly handle when a minimum packet length forces fragmentation of
SCTP and we are generating dummy SCTP DATA chunk headers: mark fragmentation
in the chunk flags and set the transmission sequence number and
stream sequence number appropriately.
Port from text2pcap commit f8d48662c8
Part of #16724.
After switching to Visual Studio's CMake the Windows MR builds started
failing with
C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\MSBuild\Microsoft\VC\v160\Microsoft.CppCommon.targets(241,5): error MSB8066: Custom build for 'C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_de.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_en.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_es.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_fr.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_it.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_ja_JP.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_pl.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_ru.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_sv.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_tr_TR.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_uk.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\7345cb0fc1b52560d4d2bd48e83ff433\wireshark_zh_CN.qm.rule;C:\builds\wireshark\wireshark\build\CMakeFiles\9829b32238fa3bcc807b02099e4c1642\qtui_autogen.rule' exited with code -1073741819. [C:\builds\wireshark\wireshark\build\ui\qt\qtui_autogen.vcxproj]
This appears to be caused by
https://gitlab.kitware.com/cmake/cmake/-/issues/22014 which should be
fixed in recent versions of the official CMake distribution.
Wmem is an alternative to GLib data structures so it should
have the same scope and be equally as convenient to use.
Wmem does not and cannot depend on anything else other than
GLib.
Add some C99 stdio.h numbers to compare with GLib on platforms
(such as Windows) where they use different implementations.
Add a wmem string test with NULL allocator, to compare wmem and GLib
performance with roughly the same memory allocation.
Use the block allocator as being more representative of normal
wmem performance, instead of using strict, that is normally
used for wmem debugging.
These are not pass/fail tests, so the automation cannot
validate them. They just slow down the CI builds. To
enable pass -m perf.
I think the --verbose comment is wrong, I did not detect
any difference in output with or without --verbose.