Change-Id: I30f1b92ee438361c3bd58743f7d1ae8d5ffc96f0
Reviewed-on: https://code.wireshark.org/review/15718
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The spec puts the reserved value at 0xf but our internal table has 'unknown' at
0; since all the other values seem to be offset-by-one, just take the modulus
0xf to avoid running off the end of the table.
Bug: 12191
Change-Id: I83c8fb66797bbdee52a2246fb1eea6e37cbc7eb0
Reviewed-on: https://code.wireshark.org/review/15722
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
fixing problems in qt ui code comming from the fact that qreal type is float on
ARM platform and double on other platforms, which causes build errors on ARM
(not all casts are probably strictly necessary)
Bug: 12483
Change-Id: Ife5e6d3649a7ee1ad4e7eadffe9f4484ff2718de
Reviewed-on: https://code.wireshark.org/review/15723
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I897099bf9f6ee38d0ec9a7a5e9fb3bba43b5fe0f
Reviewed-on: https://code.wireshark.org/review/15704
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Adam Goldman <adam.goldman@intel.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It has nothing to do with controlling privileges; it only tests whether
the NPF or Npcap service (driver) is running, so it belongs in caputils.
While we're at it, fix its signature (in C, a function with no arguments
must have "void" as the argument list, for backwards compatibility with
pre-function-prototype C), and close the handles it opens, so we don't
have open handles leaked.
Change-Id: Ia99e99d81617ed2e8cda2c44e53061b4502a2b58
Reviewed-on: https://code.wireshark.org/review/15714
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
1) Start Npcap service for capturing packets on
Windows if WinPcap service is unavailable.
2) Search Npcap DLLs (wpcap.dll, Packet.dll) also in
"system32\Npcap" folder after "system32" is searched.
Change-Id: I6810382db431a4e7fe309edd08757db60d8ade38
Reviewed-on: https://code.wireshark.org/review/15707
Reviewed-by: Yang Luo <hsluoyz@gmail.com>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add Follow, Firewall, and Flow updates.
Sort and group the new protocol list.
Remove some fixed bugs.
Change-Id: I76f92f746d0f695567cc411cd6c6cd8d59d923c4
Reviewed-on: https://code.wireshark.org/review/15712
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add an option to display the "follow" data as UTF-16.
Bug: 237
Change-Id: Id95ffc014b8ef718f3b6e9f3415806ada309c3a2
Reviewed-on: https://code.wireshark.org/review/15702
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Ping-bug: 12490
Change-Id: I27ce4a0b870d81bfdea188f00ff8101897ad969d
Reviewed-on: https://code.wireshark.org/review/15710
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Showing 'if (tree)' constructions in code samples and then having to
explain these are no longer nessasery, or even wrong in many cases,
indicates that these shouldn't be in the code samples in the first
place.
Change-Id: I1a0ccc84ad24ff998548fa913bc00c0336bf1123
Reviewed-on: https://code.wireshark.org/review/15659
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It should loop on captured data, not reported one
While we are at it, let's call tvb_format_text_wsp() only once
Change-Id: If6805a91d8e5dcf641e682b453522d88cbc2df6c
Reviewed-on: https://code.wireshark.org/review/15699
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Also update faq to include new temporary file format.
Change-Id: Ie6c318bb359974b89ff3e268155315c22ba7c4e4
Reviewed-on: https://code.wireshark.org/review/15685
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We keep the preference only for the single check that could be somewhat costly.
Change-Id: If43a6965a0cf50e0e1864cf1900e529c773b5710
Reviewed-on: https://code.wireshark.org/review/15695
Reviewed-by: João Valverde <j@v6e.pt>
Add the Firewall ACL Rules dialog. Try showing all valid rules for a
given product instead of making the user select from a combobox. We can
add the combo back easily enough if that's desired.
Add a rule hint field and use it in the Qt and GTK+ UIs.
Bug: 12469
Change-Id: I39dd840e9838f96d7c5e2b4c34662811c21d0386
Reviewed-on: https://code.wireshark.org/review/15689
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Switch from enabled/disabled comboboxes to checkboxes. This requires
less clicking on the user's part and less translating.
Draw em dashes instead of "n/a" for non-applicable items, and use
the disabled palette when drawing them.
Change-Id: Ic97b6d44734b679bbeee00e9c2a322e7b8a67247
Reviewed-on: https://code.wireshark.org/review/15661
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: Ifacf00247f457d710e16044b6805c2f41dacddc1
Reviewed-on: https://code.wireshark.org/review/15686
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This doesn't try to use any data from multiple Name Resolution blocks, it
just converts single Name Resolution block usage into a GArray, so the
potential is there to then use/support multiple Name Resolution blocks
within a file format (like pcapng)
Change-Id: Ib0b584af0bd263f183bd6d31ba18275ab0577d0c
Reviewed-on: https://code.wireshark.org/review/15684
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia07cb14995c3f06d8a32330209bb17fde344350a
Reviewed-on: https://code.wireshark.org/review/15688
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
DisplayFilterEdit deals with entire filters and some edit boxes just need a
single protocol field. This control will do the trick.
Bug: 12321
Change-Id: I8e5837ea9a6955ada29b7e516ea022ab1dd46f0d
Reviewed-on: https://code.wireshark.org/review/15595
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Not all packet have a color filter, so check for this before use.
Bug: 12065
Change-Id: Ieed8d369342bde50fe8a1562be9379695da9fbaa
Reviewed-on: https://code.wireshark.org/review/15677
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This fixes a compile error with Qt version 4.8.5-8 as installed in RHEL 7.0:
sequence_dialog.cpp: In member function 'void SequenceDialog::mouseMoved(QMouseEvent*)':
sequence_dialog.cpp:306:35: error: 'escape' is not a member of 'Qt'
QString raw_comment = Qt::escape(sai->comment);
^
Change-Id: Ibbf62123441645471d66aa329f0d63d0ee198017
Reviewed-on: https://code.wireshark.org/review/15682
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
This doesn't try to use any data from multiple Section Header blocks, it
just converts single Section Header block usage into a GArray, so the
potential is there to then use/support multiple Section Header blocks
within a file format (like pcapng)
Change-Id: I6ad1f7b8daf4b1ad7ba0eb1ecf2e170421505486
Reviewed-on: https://code.wireshark.org/review/15636
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
+ TLV 15 has value decoded as on off
+ TLV 16 shows text parameters instead of decimal value
Change-Id: I6f0baa410f12e20825379a3ff0cd6174aa2bc576
Reviewed-on: https://code.wireshark.org/review/15678
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix a bitmask for Stack compiliance revision.
Add Network manager field.
Bug: 12488
Change-Id: I0a0908f288997686b76899ee80d51c590599a32e
Reviewed-on: https://code.wireshark.org/review/15681
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I3dbb2a4f8f7ea125e4f96e302ea33ff03706eb1b
Reviewed-on: https://code.wireshark.org/review/15674
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
While we are at it, let's display other containers in hexadecimal instead of decimal
Change-Id: I6ac6dd2a64271cbc2958860550da9024445bfe19
Reviewed-on: https://code.wireshark.org/review/15675
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This bug was introduced in g162edec9.
Change-Id: Ia7c6ab0ae35b9b0116c6c9396dfa6e5173967726
Reviewed-on: https://code.wireshark.org/review/15676
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Thou shalt not ever use modelines that put the tab-character tab spots
anywhere other than every 8 characters; that's where Ken and Dennis put
them, and that's where they belong. Use whatever indentation you want,
including 4-space indentation, but do *not* try to arrange that a tab
character moves to the next 4-character boundary, because, in a lot of
UN*X software, it doesn't.
(Yes, this means that Xcode's default is wrong. It *is* wrong,
especially given that it's an IDE for a UNIX.)
Change-Id: I308745cdeef35b7c91ea493da6487baadc357f58
Reviewed-on: https://code.wireshark.org/review/15673
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I74cddcce3104da269e9587ee78ff29785734188f
Reviewed-on: https://code.wireshark.org/review/12479
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Ping-Bug: 10203
Change-Id: Ifa24870d711449b87e9839dd46af614e4aa28fde
Reviewed-on: https://code.wireshark.org/review/15608
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
This fixes the example of the -z follow option.
Also fix up some formatting in the same section.
Bug: 12383
Change-Id: Ic9b2ef5e63ab31d70f2750f9cfdcbab76cf204b6
Reviewed-on: https://code.wireshark.org/review/15667
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Register Wireshark for PacketLogger, ERF, IPFIX, and VWR files on
freedesktop.org, OS X, and Windows (we were already registered for ERF and VWR
files on Windows).
Change-Id: I8105997cb15ea06e1c078489fd88763d4ce9e40c
Reviewed-on: https://code.wireshark.org/review/15635
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For SEQ_ANALYSIS_ANY, color each sequence diagram item according to its
associated packet. For SEQ_ANALYSIS_TCP, color each item according to
its stream.
Bug: 12065
Change-Id: Ib43490fe55039fbcfa793223b5850233a2694a26
Reviewed-on: https://code.wireshark.org/review/15651
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the graphic showing the functional blocks, incorporating the
changes which were listed as incorrect in the corresponding text.
Change-Id: Id962b4e31cb2912a4de75fc0a7e7ab97ff60d117
Reviewed-on: https://code.wireshark.org/review/15662
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Decode SMB2 ioctl FSCTL_OFFLOAD_WRITE,
and clean up FSCTL_OFFLOAD_READ to use a
common function to print the "token".
Bug: 12482
Change-Id: I397522416e3a8508f5a99b8ac055d1ae17218d21
Reviewed-on: https://code.wireshark.org/review/15663
Reviewed-by: Michael Mann <mmann78@netscape.net>
The free routine pointer was renamed to free_func to avoid collisions
with the standard C free() function.
From Jeff Morris' abandoned change Ia3810fe228b497d888d825f8b606078e2f71be65.
Change-Id: Iedeb74625b13d1097da510487b60f38861a42bec
Reviewed-on: https://code.wireshark.org/review/15666
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Michael Mann