Create a TrafficTableDialog (for lack of a better name) parent class
from the general parts of ConversationDialog. Use it to create
EndpointsDialog.
Move the contents of conversation_tree_widget.{cpp,h} to
conversation_dialog.{cpp,h} to match endpoint_dialog and
traffic_table_dialog.
Fill in GeoIP columns dynamically instead of using a hard-coded limit.
Use "endp_" and "ENDP_" prefixes for a lot of endpoint variables and
defines.
Try to make geoip_db_lookup_ipv4 and geoip_db_lookup_ipv6 more robust.
Clean up some includes. Fix a shadowed variable.
Change-Id: I23054816ac7f8c6edb3b1f01c8536db37ba4122d
Reviewed-on: https://code.wireshark.org/review/3462
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The functionality associated with Capture → Capture Filters, Analyze
→ Display Filters, Analyze → Display Filter Macros, and Analyze →
Apply As Column haven't been implemented yet. Disable each menu item
for now so that we don't play tricks on our users.
Follow our current action naming convention. Rename "Apply as Column"
to "Create a Column".
Change-Id: I01901db05adc897d877f6a0a699e3049b0149b4a
Reviewed-on: https://code.wireshark.org/review/3629
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Even though Qt's widget naming suggests otherwise, a QTreeWidget is
usually a better choice for tables than QTableWidget. The former gives
you a nice, clean Plain Old Table while the latter gives you something
that looks and acts like a spreadsheet.
In this particular instance using QTreeWidget also gives us the option
of adding sub-items with detailed information. Do so for attached
addresses.
Allow sorting by traffic while we're here. Simplify the column hiding
logic. Make sure the sparkline delegate isn't editable.
Change-Id: Ia36ba2e12c1c0cb86ae5b2154e6afcf6549ae049
Reviewed-on: https://code.wireshark.org/review/3466
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Refactor (non-GUI) conversation table functionality from gtk/Qt to epan. Also refactor "common GUI" conversation table functionality.
The idea is to not have to modify the GUI when a dissector adds a new "conversation type"
Change-Id: I11f08d0d7edd631218663ba4b902c4a4c849acda
Reviewed-on: https://code.wireshark.org/review/3113
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add a "refresh the local interfaces" method to WiresharkApplication,
which reloads the interface list and emits the "interface list changed"
signal, and invoke it from the Capture -> Refresh Interfaces menu item.
Change-Id: I9641e4b341eb44d773c556691d8bb9dac776ea9d
Reviewed-on: https://code.wireshark.org/review/3195
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Items are sorted by value.
Move common conversation code to ui/conversation_hash.[ch]. Add a
conversation_type_e enum along with convenience functions for fetching
titles, tap names, etc.
We have a single main dialog instead of a main dialog + individual
protocol dialogs. It de-clutters the statistics menu and results in
simpler code. Conversation type tabs can be added and removed within the
dialog itself. The tab list is sticky and saved with the current profile
when the dialog closes. Data can be copied as CSV or YAML.
Add a FilterAction class and a corresponding filterAction slot to
MainWindow. Use it for the Conversations context menu.
Add an addressResolutionChanged signal and related plumbing.
Get rid of the iterator members in the conversation item struct. Update
the GTK+ code accordingly.
Excercise for the reader:
- Update TShark to use the common hash code.
Ping-Bug: 9231
Ping-Bug: 8703
Ping-Bug: 6727
Change-Id: I8728d771fc5b1a85937bed9d898e53c3ecc3a544
Reviewed-on: https://code.wireshark.org/review/2987
Reviewed-by: Michael Mann <mmann78@netscape.net>
Trigger dialog creation by passing a method name to
QMetaObject::invokeMethod. I'm not entirely sure this is sane but it
seems to work OK. Move getopt processing further down in the main initialization sequence
to more closely match GTK+ and allow for stat command registration.
Change-Id: I5cd5375fa71dbadac69d528b2ba3bb13598dc3f6
Reviewed-on: https://code.wireshark.org/review/2964
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Some of those routines are used only in dumpcap; others are used in
TShark and Wireshark as well.
Change-Id: I9d92483f2fcff57a7d8b6bf6bdf2870505d19fb7
Reviewed-on: https://code.wireshark.org/review/2841
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- allow to change the interface options in the table
- save the options to preferences when the dialog is left
- add a field for setting a capture filter for all selected interfaces
- add a "Compile BPF" button and a window to show the compiled filter output
- try to address Alexis' and Evan's comments
Change-Id: Ic1272e29183ec80e2d2f4b3e494c79dabe2c3b6f
Reviewed-on: https://code.wireshark.org/review/1946
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
emem was exposed because of its memory limits trying to output PDML for a very large byte field in a capture file.
When converting from proto_construct_match_selected_string to fvalue_to_string_repr remember proto_construct_match_selected_string includes fieldname + value, not just value
bug:10081
Change-Id: I4fc6ea7fd1f63cff410207c8b30562771af40ada
Reviewed-on: https://code.wireshark.org/review/1578
Reviewed-by: Evan Huus <eapache@gmail.com>
It's causing a few different test failures - I've tracked down at least one of them, but the others are weirder and will require more digging.
This reverts commit 9edba650d1.
Change-Id: I897f8cf1cfbb2a189b2054e5002f59757befa47f
Reviewed-on: https://code.wireshark.org/review/1575
Reviewed-by: Evan Huus <eapache@gmail.com>
emem was exposed because of its memory limits trying to output PDML for a very large byte field in a capture file.
bug:10081
Change-Id: I6346dfdfb5f6381e16761a99291c4be7851185d9
Reviewed-on: https://code.wireshark.org/review/1566
Reviewed-by: Anders Broman <a.broman58@gmail.com>
bug:9718
Change-Id: I05330d8a2475ad0d238723d444f3d98bdbd7be39
Reviewed-on: https://code.wireshark.org/review/1041
Reviewed-by: Michael Mann <mmann78@netscape.net>
For each graph you can set:
- Its visibility
- A name
- A display filter
- Color, from a fixed list
- Plot style: Line, Impulse, Bar, Stacked Bar, Dot, Square, Diamond
- Basic Y Axes (packets/s, bytes/s, bits/s)
- Computed Y Axes (SUM, MIN, AVG, MAX)
- Smoothing
You can pan and zoom using the mouse and keyboard. Clicking on a graph
selects the last packet for that interval. If all graphs have the same Y
axis a single label is shown, otherwise a legend is shown.
The time scale (X axis) can be toggled between relative seconds and the
time of day.
Graphs can be saved as PDF, PNG, BMP, and JPEG. Settings are "sticky"
via the io_graphs UAT.
To do:
- Minimize graph drawing delays.
- Figure out why smoothing differs from GTK+
- Everything else at the top of io_graph_dialog.cpp
- Fix empty resets.
A fair amount of code was copied from TCPStreamDialog. We might want to
subclass QCustomPlot and place the shared code there.
Move common syntax checking to SyntaxLineEdit.
Move some common code from ui/gtk/io_stat.c to ui/io_graph_item.[ch] and
use it in both GTK+ and Qt.
Make the io_graph_item_t array allocation in io_stat.c static. The
behavior should be identical and this gives us additional compile-time
checks.
Change-Id: I9a3d544469b7048f0761fdbf7bcf20f44ae76577
Reviewed-on: https://code.wireshark.org/review/435
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
There's a relatively new feature in 1.11.3 to select a specific file format
reader, instead of relying on magics or heuristics. If you select a file
reader and open a file, open it, and then click the reload-file button or go
to View->Reload or press the ctrl-R keymap, the file is reloaded but using the
magic/heuristics again instead of the file format reader you previously chose.
Likewise, the Lua relaod() function has the same issue (which is how I found
this problem).
I have tested this change by hand, using a Lua script, but I didn't add it
to the testsuite because I need another change for my test script to work
correctly. (an enhancement rather than a bug fix, which I'll submit separately)
Change-Id: I48c2d9ea443e37fd9d41be43d6b6cd5a866d5b01
Reviewed-on: https://code.wireshark.org/review/764
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the text descriptions for the two toolbars: "Main Toolbar" and
"Display Filter", so the right-click context menu shows what you're
removing/adding. And add a View->Toolbar sub-menu, with checkable
"Main Toolbar" and "Display Filter" entries, which enable you to
show/hide the toolbars via the menu.
If someone has/prefers better names for these things, I'm all ears.
Change-Id: I55b9fbaed2ef6dca3260fa9dfdddd7dad95d05c4
Reviewed-on: https://code.wireshark.org/review/608
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Rebase with last change and add Logcat export
Change-Id: Idc9b444b1bf14b95ff60e8466e94f7eecd875b47
Reviewed-on: https://code.wireshark.org/review/14
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Now that we have the ability to choose input file format type
in the GUI, we might as well have it in the command-line too.
Plus it would help me in test-stuies if we had a commandline.
So I've added a '-X read_format:Foo' for this. Using just
'-X read_format:', or with a bad name, will make it print out
the full list (in tshark); just like the '-F' does for output
file formats.
Note: I am *not* putting in code for Win32 GUI,
because I can't compile that and I wouldn't have even
done the GTK one if I could compile Qt originally. (I don't think we need
to add any more features to GTK or Win32, just Qt from now on,
right?)
Change-Id: I2fe6481d186f63bd2303b9e591edf397a2e14b64
Reviewed-on: https://code.wireshark.org/review/493
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix a modeline while we're at it.
Change-Id: Ief6d5edbe33456170059cfab4f436f0844de32a1
Reviewed-on: https://code.wireshark.org/review/440
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The best heuristic can fail, so add possibility to manually choose
capture file format type, so not correctly recognize file format can be
loaded in Wireshark.
On the other side now it is possible to open capture file
as file format to be dissected.
Change-Id: I5a9f662b32ff7e042f753a92eaaa86c6e41f400a
Reviewed-on: https://code.wireshark.org/review/16
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
capture interfaces dialog code, *and* the code that calls it, under
HAVE_LIBPCAP.
Still more stuff to remove from the no-pcap UI, such as the Capture
menu, the capture filter in the main window, and the list of interfaces
in the main window.
svn path=/trunk/; revision=53582
* Reuse sparkline from welcome
* Split settings in tab (!= GTK)
* No all feature work (Work In Progress...)
* ...
Comments (and review) are welcome !
svn path=/trunk/; revision=53563
I may eventually switch this to use proto_* values instead of strings, but just the addition of the loop is more jarring as compared to the simple comparing of ip or ethernet values. But it should lead to a smaller (less protocol specific) packet_info structure.
svn path=/trunk/; revision=53476
Add menu items for each corresponding item in gtk/main_menubar.c that
calls gtk_stats_tree_cb(). Hopefully that's everything. Note that we use
quite a bit less code than the GTK+ flavor and why we might not want to
do that. Change a few things in ui/qt/CMakeLists.txt to more closely
match the GTK+ version. Add plumbing for tap registrations in
CMakeLists.txt and Makefile.am. Add the ability to copy text as CSV or
YAML.
svn path=/trunk/; revision=53464
Collect packet numbers when following streams so that we can correlate
text positions with packets. Add a FollowStreamText class so that we can
track mouse events. Add a hint label that shows the packet under the
cursor along with packet counts and the number of "turns".
Add the packet number to the C array dump. Note that dumping to YAML
might be useful for Scapy users.
svn path=/trunk/; revision=53314
Gerald Combs